IETF Logo Mail Archive

Re: [Add] Proposed charter and BoF request for IETF 106

"Eric Vyncke (evyncke)" <evyncke@cisco.com> Wed, 09 October 2019 20:57 UTC

Return-Path: <evyncke@cisco.com>
X-Original-To: add@ietfa.amsl.com
Delivered-To: add@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 97E30120B22 for <add@ietfa.amsl.com>; Wed, 9 Oct 2019 13:57:11 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.501
X-Spam-Level:
X-Spam-Status: No, score=-14.501 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b=C+Zk54ro; dkim=pass (1024-bit key) header.d=cisco.onmicrosoft.com header.b=PpByNozD
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id lYA3yLndq3uW for <add@ietfa.amsl.com>; Wed, 9 Oct 2019 13:57:09 -0700 (PDT)
Received: from alln-iport-5.cisco.com (alln-iport-5.cisco.com [173.37.142.92]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 75DDE12004F for <add@ietf.org>; Wed, 9 Oct 2019 13:56:43 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=3034; q=dns/txt; s=iport; t=1570654603; x=1571864203; h=from:to:subject:date:message-id:references:in-reply-to: content-id:content-transfer-encoding:mime-version; bh=r1w0SVrR6CJ7WXZTsI88X+OvmNq7Hhe6W7Qu+c0nTcQ=; b=C+Zk54romaRefSEUtWIEy7KGpPjeQB6KxHWakjgMIX6u9fu1XzApPLlW XuR6cvW1I24hBJ8zzYuHr5Q4Fncv9RHPoj2AX9ijJdDKjTqiDWg2xEibS 3itZJ176r6+hZqth8XinKA+DbQfUZf/TwlgTZN7XPK6pj1sMHd8WRXQ+9 s=;
IronPort-PHdr: 9a23:doeDlBBS6pds6aRSrEILUyQJPHJ1sqjoPgMT9pssgq5PdaLm5Zn5IUjD/qs13kTRU9Dd7PRJw6rNvqbsVHZIwK7JsWtKMfkuHwQAld1QmgUhBMCfDkiuIeD7aSc5EexJVURu+DewNk0GUMs=
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0BuAwAASJ5d/4cNJK1mGwEBAQEBAQEFAQEBEQEBAwMBAQGBe4FLJCwFbFYgBAsqhCNigmUDikVNgWoliWqOE4JSA1QJAQEBDAEBGAsKAgEBhEACF4I4IzgTAgMJAQEEAQEBAgEFBG2FLQyFSwEBAQECAQEBEBERDAEBLAwPAgEIGAICJgICAh8GCxUQAgQBEiKDAAGCRgMOIAECDKYrAoE4iGF1gTKCfQEBBYJJgj8NC4IXAwaBDCiLcR0YgUA/gTgME4IeLj5rGQGBFUcBAYFLLYJ3MoIsj2+dF0EKgiKREYQIG4I6h06POI4tijCPBgIEAgQFAg4BAQWBaSKBWHAVOyoBgkFQEBSBTwwMC4NQhRSFP3SBKY0gK4InAQE
X-IronPort-AV: E=Sophos;i="5.67,277,1566864000"; d="scan'208";a="346947912"
Received: from alln-core-2.cisco.com ([173.36.13.135]) by alln-iport-5.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 09 Oct 2019 20:56:42 +0000
Received: from XCH-ALN-002.cisco.com (xch-aln-002.cisco.com [173.36.7.12]) by alln-core-2.cisco.com (8.15.2/8.15.2) with ESMTPS id x99Kug98031823 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=FAIL); Wed, 9 Oct 2019 20:56:42 GMT
Received: from xhs-rcd-003.cisco.com (173.37.227.248) by XCH-ALN-002.cisco.com (173.36.7.12) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Wed, 9 Oct 2019 15:56:41 -0500
Received: from xhs-aln-002.cisco.com (173.37.135.119) by xhs-rcd-003.cisco.com (173.37.227.248) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Wed, 9 Oct 2019 15:56:40 -0500
Received: from NAM05-CO1-obe.outbound.protection.outlook.com (173.37.151.57) by xhs-aln-002.cisco.com (173.37.135.119) with Microsoft SMTP Server (TLS) id 15.0.1473.3 via Frontend Transport; Wed, 9 Oct 2019 15:56:40 -0500
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=oWheyp1AU0tdIsJCv4KqZioYv5taWD6CcRiY+He8q9923sgdcb/C9/oH3ICtntiffluSer7YDC01G/qzqswj/ZT/egDWMIQi1uuyZgcMTaikcfSJwuh61+r2tQOpaR1MKWL5Zn0+hMVg8q7p4h11G2V+kX22p9DW+D1llq9nVxBySnudTXq6PZG3AXTOjFQ+zPC8doaVpcLKJKiTAb3KjiCayJfgj080jJhSzVnMWnJBq5kHcboz3EVnX8M+htrOxbtt0UjvBNVyXrSX09CM3lVj9N84xU0rdUZMzi/xI1xNOtZpA/kLMciebJ3iIOp1erlfoWSZhOYK01AgVdmjUQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=r1w0SVrR6CJ7WXZTsI88X+OvmNq7Hhe6W7Qu+c0nTcQ=; b=eGvw8ZECGmwaFhRpwcOYcws6eIHTTaAXJO0XjxldhjMNUQXaTvdgx7XknOHSaHRCYUk/CBXG9Lul5+2xSZLURXplY3Z9CKBY7HJDihUswViODUPZbwlsAbHZAO8xaJi1UbqY7ufSktj/K65Xtgxr6zbxSPbqmYgDCdi4IG+1ir1pzk2fSLHBr7b/gsjsUV2Tytyy16xbMHTkBYZZ1af8fp0pGKjv1xBHWNKOjRZQsYDAXDTfq5oPFHCNRfTeslCpof0dBibU9zu/uZLrzotr1ydsTmRmxYBy8gKpC1POWJX5v+iP3Jsy/VbCfVZPn9GT09bTC8pWa69L5BzBashDXA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cisco.com; dmarc=pass action=none header.from=cisco.com; dkim=pass header.d=cisco.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.onmicrosoft.com; s=selector2-cisco-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=r1w0SVrR6CJ7WXZTsI88X+OvmNq7Hhe6W7Qu+c0nTcQ=; b=PpByNozDsy3FaQbw13fPwCJgmZCLwL/92UsFizc9raY3K1DhqoniHX0vAS966d0zc9BYP1dePyQqduYtVsbxpLpH5cpEk//063G+E6m+oChAX/+F7ATlil5AEw6wmTNpxYeDavNTT1hSvbe380SPBihdXoTROO/4RVIKPcKaD64=
Received: from MN2PR11MB4144.namprd11.prod.outlook.com (20.179.150.210) by MN2PR11MB3982.namprd11.prod.outlook.com (10.255.181.75) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2327.24; Wed, 9 Oct 2019 20:56:39 +0000
Received: from MN2PR11MB4144.namprd11.prod.outlook.com ([fe80::e4f8:d335:c018:c62a]) by MN2PR11MB4144.namprd11.prod.outlook.com ([fe80::e4f8:d335:c018:c62a%7]) with mapi id 15.20.2347.016; Wed, 9 Oct 2019 20:56:39 +0000
From: "Eric Vyncke (evyncke)" <evyncke@cisco.com>
To: Paul Wouters <paul@nohats.ca>, "add@ietf.org" <add@ietf.org>
Thread-Topic: [Add] Proposed charter and BoF request for IETF 106
Thread-Index: AQHVfnSkBrNlnq14+kme+Fb6LfA+b6dSNM6AgABTSICAAAJggIAAAuOAgAANqYCAABQWAIAAEw4AgAAqjQA=
Date: Wed, 09 Oct 2019 20:56:39 +0000
Message-ID: <A47D43B9-FDC2-4497-9B11-DBE2F3AE3961@cisco.com>
References: <CALaySJLxXVuHQNfTnaeKZ_R9xtBYWfbta+A1bWcE-ZQZwd3VZg@mail.gmail.com> <CABcZeBMkAFZW9mWjw92v+OR0Fa8ed+P80yc78eY07hCpsCNY6Q@mail.gmail.com> <1556423899.28427.1570640191209@appsuite-gw2.open-xchange.com> <CABcZeBNyRDqnVL68aXny=Ht69NjahmS4zRsnYizO53M--rhM5g@mail.gmail.com> <alpine.LRH.2.21.1910091313590.2297@bofh.nohats.ca> <CAFpG3gch-mgJJMO1rEg61PhYNKeKYiJwz4NTQ3QDbEb=WNkyQw@mail.gmail.com> <D6D4836A-C426-491D-AAC4-D1F3323D6AB8@rfc1035.com> <alpine.LRH.2.21.1910091611240.11081@bofh.nohats.ca>
In-Reply-To: <alpine.LRH.2.21.1910091611240.11081@bofh.nohats.ca>
Accept-Language: fr-BE, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/10.1d.0.190908
authentication-results: spf=none (sender IP is ) smtp.mailfrom=evyncke@cisco.com;
x-originating-ip: [2001:420:c0c0:1006::32]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: e11cd7de-6cab-4089-19cc-08d74cfb2e83
x-ms-traffictypediagnostic: MN2PR11MB3982:
x-ms-exchange-purlcount: 1
x-microsoft-antispam-prvs: <MN2PR11MB3982474BC47E0009E513EF01A9950@MN2PR11MB3982.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-forefront-prvs: 018577E36E
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(4636009)(39860400002)(136003)(396003)(366004)(346002)(376002)(199004)(189003)(66946007)(110136005)(8936002)(71190400001)(2501003)(6486002)(66476007)(11346002)(446003)(476003)(46003)(7736002)(2616005)(186003)(486006)(71200400001)(91956017)(76116006)(64756008)(66446008)(66556008)(81156014)(6116002)(14444005)(81166006)(316002)(25786009)(256004)(8676002)(58126008)(229853002)(2906002)(14454004)(6246003)(6436002)(6512007)(6306002)(478600001)(305945005)(33656002)(86362001)(966005)(76176011)(6506007)(36756003)(99286004)(5660300002)(102836004)(53546011); DIR:OUT; SFP:1101; SCL:1; SRVR:MN2PR11MB3982; H:MN2PR11MB4144.namprd11.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: cisco.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: 7E3rB6NKXgxbc6h5WK035jsRsxns+Pw0CPvR7mrzLhobAvwyEseOlmQKNWDyafYu7IxF0MybUQh7h9MWZhXaHTvpLOj8G8yFuxFOjZnHL1LqvQy2qk+6Mq8CvPynxv/XUDq+tEQ8b9ij6tYgVKsjC9PgZZluHKHhWahY5Wy3fr6aqPsAoOIjfJPobpZkpGWbUfWDNDKLcwQHwruJs2e4N09K9ElnmyJxx/sW8IggOVvL/Nwxlbw0woj0JtK/GPn76rKgEYugPmMuIW6vzVufEHZPKAWFyySrma90fwDIG7PWhVeqXl0/RSSPBlH+PJ4V+VdCE+MaSYuUnoWewYa9OOREQtDJwz4dhc6UqDOdItjbE3UfYpfmjdFizgbEa/5N3IoLCfV5q1/+gBmehyTE1RS295YhwC/405MCzDEjzUBIB/pcunIo8sGA36M5YaWaGoWzQX3TvtUPRIyEfltU5Q==
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="utf-8"
Content-ID: <06B5ACC61BEF9C47A9C9841C2BABA9BB@namprd11.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: e11cd7de-6cab-4089-19cc-08d74cfb2e83
X-MS-Exchange-CrossTenant-originalarrivaltime: 09 Oct 2019 20:56:39.5511 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: Xg3w7gfUS2yyghHp4cZCxlpj8ZsGqSgi90/0LRQsBbWF0K+b6WmAz/QWaDPK8YnLkD6qoh+NrUS3llF1FBjWbA==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: MN2PR11MB3982
X-OriginatorOrg: cisco.com
X-Outbound-SMTP-Client: 173.36.7.12, xch-aln-002.cisco.com
X-Outbound-Node: alln-core-2.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/add/oMS3YkBXpb1jrEBJpe2TScSrwAg>
Subject: Re: [Add] Proposed charter and BoF request for IETF 106
X-BeenThere: add@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Applications Doing DNS <add.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/add>, <mailto:add-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/add/>
List-Post: <mailto:add@ietf.org>
List-Help: <mailto:add-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/add>, <mailto:add-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 09 Oct 2019 20:57:12 -0000

And BTW do not forget that in IPv6 the prominence of DHCP is close to 0 ;-)

-éric

On 09/10/2019, 22:24, "Add on behalf of Paul Wouters" <add-bounces@ietf.org on behalf of paul@nohats.ca> wrote:

    On Wed, 9 Oct 2019, Jim Reid wrote:
    
    >> On 9 Oct 2019, at 19:04, tirumal reddy <kondtir@gmail.com> wrote:
    >>
    >> DHCP is not a secure way to discover the local DoT/DoH server.
    >
    > That may well be true. However that debate belongs on another thread and maybe even another list.
    >
    > I thought we were meant to be discussing the proposed charter for a new WG and a possible BoF in Singapore. Could we please focus on that?
    
    It is relevant, because if we believe the only thing that is needed is
    a DHCP option, then we do not need to spin up a working group. In fact,
    I would expect whoever wants to spin up a new group to have done some
    preliminary work in this area so that it is clear there is a real large
    enough problem to be solved using a WG. I don't get the feeling this
    happened. What I see is people looking for a business model for "secure
    DNS" services. I don't think that business model needs protocol level
    support from the IETF (because as I stated earlier, consumer trust
    doesn't work by signed XML statements).
    
    Compare this with starting up a WG to eavesdrop on TLS 1.3 traffic.
    Look at how PATIENT hasn't seen any discussion since July 2018. We
    didn't start a WG for that either. Why should we do one on eavedropping
    encrypted DNS?
    
    As for the "DHCP is not secure" argument. There is absolutely no
    expectation of validatable security when someone joins a random
    network. When I join a known preconfigured enterprise network, I already
    have trust anchors. When I decide to trust a personal DoH server that is
    not local, I already have the trust anchors I need as well. An insecure
    DHCP option is useful for the enterprise/parental use case, where just
    being on the network is a veriably secure action already.
    
    Paul
    
    -- 
    Add mailing list
    Add@ietf.org
    https://www.ietf.org/mailman/listinfo/add

v2.23.0 | Report a Bug | By Email