undefined | Better HN

0 pointsGroxx2y ago0 comments

I think the remark is because: MITM would allow them to spoof the DNS response entirely, so they can replace it with whatever key they want. Doesn't matter what level of security the key claims at that point, it's attacker-controlled and they can just read whatever you send next.

0 comments

4 comments · 2 top-level

jacooper2y ago· 2 in thread

This wouldn't be possible with dnssec right?

Anunayj2y ago

Yes, however it defeats one of the main point of ECH, that is encrypting the SNI. Since the domain is leaked in plaintext DNS.

jacooper2y ago

Why? You can just use DNS-over-TLS/HTTPS + dnssec + ECH + TLSv1.3 and then you should have a unblockable website(outside of IP address bans).

1 more reply

mwwaters2y ago

I think the DNS key is only for the handshake to provide the certificate for the actual key. Without a certificate from a CA for second part, all the spoofed DNS key would get is what website they were trying to visit.

j / k navigate · click thread line to collapse