[dane] Alissa Cooper's No Objection on draft-ietf-dane-openpgpkey-10: (with COMMENT)
"Alissa Cooper" <alissa@cooperw.in> Wed, 20 April 2016 21:45 UTC
Return-Path: <alissa@cooperw.in>
X-Original-To: dane@ietf.org
Delivered-To: dane@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 3292C12DC7A; Wed, 20 Apr 2016 14:45:45 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: Alissa Cooper <alissa@cooperw.in>
To: The IESG <iesg@ietf.org>
X-Test-IDTracker: no
X-IETF-IDTracker: 6.19.0
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <20160420214545.800.62731.idtracker@ietfa.amsl.com>
Date: Wed, 20 Apr 2016 14:45:45 -0700
Archived-At: <http://mailarchive.ietf.org/arch/msg/dane/zp00CbBb-P0jKWj8MB7xrPIQvNE>
Cc: draft-ietf-dane-openpgpkey@ietf.org, dane-chairs@ietf.org, dane@ietf.org
Subject: [dane] Alissa Cooper's No Objection on draft-ietf-dane-openpgpkey-10: (with COMMENT)
X-BeenThere: dane@ietf.org
X-Mailman-Version: 2.1.17
List-Id: DNS-based Authentication of Named Entities <dane.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dane>, <mailto:dane-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dane/>
List-Post: <mailto:dane@ietf.org>
List-Help: <mailto:dane-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dane>, <mailto:dane-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 20 Apr 2016 21:45:45 -0000
Alissa Cooper has entered the following ballot position for draft-ietf-dane-openpgpkey-10: No Objection When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html for more information about IESG DISCUSS and COMMENT positions. The document, along with other ballot positions, can be found here: https://datatracker.ietf.org/doc/draft-ietf-dane-openpgpkey/ ---------------------------------------------------------------------- COMMENT: ---------------------------------------------------------------------- I know there has been a lot of list discussion of this draft so I apologize if these issues have already been discussed before. I think if this sees any sizable deployment, it will be trivial for attackers to use it to harvest email addresses from the DNS. Section 7.4 therefore seems to be quite misleading. I don't see why a zone walk is necessary to do this kind of harvesting when an attacker could just send one query per entry in its dictionary. I think it would be more accurate to say that by using this mechanism, people are effectively making their email addresses public. I also think the mechanism could facilitate pervasive monitoring as described in RFC 7258, as it potentially makes a whole class of entities (resolvers) into repositories of detailed data about who has communicated with whom via email. To the extent that large DNS providers keep logs about individual queries, it seems like those logs could become prime attack targets. The mechanism specified here can obviously help mitigate pervasive monitoring in other ways, but I think the draft needs to be up front about the trade-offs between potentially exposing metadata to a wider pool of entities and attackers in exchange for more easily being able to protect content.
- [dane] Alissa Cooper's No Objection on draft-ietf… Alissa Cooper
- Re: [dane] Alissa Cooper's No Objection on draft-… John Levine
- Re: [dane] Alissa Cooper's No Objection on draft-… Paul Wouters
- Re: [dane] Alissa Cooper's No Objection on draft-… Stephen Farrell