IETF Logo Mail Archive

Re: [dane] [openpgp] The DANE draft

Patrik Löhr <patrik.loehr@posteo.de> Wed, 05 August 2015 16:35 UTC

Return-Path: <patrik.loehr@posteo.de>
X-Original-To: dane@ietfa.amsl.com
Delivered-To: dane@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 32F8E1A1BEF for <dane@ietfa.amsl.com>; Wed, 5 Aug 2015 09:35:34 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.961
X-Spam-Level:
X-Spam-Status: No, score=-1.961 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HELO_EQ_DE=0.35, MIME_8BIT_HEADER=0.3, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZHHe3T12SUjI for <dane@ietfa.amsl.com>; Wed, 5 Aug 2015 09:35:22 -0700 (PDT)
Received: from mx02.posteo.de (mx02.posteo.de [89.146.194.165]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E2B1D1A1E0B for <dane@ietf.org>; Wed, 5 Aug 2015 09:35:21 -0700 (PDT)
Received: from dovecot04.posteo.de (unknown [185.67.36.27]) by mx02.posteo.de (Postfix) with ESMTPS id BE88D25B8E75; Wed, 5 Aug 2015 18:35:16 +0200 (CEST)
Received: from mail.posteo.de (localhost [127.0.0.1]) by dovecot04.posteo.de (Postfix) with ESMTPSA id 3mmdpq4Qc4zFpVk; Wed, 5 Aug 2015 18:35:15 +0200 (CEST)
Message-ID: <55C23B3D.1030502@posteo.de>
Date: Wed, 05 Aug 2015 18:35:09 +0200
From: Patrik Löhr <patrik.loehr@posteo.de>
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:31.0) Gecko/20100101 Thunderbird/31.7.0
MIME-Version: 1.0
To: dane@ietf.org, paul.hoffman@vpnc.org, paul@nohats.ca, stephen.farrell@cs.tcd.ie
References: <CAMm+LwhYdBLXM8Td8q8SCnzgwywRgMx3wNKeS_Q0JSN4Lh7rZQ@mail.gmail.com> <87bnf1hair.fsf@alice.fifthhorseman.net> <alpine.LFD.2.11.1507250832510.854@bofh.nohats.ca> <87bnem2xjq.fsf@alice.fifthhorseman.net> <alpine.LFD.2.11.1508050331340.1451@bofh.nohats.ca> <55C1F35A.5070904@cs.tcd.ie> <B7419740-25C9-4F8D-85AE-FC6E11BCC038@vpnc.org> <55C22AD4.5010709@cs.tcd.ie> <DB1E53C6-11DF-4194-852D-776B670E2409@vpnc.org>
In-Reply-To: <DB1E53C6-11DF-4194-852D-776B670E2409@vpnc.org>
Content-Type: text/plain; charset="windows-1252"
Content-Transfer-Encoding: 8bit
Archived-At: <http://mailarchive.ietf.org/arch/msg/dane/FOjUA08HMf-LCJ1t0AnOztPOOME>
Subject: Re: [dane] [openpgp] The DANE draft
X-BeenThere: dane@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: DNS-based Authentication of Named Entities <dane.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dane>, <mailto:dane-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dane/>
List-Post: <mailto:dane@ietf.org>
List-Help: <mailto:dane-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dane>, <mailto:dane-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 05 Aug 2015 16:35:34 -0000

Hi Paul,

that's the point - we are concerned with on-path watchers.
That is why we are in strong favour of hashing like i already stated:
Hashing does not protect against "decryption" - but it makes a distinct
difference whether I need to make a targeted attack on a hash, or can
arbitrarily search through the plaintext in a stream of data.

Best
Patrik

Am 05.08.2015 um 17:55 schrieb Paul Hoffman:
> On 5 Aug 2015, at 8:25, Stephen Farrell wrote:
> 
>> On 05/08/15 16:12, Paul Hoffman wrote:
>>> Wearing my author hat: I don't care between b32 and hashing. Both are
>>> equally easy to document. However:
>>>
>>> On 5 Aug 2015, at 4:28, Stephen Farrell wrote:
>>>
>>>> So sorry to continue an argument but shouldn't this experiment be
>>>> a more conservative about privacy just in case it ends up wildly
>>>> successful?
>>>
>>> How is using the hash more conservative about privacy, except in zones
>>> that are signed with NSEC instead of the more common NSEC3? If you
>>> assume zones signed with NSEC3, both options are equally susceptible to
>>> dictionary-based guessing attacks, given that the effort to create
>>> search dictionaries for the billion of common LHS names is pretty low
>>> even for hashes.
>>
>> Tempora. That on-path attacker has a far easier time reversing the
>> b32 than anything based on the hash. Even with DPRIVE, we don't know
>> how to handle the recursive to authoritative part.
> 
> Thanks, I was only thinking of off-path attackers.
> 
> I agree that, if we are concerned with on-path watchers, hashes would
> preserve much more privacy than Base32 encodings.
> 
> --Paul Hoffman
> 
> _______________________________________________
> dane mailing list
> dane@ietf.org
> https://www.ietf.org/mailman/listinfo/dane

-- 
Patrik Löhr

Posteo e.K.
Methfesselstr. 38
10965 Berlin

tel. +49 30 85074618
mail <patrik.loehr@posteo.de>
web <https://posteo.de>

USt-IdNr.: DE186713958
Handelsregister: Berlin-Charlottenburg · HRA 47592 B

v2.23.0 | Report a Bug | By Email