Comment by ysnp

You'll have to judge for yourself whether this demonstrates deep understanding of both arguments, but I did try to be evenhanded in these posts:

https://educatedguesswork.org/posts/dns-security-dnssec/ https://educatedguesswork.org/posts/dns-security-dane/

From my perspective, the challenge with DNSSEC is that it just doesn't have a very good cost/benefit ratio. Once the WebPKI exists, "critical path" use of DNSSEC only offers modest value. Now, obviously, this article is about requiring CAs to check DNSSEC, which is out of the critical path and of some value, but it's not clear to me it's of enough value to get people to actually roll out DNSSEC.

> Why are they (DNSSEC + WebPKI) never considered complimentary?

WebPKI works without DNSSEC, whereas DANE (a more secure WebPKI replacement) depends on a robust DNSSEC deployment.

I'll share a couple of thoughts, but do read EKR's blog first:

- Web PKI is inherently insecure and can't be fixed on its own. The root problem is that the CAs we "trust" can issue certificates without technical controls. The best we can do is ask them to be nice and force them provide a degree of (certificate) transparency to enable monitoring. This is still being worked on. Further, certificates are issued without strong owner authentication, which can be subverted (and is subverted). [3]

- The (very, very) big advantage of Web PKI is that it operates online and supports handshake negotiation. As a result, iteration can happen quickly if people are motivated. A few large players can get together and effect a big change (e.g., X25519MLKEM768). DNSSEC was designed for offline operation and lacks negotiation, which means that everyone has to agree before changes can happen. Example: Kipp Hickman created SSL and Web PKI in 3 months, by himself [1]. DNSSEC took years and years.

- DNSSEC could have been fixed, but Web PKI was "good enough" and the remaining problem wasn't sufficiently critical.

- A few big corporations control this space, and they chose Web PKI.

- A humongous amount of resources has been spent on iterating and improving Web PKI in the last 30 years. So many people configuring certificates, breaking stuff, certificates expiring... we've wasted so much of our collective lives. There is a parallel universe in which encryption keys sit in DNS and, in it, no one has to care about certificate rotation.

- DNSSEC can't ever work end-to-end because of DNS ossification. End-user software (e.g., browsers) can't reliably obtain any new DNS resource records, be it DANE or SVCB/HTTPS.

- The one remaining realistic use for DNSSEC is to bootstrap Web PKI and, possibly, secure server-to-server communication. This is happening, now that CAs are required to validate DNSSEC. This one changes finally makes it possible to configure strong cryptographic validation before certificate issuance. [2]

[1] https://www.feistyduck.com/newsletter/issue_131_the_legend_o...

[2] https://www.feistyduck.com/newsletter/issue_126_internet_pki...

[3] https://redsift.com/guides/a-guide-to-high-assurance-certifi...

To add a dissenting voice.

I've worked with small businesses and even small technical teams as a DNS consultant specifically.

DNS has only been a source of issues and confusion and not at all related to any requirements, just a form of checkbox implementation.

I do understand it's one of those technologies that are developed due to legitimate requirements, but it flows downstream and people just adopt it without really understanding the simpler solutions or what exactly it's meant to do.

That said if I had ever gotten a bigger client like a TLD registrar or a downstream registrar, then sure I would have had to work with it, but I've only ever had to learn how to uninstall it actually.

Bad arguments and FUD when it was being rolled out. Sysadmins also don't want to touch working infra code, you can see that with AWS lagging on IPv6.