IETF Logo Mail Archive

Re: [Add] [EXTERNAL] Re: ADD Requirements Draft

tirumal reddy <kondtir@gmail.com> Thu, 03 September 2020 10:10 UTC

Return-Path: <kondtir@gmail.com>
X-Original-To: add@ietfa.amsl.com
Delivered-To: add@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9F9EC3A0DEF for <add@ietfa.amsl.com>; Thu, 3 Sep 2020 03:10:53 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.997
X-Spam-Level:
X-Spam-Status: No, score=-1.997 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, HTTPS_HTTP_MISMATCH=0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id QylyoYFc1b64 for <add@ietfa.amsl.com>; Thu, 3 Sep 2020 03:10:50 -0700 (PDT)
Received: from mail-io1-xd30.google.com (mail-io1-xd30.google.com [IPv6:2607:f8b0:4864:20::d30]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9AD9B3A0DEA for <add@ietf.org>; Thu, 3 Sep 2020 03:10:50 -0700 (PDT)
Received: by mail-io1-xd30.google.com with SMTP id r9so2101590ioa.2 for <add@ietf.org>; Thu, 03 Sep 2020 03:10:50 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=U5O38TZq2IuLB/nDGRDZwqPKIKSiuNcwszj9iU8jFCM=; b=PnbcR1G3bAOjC8h7M6cZglMMTvHVpptdFCX2PL6WLsDXoOVg0ExO3fWsUtW2ipO7+M 3CQ9f2fp8lrHeF9XciixsWThfsRpvltqpqfBm9AVoQexXZiegl3eTXsqALlqpYuUrQii 2jylZEPSIsPkdqBQVr9WQDP2+hOVqmSbdcZcqE1hGwWJUYXnEaJkHmKwwfkq/sNzJYRT GdajEMEM/AkPvQP2rr4evEhdKxAjcvUokvvBKuu9g/MwBv9Vk8+NlkunkWas9lWt6lnu rir3u7HOHpN/VxJh/CGJhWgcWBykULNgk750+nnKS/3/TKU1pazvt4iFpr1UiL6WpmVy VS+g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=U5O38TZq2IuLB/nDGRDZwqPKIKSiuNcwszj9iU8jFCM=; b=HV6umtM7cWRqywGKN0kA0XTa2a2fCuGTvF6+Vb3Mw2lxdFodkrGn0EANpqjDaw+D7C kkfrAEuYMXGh+pjQkhKctbZ7NODSf2ds05pIwHpIvn7CsexWy3cbl9Ziz7cKSj/YVhQm mEKuI4OILoJPcyJwKbrXmq2Vdc5FrC1suEHj7g6gHYkKPULC7qwNwUqSVwcI9kK2GsEK QaTQwYnNAfB4CDf2Y84nIUVMpYeqjRXwFGq41XBEPmQugjkXc866Y/1POiKbBbYx38Dn F8TcphNXiq4dBYb4FfyxwEuNgm6MPqVCvRbiWvDpum78M2r/GOG0mx03YxSByTSdZrSX Ry9g==
X-Gm-Message-State: AOAM532Fnzq7+utN2NINfMmtGg5MYA8HSrnah9S1dDdTOGrfZypzEox0 5Pw4FpNrOv0vm6dApApeIcCBBA9mrh64DTjBTfA=
X-Google-Smtp-Source: ABdhPJw56q3zP2Dt5uNZzZ9NnlIrdrJb+Pl2wtmSl7NLlvGt7YodMycWY8ihjlQvygJEZgeb93+NxhyNC4QFNQ18/KM=
X-Received: by 2002:a6b:8b8c:: with SMTP id n134mr2441143iod.204.1599127849830; Thu, 03 Sep 2020 03:10:49 -0700 (PDT)
MIME-Version: 1.0
References: <31194C90-6C0B-470C-8B14-79C12D2C5C0D@comcast.com> <CACJ6M14gXmEHc_fX8=GpKwRDn6C=R7LR06JG_Qg-cWR5agU9Hw@mail.gmail.com> <391E15D2-9208-4BA9-B01E-3673982DA6CE@apple.com> <CABcZeBMXvcF6PJWE+EkGVx1c9RXzO1XuB3xhrVKUJvUb=aus8A@mail.gmail.com> <4cd8a8c6-3516-4ad6-877c-9460d8096773@www.fastmail.com> <CAFpG3gfkrKGiuPRH1QvH+-w2H=N1ijtDpk5Oh=D2JOp-L4Q1+w@mail.gmail.com> <CABcZeBNhHcNAkVm=PNUvV8_vGVvDvJbaMVHB_w9zu63+ebQwpQ@mail.gmail.com> <CAFpG3gcAjHkh7boDwLq+sHpGtfB2WT0NbuuFqqBQs2M6BZkAOQ@mail.gmail.com> <CABcZeBMi-B7LKB6ipt6vLSZcF9OMLga8f+qydpZVOhOGQrttuQ@mail.gmail.com> <CAFpG3geQefT0=fN-6UFwDqLLqbb1XthHA=np4HPS2NfSO77csA@mail.gmail.com> <CABcZeBPmfe8Um38xFHoxw+26-YQxFUPN+p4aW9uzbPKGy1xz4g@mail.gmail.com> <CAFpG3gefyTcibzfQ-dzXKv5fKE=vwUktux0dz25wNL7_+tf7MA@mail.gmail.com> <CABcZeBMVcH74RYXZrLRNtHLi-xZgGxRHA2CsH6nbiz+5uGM32g@mail.gmail.com> <DM6PR00MB0783D4A658BE3BA8EBD6533BFA2E1@DM6PR00MB0783.namprd00.prod.outlook.com> <07B4108E-07BC-4755-96FB-31D43DCDC19C@apple.com>
In-Reply-To: <07B4108E-07BC-4755-96FB-31D43DCDC19C@apple.com>
From: tirumal reddy <kondtir@gmail.com>
Date: Thu, 03 Sep 2020 15:40:38 +0530
Message-ID: <CAFpG3geue3Vv+vmWPJSX0Uk7w=o6j56oUfbpNZa6tmDD7Sf9Mw@mail.gmail.com>
To: Tommy Pauly <tpauly@apple.com>
Cc: Tommy Jensen <Jensen.Thomas=40microsoft.com@dmarc.ietf.org>, Eric Rescorla <ekr@rtfm.com>, ADD Mailing list <add@ietf.org>, Christopher Wood <caw@heapingbits.net>
Content-Type: multipart/alternative; boundary="000000000000708b5005ae65f7d1"
Archived-At: <https://mailarchive.ietf.org/arch/msg/add/v78KQU6peLCJmJvgGLDr_ktUKrQ>
Subject: Re: [Add] [EXTERNAL] Re: ADD Requirements Draft
X-BeenThere: add@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Applications Doing DNS <add.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/add>, <mailto:add-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/add/>
List-Post: <mailto:add@ietf.org>
List-Help: <mailto:add-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/add>, <mailto:add-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 03 Sep 2020 10:10:54 -0000

On Wed, 2 Sep 2020 at 01:27, Tommy Pauly <tpauly@apple.com> wrote:

> Agreed. From my perspective as a client vendor, I don’t see a likely path
> to consuming this kind of policy. This is one of the reasons I’ve argued
> that we should have in our requirements a limitation that the entity that
> provides DNS should be one that the client already has a relationship
> with—we don’t need any new explanation of policy, we’re relying on existing
> relationships.
>

Existing relationships are definitely useful in certain scenarios but not
in all. For example:

a) I don't think it is possible for every ISP and Enterprise network in the
world to approach each and every Browser and OS vendor to be pre-configured
with network provided encrypted DNS servers.

b) Secure discovery most likely avoids the need to have the discovered DNS
server pre-configured in OS/Browser. However, as we all know secure
discovery is not possible in some deployments. If the discovered server is
not pre-configured, client/user needs to know the resolver information of
the discovered server. In case of insecure discovery, the client should
have checks to avoid connecting to an encrypted DNS server hosted by an
attacker.

Cheers,
-Tiru


>
> Thanks,
> Tommy (Pauly)
>
> On Sep 1, 2020, at 10:11 AM, Tommy Jensen <
> Jensen.Thomas=40microsoft.com@dmarc.ietf.org> wrote:
>
> ekr> Taking a step back here: is there any client with significant usage
> that would be interested in consuming this kind of policy when published by
> a resolver?
>
> Speaking for myself: no. The user either understands the implications and
> has pre-configured a resolver of their choice, or they don't and expect DNS
> to just work. Until DNS server choice is an everyday user concept akin to
> music streaming app choice (or at least wireless network choice), that will
> continue to be the case.
>
> Thanks,
> Tommy
>
> ------------------------------
> *From:* Add <add-bounces@ietf.org> on behalf of Eric Rescorla <
> ekr@rtfm.com>
> *Sent:* Tuesday, September 1, 2020 9:46 AM
> *To:* tirumal reddy <kondtir@gmail.com>
> *Cc:* ADD Mailing list <add@ietf.org>; Christopher Wood <
> caw@heapingbits.net>
> *Subject:* [EXTERNAL] Re: [Add] ADD Requirements Draft
>
>
>
> On Tue, Sep 1, 2020 at 4:10 AM tirumal reddy <kondtir@gmail.com> wrote:
>
> Hi Eric,
>
> Please see inline
>
> On Fri, 28 Aug 2020 at 19:08, Eric Rescorla <ekr@rtfm.com> wrote:
>
>
>
> On Fri, Aug 28, 2020 at 12:35 AM tirumal reddy <kondtir@gmail.com> wrote:
>
> On Thu, 27 Aug 2020 at 18:46, Eric Rescorla <ekr@rtfm.com> wrote:
>
>
>
> On Wed, Aug 26, 2020 at 10:15 PM tirumal reddy <kondtir@gmail.com> wrote:
>
> Hi Eric,
>
> Please see inline
>
> On Wed, 26 Aug 2020 at 16:50, Eric Rescorla <ekr@rtfm.com> wrote:
>
>
>
> As I said when you first proposed this in an ADD meeting, I do not believe
> that anything of this kind is viable.
>
>
> 1. Certificates tied to a legal entity have not been effective, which is
> why browsers are removing EV.
>
>
> The draft does not propose using EV certificates for encrypted DNS
> servers, please see
> https://tools.ietf.org/html/draft-reddy-add-server-policy-selection-05#section-4
> <https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Ftools.ietf.org%2Fhtml%2Fdraft-reddy-add-server-policy-selection-05%23section-4&data=02%7C01%7CJensen.Thomas%40microsoft.com%7C4f39107a43f8461cc8c808d84e96ac6c%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637345757215760305&sdata=zwTj9VSEumHDnBDlWRQySYQf2lljLOE7aG%2FcNJKWx%2Bk%3D&reserved=0> for
> more details.
>
>
> It proposes something similar, which I expect to have the same drawbacks.
>
>
> 2. There is ample evidence that users do not read privacy policies.
>
>
> The DNS server privacy statement is much more simpler compared to a
> typical privacy statement by a
> content service provider (see
> https://tools.ietf.org/html/draft-ietf-dprive-bcp-op-14#section-6
> <https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Ftools.ietf.org%2Fhtml%2Fdraft-ietf-dprive-bcp-op-14%23section-6&data=02%7C01%7CJensen.Thomas%40microsoft.com%7C4f39107a43f8461cc8c808d84e96ac6c%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637345757215770297&sdata=Aon0Ne%2FXFeIqNAPGMS5g0t%2FpPaqrg9bs3OTDJzK3wn8%3D&reserved=0>
> ).
>
>
> I don't think that makes it significantly more likely that people will
> read it.
>
>
> Further, automated analysis of a privacy statement is possible using deep
> learning (https://pribot.org/files/Polisis_USENIX_Security_Paper.pdf
> <https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fpribot.org%2Ffiles%2FPolisis_USENIX_Security_Paper.pdf&data=02%7C01%7CJensen.Thomas%40microsoft.com%7C4f39107a43f8461cc8c808d84e96ac6c%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637345757215770297&sdata=btIZBlgmsG2b9zCE6pSjQt7q%2FteV6HVT8fakqd08sWQ%3D&reserved=0>).
> You can explore polisis and pritbot at https://pribot.org
> <https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fpribot.org%2F&data=02%7C01%7CJensen.Thomas%40microsoft.com%7C4f39107a43f8461cc8c808d84e96ac6c%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637345757215780290&sdata=DluH1rTl9DL%2Blcmt0nb5jhy9H6i1QyJwGJhBkT3x%2FoM%3D&reserved=0> to
> explore the analysis of privacy statements by several organizations..
>
>
> I took a quick look at this tool and while it appears to be interesting
> work, it does not produce output which I think is likely for users to
> actually assimilate. For instance here is what it does with McAfee's policy:
>
> https://pribot.org/polisis/?company_url=mcafee.com&_id=59d8f9c4e3dd0c4e24555c1d&category=first-party-collection-use
> <https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fpribot.org%2Fpolisis%2F%3Fcompany_url%3Dmcafee.com%26_id%3D59d8f9c4e3dd0c4e24555c1d%26category%3Dfirst-party-collection-use&data=02%7C01%7CJensen.Thomas%40microsoft.com%7C4f39107a43f8461cc8c808d84e96ac6c%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637345757215780290&sdata=gL%2BUOJ3dykOrd316WbZH5HpswalaWAKHscWQspcHM7w%3D&reserved=0>
>
> We've already run this experiment of machine readable privacy policies
> once with P3P and I don't see a reason to think this will be any different
>
> Taking a step back here: is there any client with significant usage that
> would be interested in consuming this kind of policy when published by a
> resolver? If so, I'd like to hear from them about their needs. If not, it
> doesn't seem worth discussing further.
>
> -Ekr
>
> --
> Add mailing list
> Add@ietf.org
> https://www.ietf.org/mailman/listinfo/add
>
>
>

v2.23.0 | Report a Bug | By Email