IETF Logo Mail Archive

Re: [Add] Fwd: New Version Notification for draft-mglt-abcd-doh-privacy-analysis-00.txt

Daniel Migault <daniel.migault@ericsson.com> Thu, 07 November 2019 18:23 UTC

Return-Path: <mglt.ietf@gmail.com>
X-Original-To: add@ietfa.amsl.com
Delivered-To: add@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2664612087B for <add@ietfa.amsl.com>; Thu, 7 Nov 2019 10:23:05 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.566
X-Spam-Level:
X-Spam-Status: No, score=-1.566 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FREEMAIL_FORGED_FROMDOMAIN=0.082, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.25, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DR93ZnxqvaCY for <add@ietfa.amsl.com>; Thu, 7 Nov 2019 10:23:03 -0800 (PST)
Received: from mail-vs1-f54.google.com (mail-vs1-f54.google.com [209.85.217.54]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 981321200B9 for <add@ietf.org>; Thu, 7 Nov 2019 10:23:03 -0800 (PST)
Received: by mail-vs1-f54.google.com with SMTP id l5so1932953vsh.12 for <add@ietf.org>; Thu, 07 Nov 2019 10:23:03 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=K2JRydQhcvT1EyQ8OCTdfeOZZHYB8GZjuP1lPgGMylg=; b=Myi7ByIsCqIudRBjdlfI6E/RC4WKwoq6rWgNtgXfup+uBrCxaiEaxX5WnrQUkYwxxD g3//veai9EilfRXmxTOfweN7mBTEhHKoKNk2fouj//98+k1YDhxghEyBKdmURiB3pjnA FlRcsmmbgYIC9EqQCV2kye6Z9USx6bdC3DHnMA9Ise3MRJez2IbKpC+8+WuoAaPpyVPV f4f8TvtZSaClUH2wFiCKf6isOlIA0ZvWe0bqzQW72JT7vx1xV0WPxTyHQdHob03TkNXI ucmKpN+mrArnAOae5FYDtAZa5ABVHzjtwByBOSzhZAt6Uy9mAFywTbawhmNNEZzLfAug c0mw==
X-Gm-Message-State: APjAAAX3P9q6NG7M1KNvaABg2W2R4xVYP8Li5ozLVJTutdI7q67+V4Qr vEtba/yq7zBSFg0J/o9+iHgpUlNFYIO1VhBHKdLH/0CK
X-Google-Smtp-Source: APXvYqwlr347Mx3tGQQvy4PBmO95A7mCQ66LQPUiUM+JS43OjbIq147uH5WM6HsIfWl4CXYJAnL7saCXQ5gdZD+ZsQU=
X-Received: by 2002:a67:e2d7:: with SMTP id i23mr3692638vsm.31.1573150982601; Thu, 07 Nov 2019 10:23:02 -0800 (PST)
MIME-Version: 1.0
References: <157288444149.16545.17250458995529707952.idtracker@ietfa.amsl.com> <CADZyTk=5g7toa5QwaQ9tCO1d2iJ1-pF9W6RzOEi9MjrsnyLsFw@mail.gmail.com> <2f52a096-ae14-a9f8-1dbf-8931e3204ec7@cs.tcd.ie> <SN2PR00MB0077009FBBB40FB2B3DD9B35FA790@SN2PR00MB0077.namprd00.prod.outlook.com> <CA+nkc8Aw+PPktomjwydWtfvVyM6Phhn9YbL33WV65-sbS0k1AA@mail.gmail.com> <1030648680.29401.1573073455702@appsuite-gw1.open-xchange.com> <3ef66a79-3b18-8f42-b21a-653c4e19a9cc@huitema.net>
In-Reply-To: <3ef66a79-3b18-8f42-b21a-653c4e19a9cc@huitema.net>
From: Daniel Migault <daniel.migault@ericsson.com>
Date: Thu, 07 Nov 2019 13:22:51 -0500
Message-ID: <CADZyTkk2t7_VNPzoUUQdErFcyj74pT9Hry+ut92hViJ7_7Rw4A@mail.gmail.com>
To: Christian Huitema <huitema@huitema.net>
Cc: Vittorio Bertola <vittorio.bertola@open-xchange.com>, Bob Harold <rharolde@umich.edu>, "add@ietf.org" <add@ietf.org>, Daniel Migault <daniel.migault=40ericsson.com@dmarc.ietf.org>
Content-Type: multipart/alternative; boundary="0000000000007f01560596c5c173"
Archived-At: <https://mailarchive.ietf.org/arch/msg/add/S-KJ1KNd4kraPB_OcuAj0hO9GaU>
Subject: Re: [Add] Fwd: New Version Notification for draft-mglt-abcd-doh-privacy-analysis-00.txt
X-BeenThere: add@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Applications Doing DNS <add.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/add>, <mailto:add-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/add/>
List-Post: <mailto:add@ietf.org>
List-Help: <mailto:add-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/add>, <mailto:add-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 07 Nov 2019 18:23:05 -0000

Hi  Christian,

Thank you for taking time to review the draft. The current version of the
draft does not consider active attacks. It does not either analyse how
additional privacy can be leveraged from esni. These will be included in
the next version. Thank you for the feed back, that is very well
appreciated.

Yours,
Daniel



On Wed, Nov 6, 2019 at 6:37 PM Christian Huitema <huitema@huitema.net>
wrote:

> On 11/6/2019 12:50 PM, Vittorio Bertola wrote:
>
> > Regarding Daniel's draft, I appreciate the effort and I partly tried
> > to do this and other analyses in my draft for Prague, but I then
> > realized that there are people here that will never consent to such a
> > document becoming an agreed standard, even if informational. So I
> > suggest that we should focus on a few technical developments for
> > interoperability purposes that we can agree upon, such as standardized
> > ways for the local network to advertise their own Do* service and
> > their use of it for local policy enforcement, and give up discussions
> > on deployment models and human rights assessments. I don't think we
> > could ever get to agreement here on whether DoH brings more privacy
> > and freedom or less of it, as the answer is really "it depends".
>
>
> Daniel's draft is certainly biased towards Daniel's opinions. For
> example, I don't buy his assertion that replacing the OS defaults by app
> decisions is always unfriendly to privacy. It is very easy to find
> counter-examples. But there are a couple of facts that we should
> acknowledge:
>
> 1) In general, the local network can retrieve the name of the server by
> looking at the traffic. This is obvious when the communication happens
> in clear text. It is also true if the traffic is encrypted using TLS
> versions 1.2 or lower, because the server certificate is carried in
> plain text. And it is still true if using TLS 1.3 but the SNI is not
> encrypted.
>
> 2) Because of that, in general, sending the DNS request to a third party
> resolver can only result in a loss of privacy. Even if the third party
> resolver has a virtuous approach to privacy, the fact remains that in
> general information that was present in just one place is now present in
> two, and that cannot be described as a gain.
>
> 3) But of course there are exceptions to this general rule, specifically
> when the traffic uses TLS 1.3 and ESNI. That's where Daniel's draft is a
> bit weak. It develops the arguments (1) and (2), but stops there and
> does not recognize the exceptions.
>
> One first exception happens when the DNS requests to the local resolver
> are not encrypted. This does not create a privacy leak against passive
> attackers, because the passive attacker that sees the DNS traffic most
> likely also sees the data traffic, as discussed in (1). However,
> encryption also protects against active attacks in which the attacker
> sends spoofed DNS responses. Using a third party encrypted server in
> this scenario is a trade-off between security and slightly worse privacy
> (point 2).
>
> Another exception happens when the traffic uses TLS 1.3 and ESNI. In
> that case, traffic analysis only reveals a communication with the
> fronting server, while DNS queries reveal the hidden server. Resolving
> the ESNI record through a trusted third party resolver will hide the
> hidden service name from the local network, and that is indeed a gain in
> privacy.
>
> It is possible to extend this privacy advantage in two ways:
>
> 1) The client could obtain the ESNI record (or equivalent HTTPSVC
> record) through other paths than the DNS, e.g. during prior connections
> with the hidden service.
>
> 2) If the client has cached the content of the ESNI record (or
> equivalent HTTPSVC record), it knows in advance the name of the fronting
> server. If the client has not also cached the address, it will get
> better privacy by looking up the fronting server name through the local
> resolver. That will prevent providing the third party service with
> information about timing of connections from the client.
>
> -- Christian Huitema
>
> --
> Add mailing list
> Add@ietf.org
> https://www.ietf.org/mailman/listinfo/add
>

v2.23.0 | Report a Bug | By Email