DANE (DNS-Based Authentication of Named Entities) – TLS without CAs

#The Holy Grail: Bypassing the Certificate Authorities#link

We have spent a lot of time on X.509 Certificates and the Trust Chain of CAs. But as we saw in Module 2, the CA system is fragile—if one CA is compromised, the whole system is at risk. DANE (DNS-based Authentication of Named Entities) is a radical alternative: it uses DNSSEC to verify TLS certificates, effectively making DNS the 'Certificate Authority'.

What is DANE?

DANE uses a special DNS record called `TLSA`. This record allows a domain owner to say: 'The only valid certificate for this website is the one with this specific public key.' Because the `TLSA` record is signed with DNSSEC, the client knows it can trust the key. The client then connects via TLS and checks if the server's certificate matches the key in the DNS.

# Conceptual TLSA record
_443._tcp.example.com. IN TLSA 3 1 1 [Hash of Public Key]

The TLSA record has three fields: the usage (how to use the key), the selector (which part of the cert to hash), and the matching type (is it a full cert or just a public key?).

DANE in the Real World: SMTP Security

The biggest success of DANE is in email. Traditionally, email servers used 'Opportunistic TLS'—they tried to encrypt, but if it failed, they sent in cleartext. With DANE, a mail server can publish a TLSA record. The sending server *must* verify the certificate against the DNS record. If they don't match, the mail is not sent, preventing a massive class of MitM attacks on email.

• ▪Deploy DNSSEC first (DANE is impossible without it)
• ▪Configure TLSA records for high-security endpoints
• ▪Use DANE to enforce 'Pinning' without the risks of HPKP
• ▪Monitor for TLSA mismatch alerts in mail logs