Re: [Add] [EXTERNAL] Re: draft-grover-add-policy-detection-00
Erik Kline <ek@loon.com> Tue, 16 July 2019 20:37 UTC
Return-Path: <ek@google.com>
X-Original-To: add@ietfa.amsl.com
Delivered-To: add@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 07BD312006A for <add@ietfa.amsl.com>; Tue, 16 Jul 2019 13:37:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -9.249
X-Spam-Level:
X-Spam-Status: No, score=-9.249 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.249, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_SPF_WL=-7.5] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=loon.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 973jAaoekDms for <add@ietfa.amsl.com>; Tue, 16 Jul 2019 13:37:30 -0700 (PDT)
Received: from mail-io1-xd2c.google.com (mail-io1-xd2c.google.com [IPv6:2607:f8b0:4864:20::d2c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0A22A120120 for <add@ietf.org>; Tue, 16 Jul 2019 13:37:30 -0700 (PDT)
Received: by mail-io1-xd2c.google.com with SMTP id m24so42222301ioo.2 for <add@ietf.org>; Tue, 16 Jul 2019 13:37:29 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=loon.com; s=google; h=mime-version:references:in-reply-to:reply-to:from:date:message-id :subject:to:cc; bh=QJX5YYdzMrT0KceuWfSshSthk2g2kcoj+th26sGCs0E=; b=K3z6aX0RJw/kFtcacQq4rHdqR04His4hYX8BPYyIuCfwdYW7NNSFP5GSBv9oIgWOTO XnofX2pF2zddDqtUAo1Qvc+4JAUzl4ZFk1yW07Vz6OLit6lH/U/AP1f0ITBCwXWPsSB1 dyPT/lMnzYFYe8nAL94lc3qYZOkekYNzkCckw=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:reply-to :from:date:message-id:subject:to:cc; bh=QJX5YYdzMrT0KceuWfSshSthk2g2kcoj+th26sGCs0E=; b=BUflbyjiiVGXb+dnb9Oxfis1/43rKQ7NmwK8FNbtNT8gVVVPSkN8uteuihqy4B6CrS CTgVsqecL3elNMYkErYRpprpBDEtKVSfna3eTR9aBJ6dKSl2JoYhzyYLF/w5Jd1qzSr1 mhkIcg9lcvSa15epjcglcxmn/5q5sjYiE2pK6uO+P2R+BGDCawxhlYc/T2yk6juDQHuZ vJNSTyf9A7l+m8hGDe2CriYbQEMvZiYShjBtKXEnEWsxZfZnSQ6vaF+3MGlRvC8+OP06 c2BhuZyDLQTG2qDu3A80xNj/9OXRQopOLvq5xfJO1mFONmXvbwRD9OFR1AVLob4O5uuF /yfA==
X-Gm-Message-State: APjAAAUGyWeKH5r9hELV24LMBQNUaaoUoZnbMOm5fEBkjAcr3woIDKAd lxKxsVHT/a2lpMRtdZD5WlJXoXJp1JBjCdoO78j81A==
X-Google-Smtp-Source: APXvYqyWYlfkPXHGd68PGwAGwZObWZZCKKaPsvfQm6EP+WpyJWjBDue4O6iWX7dSFPLf1Zv0LYd/p9jAXQm97q3FhNY=
X-Received: by 2002:a6b:4f0d:: with SMTP id d13mr35234768iob.170.1563309448935; Tue, 16 Jul 2019 13:37:28 -0700 (PDT)
MIME-Version: 1.0
References: <CAChr6SwEUz9MrdRA0bnv9f-oNi0oUHkfRKjd9-o6jwhuckLXdw@mail.gmail.com> <CAFWeb9LNdT=EYVKTsYDxcBCQKoQFNShKotYtWujt4U9GA-V1mg@mail.gmail.com> <CAFWeb9+eWKSKY9O2JLn9-0+Zq7hrD48F-y+Y4T-iRaaF0vtdOA@mail.gmail.com> <A45F4F74-D6C1-435A-A52F-C2DEA82E2999@sky.uk> <CAFWeb9JVBj+Yehup5q4v9X-7XDY+02frd-04AQGL2HoSLON2qA@mail.gmail.com> <CABcZeBMY9q9vKGse1svzbvXF_dSHA+9q06j4ugDVCZP9VT1koQ@mail.gmail.com> <CAChr6Sz5Rfz=UxOYuPguSvVK2HCX2ZoA1-FytW7+EOUxN8y46Q@mail.gmail.com> <CABcZeBNB7ASu2U3ZMBZ+OOxEhbSnhDXwFN3Lsex1uzVSDv3R=Q@mail.gmail.com> <CAChr6SwEwRRX7BA6ZCeBuC93hFxbfi3d7G_3G3VA7Lm09yuneg@mail.gmail.com> <CABcZeBNa97Vb6Fw-fMhoZnMezGtm3nJODENN4=XXsz7GWxf2Cg@mail.gmail.com> <CAChr6Sxm__NroZ92v4HL_6iCa62fwYgNw9r8ZDAxCdzVwNoDGw@mail.gmail.com> <CABcZeBMxQgDZJs3BQkb7xiN6Gm=joBqLmTnHCO+TMdKQyUepOg@mail.gmail.com> <CAChr6SxN+72tY6_6tw-TeBWeYh4XQr-VRip_2LQh3Mnsk85GPw@mail.gmail.com> <CABcZeBPNevTZDXXXuRS87+YpZ8xY+Y79inW2x0AmPL2Hd9xNmQ@mail.gmail.com> <CAChr6SwYv66zuxCQv0FOjuqqsLxmVL++bK37x9G1S24XUKVgYg@mail.gmail.com> <CABcZeBOXfR0a+j0KF0FZPt=9ahNE0JsqO4=tg6Dr80TcBi895A@mail.gmail.com> <CAChr6Sz06FsM_ongo=kVgn5AO3ziawijFqBCRkmjOBXheggh2A@mail.gmail.com> <CABcZeBM99i_rrq7NM2bdkKt+N8n3R8qAPv3yUgOpSkpd69a3=Q@mail.gmail.com>
In-Reply-To: <CABcZeBM99i_rrq7NM2bdkKt+N8n3R8qAPv3yUgOpSkpd69a3=Q@mail.gmail.com>
Reply-To: ek@loon.com
From: Erik Kline <ek@loon.com>
Date: Tue, 16 Jul 2019 13:37:16 -0700
Message-ID: <CAAedzxq2rT42WYzArKmSk18ubUFKCLZds5GHFBZKqEd_wNwqfQ@mail.gmail.com>
To: Eric Rescorla <ekr@rtfm.com>
Cc: Rob Sayre <sayrer@gmail.com>, add@ietf.org, "Dixon, Hugh" <Hugh.Dixon@sky.uk>, Alec Muffett <alec.muffett@gmail.com>
Content-Type: multipart/alternative; boundary="000000000000617b31058dd258b1"
Archived-At: <https://mailarchive.ietf.org/arch/msg/add/RtcPs8ToY25692ZU9KWhUvfZudo>
Subject: Re: [Add] [EXTERNAL] Re: draft-grover-add-policy-detection-00
X-BeenThere: add@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Applications Doing DNS <add.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/add>, <mailto:add-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/add/>
List-Post: <mailto:add@ietf.org>
List-Help: <mailto:add-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/add>, <mailto:add-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 16 Jul 2019 20:37:32 -0000
On Tue, 16 Jul 2019 at 13:24, Eric Rescorla <ekr@rtfm.com> wrote: > > > On Tue, Jul 16, 2019 at 1:17 PM Rob Sayre <sayrer@gmail.com> wrote: > >> On Tue, Jul 16, 2019 at 1:11 PM Eric Rescorla <ekr@rtfm.com> wrote: >> >>> >>>> In fairness, I'm not sure I quite follow. But, if I worked at a browser >>>> vendor, I would be worried about DoH rollout too. I think I'd gradually >>>> ratchet up the security signals in the location bar with the end result of >>>> marking sites insecure if their IP was fetched over DNS in the clear. >>>> >>> >>> Ignoring the UI question, let me push a bit on "in the clear". >>> >> >> Sure, but I don't you should ignore the UI question. Having been on the >> receiving end of a few "why is the lock broken on our site?" emails from a >> CEO, I can tell you it is really effective. >> >> >>> >>> Currently, resolvers are configured by IP address, not domain name. >>> >> >> This is true, so companies go for stuff like 1.1.1.1 and 8.8.8.8. >> > > Right, but if you're getting that out of DHCP, that doesn't help, because > you can't trust that. > > >> >>> So absent mechanisms such as TRR, how does the DNS client form a secure >>> connection to the resolver? What domain name is in the certificate and how >>> does the client learn that domain name? >>> >> >> I agree that there's a bootstrapping problem, but I don't think this >> draft helps with that. >> > > I'm not saying it does. I'm just trying to work through the entire > problem. What I'm arguing here is that absent external configuration (e.g., > DoH/TRR), there's no real way to get encrypted DNS that is secure against > active attack. > When we did the DNS-over-TLS config for Android we chose it be hostname-based, on the theory that you could bootstrap using the network-provided nameservers, DNSSEC (which, admittedly, Android didn't support), and TLS (including optional browser security measures on top, perhaps cert pinning, etc.) I couldn't see how to make it much better than that. -Ekr > > > >> thanks, >> Rob >> >> >> >>> >>> -Ekr >>> >>> >>> >>> >>>> This is distinct from choosing a DNS vendor. >>>> >>>> thanks, >>>> Rob >>>> >>>> >>>> >>>> -- > Add mailing list > Add@ietf.org > https://www.ietf.org/mailman/listinfo/add >
- [Add] draft-grover-add-policy-detection-00 Rob Sayre
- Re: [Add] draft-grover-add-policy-detection-00 Andy Grover
- Re: [Add] draft-grover-add-policy-detection-00 Rob Sayre
- Re: [Add] draft-grover-add-policy-detection-00 Eric Rescorla
- Re: [Add] draft-grover-add-policy-detection-00 Rob Sayre
- Re: [Add] draft-grover-add-policy-detection-00 Eric Rescorla
- Re: [Add] draft-grover-add-policy-detection-00 Rob Sayre
- Re: [Add] draft-grover-add-policy-detection-00 Vittorio Bertola
- Re: [Add] draft-grover-add-policy-detection-00 Alec Muffett
- Re: [Add] draft-grover-add-policy-detection-00 Alec Muffett
- Re: [Add] draft-grover-add-policy-detection-00 Alec Muffett
- Re: [Add] [EXTERNAL] Re: draft-grover-add-policy-… Dixon, Hugh
- Re: [Add] [EXTERNAL] Re: draft-grover-add-policy-… Dixon, Hugh
- Re: [Add] [EXTERNAL] Re: draft-grover-add-policy-… Alec Muffett
- Re: [Add] [EXTERNAL] Re: draft-grover-add-policy-… Vittorio Bertola
- Re: [Add] [EXTERNAL] Re: draft-grover-add-policy-… Eric Rescorla
- Re: [Add] [EXTERNAL] Re: draft-grover-add-policy-… Rob Sayre
- Re: [Add] [EXTERNAL] Re: draft-grover-add-policy-… Dixon, Hugh
- Re: [Add] [EXTERNAL] Re: draft-grover-add-policy-… Rob Sayre
- Re: [Add] [EXTERNAL] Re: draft-grover-add-policy-… Eric Rescorla
- Re: [Add] [EXTERNAL] Re: draft-grover-add-policy-… Rob Sayre
- Re: [Add] [EXTERNAL] Re: draft-grover-add-policy-… Tommy Jensen
- Re: [Add] [EXTERNAL] Re: draft-grover-add-policy-… Michael Sinatra
- Re: [Add] [EXTERNAL] Re: draft-grover-add-policy-… Eric Rescorla
- Re: [Add] [EXTERNAL] Re: draft-grover-add-policy-… Eric Rescorla
- Re: [Add] [EXTERNAL] Re: draft-grover-add-policy-… Jim Reid
- [Add] Firefox DoH behaviour Jim Reid
- Re: [Add] [EXTERNAL] Re: draft-grover-add-policy-… Michael Sinatra
- Re: [Add] [EXTERNAL] Re: draft-grover-add-policy-… Rob Sayre
- Re: [Add] Firefox DoH behaviour Eric Rescorla
- Re: [Add] [EXTERNAL] Re: draft-grover-add-policy-… Alec Muffett
- Re: [Add] [EXTERNAL] Re: draft-grover-add-policy-… Michael Richardson
- Re: [Add] [EXTERNAL] Re: draft-grover-add-policy-… Michael Sinatra
- Re: [Add] [EXTERNAL] Re: draft-grover-add-policy-… Rob Sayre
- Re: [Add] [EXTERNAL] Re: draft-grover-add-policy-… Rob Sayre
- Re: [Add] [EXTERNAL] Re: Firefox DoH behaviour Deen, Glenn (NBCUniversal)
- Re: [Add] [EXTERNAL] Re: draft-grover-add-policy-… Paul Ebersman
- Re: [Add] [EXTERNAL] Re: draft-grover-add-policy-… Rob Sayre
- Re: [Add] [EXTERNAL] Re: draft-grover-add-policy-… Rob Sayre
- Re: [Add] [EXTERNAL] Re: Firefox DoH behaviour Eric Rescorla
- Re: [Add] [EXTERNAL] Re: draft-grover-add-policy-… Barry Greene
- Re: [Add] [EXTERNAL] Re: draft-grover-add-policy-… Eric Rescorla
- Re: [Add] [EXTERNAL] Re: draft-grover-add-policy-… Jim Reid
- Re: [Add] [EXTERNAL] Re: draft-grover-add-policy-… Eric Rescorla
- Re: [Add] [EXTERNAL] Re: draft-grover-add-policy-… Rob Sayre
- Re: [Add] [EXTERNAL] Re: draft-grover-add-policy-… Eric Rescorla
- Re: [Add] [EXTERNAL] Re: draft-grover-add-policy-… Rob Sayre
- Re: [Add] [EXTERNAL] Re: draft-grover-add-policy-… Eric Rescorla
- Re: [Add] [EXTERNAL] Re: draft-grover-add-policy-… Stephen Farrell
- Re: [Add] [EXTERNAL] Re: draft-grover-add-policy-… Rob Sayre
- Re: [Add] [EXTERNAL] Re: draft-grover-add-policy-… Eric Rescorla
- Re: [Add] [EXTERNAL] Re: draft-grover-add-policy-… Erik Kline
- Re: [Add] [EXTERNAL] Re: draft-grover-add-policy-… Eric Rescorla
- Re: [Add] [EXTERNAL] Re: draft-grover-add-policy-… Rob Sayre
- Re: [Add] [EXTERNAL] Re: draft-grover-add-policy-… Michael Sinatra
- Re: [Add] [EXTERNAL] Re: Firefox DoH behaviour Erik Kline
- Re: [Add] [EXTERNAL] Re: draft-grover-add-policy-… Rob Sayre
- Re: [Add] [EXTERNAL] Re: draft-grover-add-policy-… Vittorio Bertola
- Re: [Add] [EXTERNAL] Re: draft-grover-add-policy-… Rob Sayre
- Re: [Add] [EXTERNAL] Re: draft-grover-add-policy-… tirumal reddy
- Re: [Add] [EXTERNAL] Re: draft-grover-add-policy-… Ted Hardie
- Re: [Add] [EXTERNAL] Re: draft-grover-add-policy-… Neil Cook
- Re: [Add] [EXTERNAL] Re: draft-grover-add-policy-… Stephen Farrell
- Re: [Add] [EXTERNAL] Re: draft-grover-add-policy-… Ted Hardie
- Re: [Add] [EXTERNAL] Re: draft-grover-add-policy-… Neil Cook
- Re: [Add] [EXTERNAL] Re: draft-grover-add-policy-… Neil Cook
- Re: [Add] [EXTERNAL] Re: draft-grover-add-policy-… Alec Muffett
- Re: [Add] [EXTERNAL] Re: draft-grover-add-policy-… Neil Cook
- Re: [Add] [EXTERNAL] Re: draft-grover-add-policy-… Eric Rescorla
- Re: [Add] [EXTERNAL] Re: draft-grover-add-policy-… Alec Muffett
- Re: [Add] [EXTERNAL] Re: draft-grover-add-policy-… Evan Hunt
- Re: [Add] [EXTERNAL] Re: draft-grover-add-policy-… Rob Sayre
- Re: [Add] [EXTERNAL] Re: draft-grover-add-policy-… Paul Ebersman
- Re: [Add] [EXTERNAL] Re: draft-grover-add-policy-… Paul Ebersman
- Re: [Add] [EXTERNAL] Re: draft-grover-add-policy-… Brian Dickson
- Re: [Add] [EXTERNAL] Re: draft-grover-add-policy-… Rob Sayre
- Re: [Add] [EXTERNAL] Re: draft-grover-add-policy-… Alec Muffett
- Re: [Add] [EXTERNAL] Re: draft-grover-add-policy-… Paul Ebersman
- Re: [Add] [EXTERNAL] Re: draft-grover-add-policy-… Ted Hardie
- Re: [Add] [EXTERNAL] Re: draft-grover-add-policy-… Rob Sayre
- Re: [Add] [EXTERNAL] Re: draft-grover-add-policy-… Brian Dickson
- Re: [Add] [EXTERNAL] Re: draft-grover-add-policy-… Ted Hardie
- Re: [Add] [EXTERNAL] Re: draft-grover-add-policy-… Vittorio Bertola
- Re: [Add] [EXTERNAL] Re: draft-grover-add-policy-… Rob Sayre
- Re: [Add] [EXTERNAL] Re: draft-grover-add-policy-… Vittorio Bertola
- Re: [Add] [EXTERNAL] Re: draft-grover-add-policy-… Brian Dickson
- Re: [Add] [EXTERNAL] Re: draft-grover-add-policy-… Rob Sayre
- Re: [Add] [EXTERNAL] Re: draft-grover-add-policy-… Stephen Farrell
- Re: [Add] [EXTERNAL] Re: draft-grover-add-policy-… Alec Muffett
- Re: [Add] [EXTERNAL] Re: draft-grover-add-policy-… Rob Sayre
- Re: [Add] [EXTERNAL] Re: draft-grover-add-policy-… Ralf Weber
- Re: [Add] [EXTERNAL] Re: draft-grover-add-policy-… Livingood, Jason