IETF Logo Mail Archive

Re: [Add] Proposed charter and BoF request for IETF 106

tirumal reddy <kondtir@gmail.com> Thu, 10 October 2019 15:51 UTC

Return-Path: <kondtir@gmail.com>
X-Original-To: add@ietfa.amsl.com
Delivered-To: add@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DFA8812029C for <add@ietfa.amsl.com>; Thu, 10 Oct 2019 08:51:57 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.997
X-Spam-Level:
X-Spam-Status: No, score=-1.997 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wc48j4m0m5P1 for <add@ietfa.amsl.com>; Thu, 10 Oct 2019 08:51:55 -0700 (PDT)
Received: from mail-io1-xd33.google.com (mail-io1-xd33.google.com [IPv6:2607:f8b0:4864:20::d33]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 86AA11200C1 for <add@ietf.org>; Thu, 10 Oct 2019 08:51:55 -0700 (PDT)
Received: by mail-io1-xd33.google.com with SMTP id a1so14822464ioc.6 for <add@ietf.org>; Thu, 10 Oct 2019 08:51:55 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=83OFaUJ6fHIySNbHk0djbYwxKvGdflJcIWAuOVV4Wgc=; b=MbvnWSP8mOFQxrQK/GH4vyxd7LR3STGs/HmlX8ju1cB5Zi9Ko6UIYxSxu6s0vgil+7 2mrQ0KO0QBMN4ZG2H6hmUjtuDnzPu2KOx3rq/Nn02KutBbvQnhBhXnHIq8DUsWdnPY8R FgYXumd2CYn8HvGVVxUytJFuePW18PyX/RkIfEO1xNR/uKzoyedW2zcEYx55DtkSrb/t SNoo5rICDoCO1QXMCDVeUgF9vXRt/tNyY2IPhacS6R1zqp9Vkx69bdVsuDo4ofA0sXwW ATRxgyH16jjV9o5QNDojC4GffT7Cu89Iuz3W6sxd5cVtjL2ThB238QUW6mMzi5ybMymb ETpg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=83OFaUJ6fHIySNbHk0djbYwxKvGdflJcIWAuOVV4Wgc=; b=Fkg+SBrE/KLkawNlu+p9xZ6dEc1HEyRRHUzPomhE3uib3YjGvVJpZh6+xmvzNPQKbR WlPtuCdVUr5hEKvUbwyrXPECCZmoDp930zDoSWEbrcpRbqyis6C9yzLBBC5Dwa5vvGz6 JZBcU4GBJZvz9GntKXTGAeV9KQ7+FcdQX6BOP+dCyOREmR7TXNzaDpPlnDYyg9rLA2Iw 3RBzOqnIVyO9/GMEcq+l8xAN/kJbsIP68gDqgh/WK/dSzmlB4qECo+aQQfJmD0jMPRNE YUiTpwQZ5CUP5kA68fQTsy6XqQMCa6WXsHErIw1k6pu2Zhtxj/7Y5GSoihI29FVVYXz7 SbpQ==
X-Gm-Message-State: APjAAAVfauhdJhbfUlesROoLvd8BitHZ819vnQkbKTL/XRR3a5kfftPb 0nCJF8tGwJcrt0MejXg/4AFmkh+sl/vnMDUyFLliiSU83Uo=
X-Google-Smtp-Source: APXvYqzIuqT9GTmTiENi5h08orQTf4OI/xx4TXq2G48immgIB4H0LCK9ut5t6cbDg8dmtKEUj55vPw9N/O7AhMLD1vo=
X-Received: by 2002:a02:c610:: with SMTP id i16mr11263805jan.51.1570722714726; Thu, 10 Oct 2019 08:51:54 -0700 (PDT)
MIME-Version: 1.0
References: <CALaySJLxXVuHQNfTnaeKZ_R9xtBYWfbta+A1bWcE-ZQZwd3VZg@mail.gmail.com> <CABcZeBMkAFZW9mWjw92v+OR0Fa8ed+P80yc78eY07hCpsCNY6Q@mail.gmail.com> <1556423899.28427.1570640191209@appsuite-gw2.open-xchange.com> <CABcZeBNyRDqnVL68aXny=Ht69NjahmS4zRsnYizO53M--rhM5g@mail.gmail.com> <alpine.LRH.2.21.1910091313590.2297@bofh.nohats.ca> <CAFpG3gch-mgJJMO1rEg61PhYNKeKYiJwz4NTQ3QDbEb=WNkyQw@mail.gmail.com> <CABcZeBM68EWDO3rTOCnWfmieAGzxwR9YUj4pyvDtECFEDoFiNw@mail.gmail.com>
In-Reply-To: <CABcZeBM68EWDO3rTOCnWfmieAGzxwR9YUj4pyvDtECFEDoFiNw@mail.gmail.com>
From: tirumal reddy <kondtir@gmail.com>
Date: Thu, 10 Oct 2019 16:51:41 +0100
Message-ID: <CAFpG3gf7+t1wZxinEB=yMe1NiEzS7OQw7gOUX49TB5qX7jV3XQ@mail.gmail.com>
To: Eric Rescorla <ekr@rtfm.com>
Cc: Paul Wouters <paul@nohats.ca>, ADD Mailing list <add@ietf.org>
Content-Type: multipart/alternative; boundary="00000000000073b5420594906113"
Archived-At: <https://mailarchive.ietf.org/arch/msg/add/HyPSI9LYcRrY-MC1GNCLCnCUAi0>
Subject: Re: [Add] Proposed charter and BoF request for IETF 106
X-BeenThere: add@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Applications Doing DNS <add.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/add>, <mailto:add-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/add/>
List-Post: <mailto:add@ietf.org>
List-Help: <mailto:add-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/add>, <mailto:add-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 10 Oct 2019 15:51:59 -0000

On Wed, 9 Oct 2019 at 19:32, Eric Rescorla <ekr@rtfm.com> wrote:

>
>
> On Wed, Oct 9, 2019 at 11:04 AM tirumal reddy <kondtir@gmail.com> wrote:
>
>> On Wed, 9 Oct 2019 at 18:15, Paul Wouters <paul@nohats.ca> wrote:
>>
>>> On Wed, 9 Oct 2019, Eric Rescorla wrote:
>>>
>>> > You're misunderstanding me. I'm not saying that we should not enable
>>> network operators to shift to encrypted transport.
>>> > As I said in the section of my message that you cut, I'm more than
>>> happy to have the IETF standardize a mechanism for
>>> > the network to tell endpoints that it supports encrypted transport.
>>> I'm merely observing that this does not address the
>>> > issue that Mozilla is trying to address with our DoH/TRR deployment.
>>>
>>> And it seems doing this at the DHCP / Captive Portal level is enough. I
>>> don't see the need for a WG to be spun up for this.
>>>
>>
>> DHCP is not a secure way to discover the local DoT/DoH server.
>>
>
> It would probably useful to start by defining what "secure" means in this
> context.
>

"secure" means only the operator of the network should be able to advertise
the  DoT/DoH server. If DHCP is used, attacker can spoof the DHCP response.


> For instance, I am in an airport and I see the name of the WiFi AP printed
> on the wall an join a network with that SSID. How would you define securely
> learning the DoH server?
>

The user cannot know the SSID is hosted by the airport IT admin or by an
attacker in the first place. I don't think the charter of the WG is
targeted only for public WiFi, local resolver discovery is critical in
Home, Mobile and Enterprise networks to meet some of the issues raised in
https://tools.ietf.org/html/draft-reid-doh-operator-00.

-Tiru


>
> -Ekr
>
>
>> -Tiru
>>
>>
>>>
>>> Paul
>>>
>>> --
>>> Add mailing list
>>> Add@ietf.org
>>> https://www.ietf.org/mailman/listinfo/add
>>>
>> --
>> Add mailing list
>> Add@ietf.org
>> https://www.ietf.org/mailman/listinfo/add
>>
>

v2.23.0 | Report a Bug | By Email