IETF Logo Mail Archive

Re: [dns-privacy] [Last-Call] last call review of draft-ietf-dprive-rfc7626-bis-03

Eric Rescorla <ekr@rtfm.com> Thu, 09 January 2020 18:30 UTC

Return-Path: <ekr@rtfm.com>
X-Original-To: dns-privacy@ietfa.amsl.com
Delivered-To: dns-privacy@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3CEFB1202DD for <dns-privacy@ietfa.amsl.com>; Thu, 9 Jan 2020 10:30:11 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.897
X-Spam-Level:
X-Spam-Status: No, score=-1.897 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_NONE=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=rtfm-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id A5_mdHdR80vS for <dns-privacy@ietfa.amsl.com>; Thu, 9 Jan 2020 10:30:08 -0800 (PST)
Received: from mail-lj1-x229.google.com (mail-lj1-x229.google.com [IPv6:2a00:1450:4864:20::229]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EFCD3120822 for <dns-privacy@ietf.org>; Thu, 9 Jan 2020 10:30:07 -0800 (PST)
Received: by mail-lj1-x229.google.com with SMTP id o13so8312278ljg.4 for <dns-privacy@ietf.org>; Thu, 09 Jan 2020 10:30:07 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rtfm-com.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=RNEHPOl37n8uq9NJyD6VdfNxwp7FZ4wlarI8/R85tGc=; b=xB+aeFbiBFTJmgINV81gSFmfhGqwokp1STOJOh+eB0lvQgE4oJWWn45YepcI9wQbTo eEm3MevyxZw/IMqchvMAe/KpuqSYd7BipqxnVAbK1l9FP0m+26tZbtSNzkFJCaOJvJE3 z91jBDN0H4ZRwq0KWwYBTdYC8e5z2QEa9j7luoRlivRWV6IbaOw5ZeCCSP45NeD3lgPP wiZVBhhqh7eO3uJWttmYRPALZBrNAG0oDxqlpHCLwidcHZNFG3pYbl53BT6sC64A0kIj Ogmdf/PF9dDu698sHfhLjf+xEnwqHi0EBCRDH7vwSkGPpxugQIcDhKDDpKkAp9zHy+Yw Cy0A==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=RNEHPOl37n8uq9NJyD6VdfNxwp7FZ4wlarI8/R85tGc=; b=GfxYLe5K+NKotIl2ad+lDFt4GtsK4UDDU+kNd7FASiEN+CLC7EoyJw5p0wGhA15dCf QRSpVlifjnKIq6uNUDd975OM9dPa9AUzu6A0TYF58Y8z2kWwoHgMObh11DuM0yOe/qqT udcWlUAgW+Pl8cREzx2cXf+NyPtzGILfA0N1JMtJgn726ohuKEkJhc5f3gxm0EBFSU3r 1nAKmKP9mqau55rquUM9QUqjtohdsSI5lcvFz4bvJAzNF5mQIMwU8y+mtC2RnR8yN5+F CC8nFA4ZjXtW5VkE1y7P1ecHdGKEB9RsNQsCWFHxntvlvZAvyP+UucUjUq/d/bMF8s7g LdUA==
X-Gm-Message-State: APjAAAWvoR9cYJ9IJm+AyK7xzuRMAhbOsYKJYOsK8wzW9CiQ2yk5Sqqo 65kUcwIWHsNEsn+skU0iA+WV0IEDqmnfd0+qySqJjA==
X-Google-Smtp-Source: APXvYqyBAissVTlh1r8x2Am9bXBjdQvFWD/sgzMW8ym4RRQJXHn/+bF7evTwNoDKEiEqnULWaQdGUh17NKe+CTg6X1Y=
X-Received: by 2002:a2e:88c5:: with SMTP id a5mr7555542ljk.201.1578594606214; Thu, 09 Jan 2020 10:30:06 -0800 (PST)
MIME-Version: 1.0
References: <157504194893.4871.5551746255324168227@ietfa.amsl.com> <208AD30F-1213-4784-81FC-4AB76730CEC2@sinodun.com> <a02720cf-01b3-d61a-94d2-b3d0a399f107@cs.tcd.ie> <20191223220509.GK35479@kduck.mit.edu> <CAChr6SyAhA8V7AQHC67vTEmHWgd+gMzM-ZtFTkBDUhsvVQEC8A@mail.gmail.com> <614B534F-D62D-432C-A3E5-A01D9BF972AA@sinodun.com> <CAChr6SzbtzYPa8D6yFv+f74==6JFQtM+BVyPKR8NAiBG0p-icQ@mail.gmail.com> <187F7041-9537-4767-A824-DA8103356570@sinodun.com>
In-Reply-To: <187F7041-9537-4767-A824-DA8103356570@sinodun.com>
From: Eric Rescorla <ekr@rtfm.com>
Date: Thu, 09 Jan 2020 10:29:29 -0800
Message-ID: <CABcZeBNscStJzpqZfmjstLFYtuvfKc2TMicK6xbag=DbztafCQ@mail.gmail.com>
To: Sara Dickinson <sara@sinodun.com>
Cc: Rob Sayre <sayrer@gmail.com>, last-call@ietf.org, DNS Privacy Working Group <dns-privacy@ietf.org>, draft-ietf-dprive-rfc7626-bis.all@ietf.org
Content-Type: multipart/alternative; boundary="000000000000bf817f059bb93238"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dns-privacy/3IE6auaB436fGB6e1P37R3PYIC0>
Subject: Re: [dns-privacy] [Last-Call] last call review of draft-ietf-dprive-rfc7626-bis-03
X-BeenThere: dns-privacy@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <dns-privacy.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dns-privacy/>
List-Post: <mailto:dns-privacy@ietf.org>
List-Help: <mailto:dns-privacy-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 09 Jan 2020 18:30:14 -0000

On Thu, Jan 9, 2020 at 10:02 AM Sara Dickinson <sara@sinodun.com> wrote:

>
>
> On 7 Jan 2020, at 22:08, Rob Sayre <sayrer@gmail.com> wrote:
>
> On Tue, Jan 7, 2020 at 10:35 AM Sara Dickinson <sara@sinodun.com> wrote:
>
>>
>> >
>> > Secondly, I found the entire section "3.5.1.5.2.  DoH Specific
>> Considerations" to be objectionable, and recommend removing it. It mentions
>> many concerns that are better covered in RFC 8484 and/or HTTP RFCs, and
>> contrasts DoH with DoT in ways that are specious. Both TLS and HTTP allow
>> extension fields and metadata, so there's nothing unique to DoH here
>> (source: I've implemented DoH and ESNI clients). The entire section amounts
>> to a description of fields that privacy conscious DoH clients /might/ send
>> if they were poorly implemented. But it seems strange to stop there..
>> Implementation quality ratholes can go on for a while: for example, the
>> document doesn't mention the numerous problems with today's TLS, PKI, and
>> BGP infrastructure that apply to both DoT and DoH.
>>
>> As mentioned since this document is an analysis of the privacy
>> considerations of actually _using_ DNS (not just the protocol definitions)
>> then privacy considerations raised by poor implementations seem entirely in
>> scope. The document does also discuss such issues with TLS,
>
>
> The document contains the text:
>
>   "DoT, for example, would normally contain no client identifiers above
>    the TLS layer and a resolver would see only a stream of DNS query
>    payloads originating within one or more connections from a client IP
>    address.  Whereas if DoH clients commonly include several headers in
>    a DNS message'
>
> Doesn't this just mean "if the DoT client is a good implementation, and
> the DoH client is not...” ?
>
>
> It means a standards compliant DoT implementation will have no client
> identifiers, a standards compliant DoH implementation is free to (and
> likely) to include them.
>

[Citation needed]

-Ekr


>
> I think the Section 8.2 of RFC8484 states this problem better. Why do we
> need this section?
>
> https://tools.ietf.org/html/rfc8484#section-8.2
>
>
> As others have mentioned - this document gives an overall discussion of
> privacy across all DNS protocols, RFC8484 is focussed on the DoH specific
> aspects.
>
>
>
>
>> ones with PKI and PGP are clearly out of scope for this document.
>>
>
> I didn't mention PGP--I was talking about misrouting (BGP). I disagree
> that they are out of scope. Most of the larger TLS use cases rely on PKI.
>
>
> I meant BGP - it was a typo.  Section 2 currently states:
>
> “The privacy risks associated with the use of other protocols, e.g.,
>    unencrypted TLS SNI extensions or HTTPS destination IP address
>    fingerprinting are not considered here.”
>
> Sara.
>
>
> _______________________________________________
> dns-privacy mailing list
> dns-privacy@ietf.org
> https://www.ietf.org/mailman/listinfo/dns-privacy
>

v2.23.0 | Report a Bug | By Email