IETF Logo Mail Archive

Re: [Add] What to do in this potential working group

Alec Muffett <alec.muffett@gmail.com> Wed, 21 August 2019 21:26 UTC

Return-Path: <alec.muffett@gmail.com>
X-Original-To: add@ietfa.amsl.com
Delivered-To: add@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6CC2312081E for <add@ietfa.amsl.com>; Wed, 21 Aug 2019 14:26:08 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.997
X-Spam-Level:
X-Spam-Status: No, score=-1.997 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id kLHl9gGF0AgB for <add@ietfa.amsl.com>; Wed, 21 Aug 2019 14:26:05 -0700 (PDT)
Received: from mail-yb1-xb34.google.com (mail-yb1-xb34.google.com [IPv6:2607:f8b0:4864:20::b34]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C890612080D for <add@ietf.org>; Wed, 21 Aug 2019 14:26:05 -0700 (PDT)
Received: by mail-yb1-xb34.google.com with SMTP id h8so1619893ybq.9 for <add@ietf.org>; Wed, 21 Aug 2019 14:26:05 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=hePCjxWevwiyqmZl2kkcUWafAN/EOd++UgFbz/0FHD8=; b=H9N/fVSL4a9svidNspdD981tQJO/oRuZHOygnYejFIiSkfRZQ9uAd+RHVIo3nAGzeR LHe/d7GrC3P84eeQmRuHwaIX5FGMVLh6CCofB6Z2NxxUUb7gxAMVvUPcETnAm7+eL7g4 f+LAHRDzCRP50K+UiOximdv32RRC48qQFjmpabig3DXuYEW9pu/Ansr5Upioqsha3jz1 Z+EpGcIsrWhknBxPoLB9jiqSleV+r9B8a/le2RGEzXbgDbn2DGZGipG8dlsY44fc+MhL p8Vnx3KDu2h5tP7olOLJ293YA6wJhTVTnv0lSJkymX1VV3kPwld5QWl9j3oVPyaAqaF8 Kc6Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=hePCjxWevwiyqmZl2kkcUWafAN/EOd++UgFbz/0FHD8=; b=NqjX9Bgl8pgQqdP6UQU+dESb0xoR64wVRExDkNid0MaKUgsJZt2oebFiu2+NtOvjaQ G9qgNGR1V6Godp6tXq1LIHM3pVbTE2ARYwmxazv8dtGv3AUsf4uWp8Gz/NM58hc3txxA JSSrdJccx27oaNBtr8SbSKX9WN/n8FuMKUpmOF8eLVnl/BWiH5q4Pd3/XOl7jJ7KCFsZ FpDhqd4GAbaFnO9fZbyENQFS4IE+fynIwYykBODkwG9Y1eaM/WAAQ83QmsdhQ4xJSPoK bIl96JUwBeQiFMgkAeCqyifLgpHRQPT53sPE6qUvc/a37Wt2C7TAMukJJfHVXEliJ4t5 BVKA==
X-Gm-Message-State: APjAAAVnUjxGsM8N9x6XyltNyRh+/VzUcuW86JIBXoKzqWvpShvysg2X iFK8MGWUunF+HdHCQ2YXXauiT4+lefez/ZO88ci/nQ==
X-Google-Smtp-Source: APXvYqzXQTO/s4zQCYq99WpKnmgMNdyBWLKBl8gzZU5MUTiHlhIMvlDmaZgBi2SmOLmbMvPzT6LaNMLlgWc4fPEViMM=
X-Received: by 2002:a25:ada8:: with SMTP id z40mr24262562ybi.147.1566422764730; Wed, 21 Aug 2019 14:26:04 -0700 (PDT)
MIME-Version: 1.0
References: <A1128702-1E19-4657-9740-E84AE09992F2@piuha.net> <CABcZeBMfOTjq-8hDDoKMtJvfHUA5nC8o60zuk-2Xe-ZhfwriJQ@mail.gmail.com> <766112E1-F532-4C6B-8CA8-A096671E02EE@piuha.net> <CA+9kkMAfuOwJu8_qJTuhAY4mUwR+tVUxr+k3QFHBk3byV672Ow@mail.gmail.com> <A7EA862E-8E80-40E3-834D-E628988C0A24@virtualized.org> <CAFWeb9KT=2JL0oHUgJ2WMcduR3na+hP2QncvRR4YurmqsAWxTA@mail.gmail.com> <59E0EC53-0E30-431C-8376-52C7BFC121A8@virtualized.org> <CAFWeb9+Z7RmXEr46qx5PaUcxh2R3+HXhrZeW-8QEMX4HLt7a-w@mail.gmail.com> <589DAFCB-1BDC-4156-A2CA-179C4559A6B2@virtualized.org>
In-Reply-To: <589DAFCB-1BDC-4156-A2CA-179C4559A6B2@virtualized.org>
From: Alec Muffett <alec.muffett@gmail.com>
Date: Wed, 21 Aug 2019 22:25:53 +0100
Message-ID: <CAFWeb9+Ki8AsKDXn_2npL4tNQwLKzsjmVcAGfR3YDu5XRzuDqA@mail.gmail.com>
To: David Conrad <drc@virtualized.org>
Cc: ADD Mailing list <add@ietf.org>
Content-Type: multipart/alternative; boundary="00000000000075becc0590a7386d"
Archived-At: <https://mailarchive.ietf.org/arch/msg/add/FH8QtyTUyEWNQyVqu8VFlXibTs4>
Subject: Re: [Add] What to do in this potential working group
X-BeenThere: add@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Applications Doing DNS <add.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/add>, <mailto:add-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/add/>
List-Post: <mailto:add@ietf.org>
List-Help: <mailto:add-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/add>, <mailto:add-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 21 Aug 2019 21:26:13 -0000

On Wed, 21 Aug 2019, 22:04 David Conrad, <drc@virtualized.org> wrote:

> If your interest is ensuring that the DNS data the client is receiving
> corresponds with what the authority for the domain inserted into the zone,
> what you are assuring is essentially meaningless,
>

Concur; but the thing is, to hammer this point home in really short words:
that is not what I am concerned about.


DoH is channel protection. Can we please stop suggesting DoH addresses data
> integrity?
>

We are not doing so; in fact at the risk of appearing ad-hominem, I will go
so far as to suggest that you are only pretending that we are talking about
data integrity, because it is the only lever you have available in order to
attempt to attack this channel protection value proposition.

We are talking about channel protection as a value proposition to clients
and applications in the typical threat models which are relevant to them.

We are talking about "Applications Doing DNS".

We are talking about clients and channels.

Data integrity is a matter of DNS infrastructure, both systems and data and
metadata. I propose that it is outside of the scope of this list.

-a

v2.23.0 | Report a Bug | By Email