IETF Logo Mail Archive

Re: [dns-privacy] [Fwd: [EXT] New Version Notification for draft-vandijk-dprive-ds-dot-signal-and-pin-01.txt]

Paul Wouters <paul@nohats.ca> Thu, 16 July 2020 19:29 UTC

Return-Path: <paul@nohats.ca>
X-Original-To: dns-privacy@ietfa.amsl.com
Delivered-To: dns-privacy@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 084043A0A26 for <dns-privacy@ietfa.amsl.com>; Thu, 16 Jul 2020 12:29:59 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=nohats.ca
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Q6rPvA-piGrm for <dns-privacy@ietfa.amsl.com>; Thu, 16 Jul 2020 12:29:57 -0700 (PDT)
Received: from mx.nohats.ca (mx.nohats.ca [193.110.157.68]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9012C3A09D1 for <dns-privacy@ietf.org>; Thu, 16 Jul 2020 12:29:56 -0700 (PDT)
Received: from localhost (localhost [IPv6:::1]) by mx.nohats.ca (Postfix) with ESMTP id 4B748K6wwhzFfw; Thu, 16 Jul 2020 21:29:53 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nohats.ca; s=default; t=1594927793; bh=ju/JFAxMPRlxsUZCOiwl3zxkHxKCavN1EBcWSMZc2gw=; h=Date:From:To:cc:Subject:In-Reply-To:References; b=FIboXgtLrRqpSnWm80M4vBQHTmqMrTXZxvy0bi0v4fVEvs+UzTfuLsTTdRedPUz03 lefh5zQj621tYEkM7VJ8fbD+oqBQqPEEsxI8savmdKcaGjqVscEn8tuTRv0+/zsfhc fNFz1pd9FYLR+k6zLVn4VIisJNran2nkX9rhZa0E=
X-Virus-Scanned: amavisd-new at mx.nohats.ca
Received: from mx.nohats.ca ([IPv6:::1]) by localhost (mx.nohats.ca [IPv6:::1]) (amavisd-new, port 10024) with ESMTP id GRIdqSFyb2vF; Thu, 16 Jul 2020 21:29:51 +0200 (CEST)
Received: from bofh.nohats.ca (unknown [193.110.157.194]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx.nohats.ca (Postfix) with ESMTPS; Thu, 16 Jul 2020 21:29:51 +0200 (CEST)
Received: by bofh.nohats.ca (Postfix, from userid 1000) id B182A6029BA2; Thu, 16 Jul 2020 15:29:49 -0400 (EDT)
Received: from localhost (localhost [127.0.0.1]) by bofh.nohats.ca (Postfix) with ESMTP id A8B44384C5; Thu, 16 Jul 2020 15:29:49 -0400 (EDT)
Date: Thu, 16 Jul 2020 15:29:49 -0400
From: Paul Wouters <paul@nohats.ca>
To: Peter van Dijk <peter.van.dijk@powerdns.com>
cc: dns-privacy@ietf.org, Viktor Dukhovni <ietf-dane@dukhovni.org>
In-Reply-To: <8be56d973ff1757fb6395b5b2abdf90fe73e02ec.camel@powerdns.com>
Message-ID: <alpine.LRH.2.23.451.2007161515100.32004@bofh.nohats.ca>
References: <159463003055.14524.9899091401351118756@ietfa.amsl.com> <8be56d973ff1757fb6395b5b2abdf90fe73e02ec.camel@powerdns.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="US-ASCII"; format="flowed"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dns-privacy/0F6YeJ3LZutEyeUDvgGTXekcyVU>
Subject: Re: [dns-privacy] [Fwd: [EXT] New Version Notification for draft-vandijk-dprive-ds-dot-signal-and-pin-01.txt]
X-BeenThere: dns-privacy@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <dns-privacy.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dns-privacy/>
List-Post: <mailto:dns-privacy@ietf.org>
List-Help: <mailto:dns-privacy-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 16 Jul 2020 19:29:59 -0000

On Mon, 13 Jul 2020, Peter van Dijk wrote:

> please find below revision -01 of our proposal for enabling DoT from
> resolver to authoritative.

DoT can be enabled regardless. This draft is not about enabling DoT.
It is about saving a few roundtrips getting the right keys in a trusted
method. With some caveats that go along with it.


> The value 257, meanwhile, is believed to go down with registries much easier.

What is that believe based on?

> * we added a 'Design considerations' section that explains how this
> protocol came to be, and why we did not go the TLSA route. You can
> click through to it directly via
> https://tools.ietf.org/html/draft-vandijk-dprive-ds-dot-signal-and-pin-01#section-9

It's not a good summary of the list discussion. I guess a draft isn't a
good place for that, but I don't see the concerns of me and Viktor
listed here at all.

    The biggest downside to this DS-based protocol is that a change in
    TLS keys on an auth may require DS updates for thousands or even
    hundreds of thousands of domains.  This issue is partially mitigated
    by allowing backup keys to be part of those DS sets.

I don't see how backup keys help here? If you have thousands of domains,
and one of them is unresponsble to DS updates, the auth server cannot
retire its key. With thousands of domains the change of that happening
very quickly goes to 100%. If you tell all of them to pre-publish a
backup (or really, new) key, then you are just postponing the problem
by one interation.

This solution simply cannot work at scale. At operating without scale
defeats the whole purpose of anonimity.

A much better solution is simply to use TLSA records at the nameservers.
Sure, your first domain incurs an extra RTT but that one RTT is made
back over all the domains hosted by that auth server. It leaves control
of the TLSA record where it belongs - at the owner of the Dot keypair.

A DS record can still be used to allow the child zone to make it
mandatory to use DoT or hardfail. But it does not (and should not)
have a public key embedded in it to do this.

A number of other items from our previous discussion I don't see back
here either, such as the discussion around CDS so that the client can
prevent a TLD scale size MITM DoT redirect from overruling its own
policy by the abusive parent playing its own DS DoT records against
the child's wishes. (And if I recall, you don't want to do this because
you are concerned about RTTs)

Paul



> Furthermore, we have tried to do a review of this protocol against the
> requirements of the DPRIVE phase 2 document.  You can find this review
> (which might be updated outside of revisions of this draft or the phase
> 2 draft) via
> https://github.com/PowerDNS/parent-signals-dot/tree/master/draft-vandijk-dprive-ds-dot-signal-and-pin/yardsticks
>
> We'll be presenting the draft at the IETF108 dprive session.
>
> Kind regards,
> Manu, Robin & Peter
>
> -------- Forwarded Message --------
> From: internet-drafts@ietf.org
> To: Robin Geuze <robing@transip.nl>, Peter van Dijk <
> peter.van.dijk@powerdns.com>, Emmanuel Bretelle <chantra@fb.com>
> Subject: [EXT] New Version Notification for draft-vandijk-dprive-ds-
> dot-signal-and-pin-01.txt
> Date: Mon, 13 Jul 2020 01:47:10 -0700
>
> A new version of I-D, draft-vandijk-dprive-ds-dot-signal-and-pin-01.txt
> has been successfully submitted by Peter van Dijk and posted to the
> IETF repository.
>
> Name:		draft-vandijk-dprive-ds-dot-signal-and-pin
> Revision:	01
> Title:		Signalling Authoritative DoT support in DS records, with key pinning
> Document date:	2020-07-13
> Group:		Individual Submission
> Pages:		14
> URL:            https://www.ietf.org/internet-drafts/draft-vandijk-dprive-ds-dot-signal-and-pin-01.txt
> Status:         https://datatracker.ietf.org/doc/draft-vandijk-dprive-ds-dot-signal-and-pin/
> Htmlized:       https://tools.ietf.org/html/draft-vandijk-dprive-ds-dot-signal-and-pin-01
> Htmlized:       https://datatracker.ietf.org/doc/html/draft-vandijk-dprive-ds-dot-signal-and-pin
> Diff:           https://www.ietf.org/rfcdiff?url2=draft-vandijk-dprive-ds-dot-signal-and-pin-01
>
> Abstract:
>   This document specifies a way to signal the usage of DoT, and the
>   pinned keys for that DoT usage, in authoritative servers.  This
>   signal lives on the parent side of delegations, in DS records.  To
>   ensure easy deployment, the signal is defined in terms of (C)DNSKEY.
>
>
>
>
> Please note that it may take a couple of minutes from the time of submission
> until the htmlized version and diff are available at tools.ietf.org.
>
> The IETF Secretariat
>
>
>
>
> _______________________________________________
> dns-privacy mailing list
> dns-privacy@ietf.org
> https://www.ietf.org/mailman/listinfo/dns-privacy
>

v2.23.0 | Report a Bug | By Email