Understanding How DANE Enhances TLS Security with DNSSEC

September 16, 2024 · 7 min read

Senior Consultant Cloud

Overview

DANE (DNS-based Authentication of Named Entities) is a protocol that enables domain owners to specify which TLS certificates should be trusted for a given service via DNSSEC (DNS Security Extensions). This adds an extra layer of security to TLS connections, ensuring that the certificate used in the communication is valid and matches what the domain owner has specified. DANE allows administrators to bind X.509 certificates (used in TLS) to their domain names securely using DNS.

Key Functions of DANE:

Certificate Validation: DANE enables verification of TLS certificates directly through DNS, without relying solely on public certificate authorities (CAs).
Protection Against Misissued Certificates: Since the certificate is validated through a DNS record (protected by DNSSEC), it prevents attacks involving rogue or misissued certificates.
Strengthens TLS Security: DANE provides an additional layer of trust by ensuring that the domain owner controls which certificates are valid, thereby enhancing the integrity of TLS connections.

DANE Workflow

DNS Query for TLSA Record:
- A client initiating a TLS connection queries the domain's DNS to retrieve the TLSA record, which specifies which certificates are trusted for the domain.
DNSSEC Validation:
- The DNS query for the TLSA record must be validated through DNSSEC to ensure the integrity of the response and prevent tampering or spoofing. Without DNSSEC, the security of DANE cannot be guaranteed.
TLS Certificate Verification:
- Once the TLSA record is retrieved, the client checks the certificate presented by the server during the TLS handshake against the information in the TLSA record.
Connection Established:
- If the certificate matches the one specified in the TLSA record, the TLS connection is established securely. If it does not match, the connection is either rejected or flagged as insecure.

DANE DNS Record Details

The core of DANE is the TLSA (Transport Layer Security Authentication) DNS record, which specifies which certificate or public key should be used when establishing a TLS connection to a particular service (e.g., SMTP, HTTPS).

Name

_port._protocol.[domain].[topdomain]

Example Value

_443._tcp.example.com. IN TLSA 3 1 1 abc123...

TLSA Record Fields

A TLSA record consists of four fields:

Field	Description
Usage	Specifies how the certificate is to be used. It indicates whether the certificate must match a specific certificate or just be part of a valid certification path.
Selector	Defines what part of the certificate should be checked (e.g., full certificate or just the public key).
Matching Type	Describes how the selected data should be matched (e.g., exact match, SHA-256 hash).
Certificate Association Data	The actual data to match (either a hash or the full certificate/public key).

Usage Field Values

Value	Meaning
0	CA Constraint: The certificate must be issued by a specific CA listed in the TLSA record.
1	Service Certificate Constraint: The server must use a specific certificate directly listed in the TLSA record.
2	Trust Anchor Assertion: The server's certificate must chain to a specific trust anchor, not necessarily a public CA.
3	Domain-Issued Certificate: The server uses a certificate issued directly by the domain owner. No public CA is needed.

Selector Field Values

Value	Meaning
0	Full certificate (X.509)
1	Subject Public Key (only the public key is used for verification)

Matching Type Field Values

Value	Meaning
0	Exact match of the raw certificate or public key.
1	SHA-256 hash of the certificate or public key.
2	SHA-512 hash of the certificate or public key.

DANE Record Examples

Service Certificate Constraint (Usage 1)

_443._tcp.example.com. IN TLSA 1 1 1 [hash-of-certificate]

This specifies that the server must use a specific certificate, and the client should verify the SHA-256 hash of the certificate.
CA Constraint (Usage 0):

_443._tcp.example.com. IN TLSA 0 0 2 [hash-of-issuing-ca-certificate]

This specifies that the server's certificate must be issued by a specific CA whose SHA-512 hash is provided.
Domain-Issued Certificate (Usage 3):

_443._tcp.example.com. IN TLSA 3 1 1 [hash-of-public-key]

This allows the domain to act as its own certificate authority, issuing and using certificates without relying on third-party CAs.

Benefits of DANE

Enhanced Security Through DNSSEC:
- DANE leverages DNSSEC to ensure the integrity of DNS records, preventing attacks like DNS spoofing or man-in-the-middle attacks. By validating the TLSA records, clients can trust that the correct certificate is being used.
Protection Against Rogue CAs:
- DANE can protect against rogue certificate authorities by allowing domain owners to specify which CAs are allowed to issue certificates for their domain or directly associate their own certificate with the domain.
Self-Issued Certificates:
- With Usage 3, domain owners can use their own self-signed certificates, bypassing traditional public CAs while still maintaining a high level of security.
Flexibility for TLS Services:
- DANE can be used with various services that support TLS (e.g., HTTPS, SMTP), providing flexibility in securing connections over different protocols.

Use Cases for DANE

Email Security with DANE and SMTP

DANE is commonly used to secure SMTP (email transmission). When paired with SMTP MTA-STS or STARTTLS, DANE ensures that email servers use the correct TLS certificate when establishing connections, preventing downgrade attacks.

HTTPS Validation

DANE can also be used to validate certificates for HTTPS connections, providing an extra layer of trust beyond the traditional CA-based system.

DANE and DNSSEC

DNSSEC (DNS Security Extensions) is critical to the functionality of DANE. Without DNSSEC, a TLSA record could be spoofed by an attacker, leading to the validation of a malicious certificate. DNSSEC ensures that the TLSA records retrieved by clients are authentic and have not been tampered with.

DNSSEC uses a chain of trust, starting from the DNS root zone, to ensure that DNS records are signed and validated. When a client queries a TLSA record, DNSSEC ensures that the response has not been altered in transit.

Challenges and Considerations

DNSSEC Requirement

DANE is only secure if DNSSEC is enabled and correctly configured for the domain. Without DNSSEC, DANE loses its trust model, as an attacker could spoof the TLSA record.

Limited Client Support

Although DANE offers robust security features, its adoption has been slower compared to other certificate validation mechanisms. Not all clients and services support DANE, and the infrastructure for DNSSEC is still growing.

Certificate Management

Domain owners must ensure that their TLSA records are kept up-to-date, particularly when certificates are renewed or reissued. Failure to do so can result in clients rejecting valid connections due to mismatched certificates.

Conclusion

DANE (DNS-based Authentication of Named Entities) enhances the security of TLS connections by binding certificates to DNS records through DNSSEC. By allowing domain owners to specify which certificates should be trusted, DANE reduces the risk of man-in-the-middle attacks, rogue certificates, and misconfigurations. While DANE is primarily used for SMTP and HTTPS, its flexibility makes it applicable to any service that uses TLS, offering a more secure alternative to traditional certificate validation models.

Overview​

Key Functions of DANE:​

DANE Workflow​

DANE DNS Record Details​

Name​

Example Value​

TLSA Record Fields​

Usage Field Values​

Selector Field Values​

Matching Type Field Values​

DANE Record Examples​

Benefits of DANE​

Use Cases for DANE​

Email Security with DANE and SMTP​

HTTPS Validation​

DANE and DNSSEC​

Challenges and Considerations​

DNSSEC Requirement​

Limited Client Support​

Certificate Management​

Conclusion​