[dns-privacy] DNS Privacy requirements and PRIVATE-DNS
Phillip Hallam-Baker <hallam@gmail.com> Fri, 21 March 2014 21:16 UTC
Return-Path: <hallam@gmail.com>
X-Original-To: dns-privacy@ietfa.amsl.com
Delivered-To: dns-privacy@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DC5A31A08D0 for <dns-privacy@ietfa.amsl.com>; Fri, 21 Mar 2014 14:16:19 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id AQknPJK0X_R1 for <dns-privacy@ietfa.amsl.com>; Fri, 21 Mar 2014 14:16:17 -0700 (PDT)
Received: from mail-lb0-x22c.google.com (mail-lb0-x22c.google.com [IPv6:2a00:1450:4010:c04::22c]) by ietfa.amsl.com (Postfix) with ESMTP id 5925A1A08F5 for <dns-privacy@ietf.org>; Fri, 21 Mar 2014 14:16:17 -0700 (PDT)
Received: by mail-lb0-f172.google.com with SMTP id c11so2074534lbj.31 for <dns-privacy@ietf.org>; Fri, 21 Mar 2014 14:16:07 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:date:message-id:subject:from:to:content-type; bh=PzzwmQ1dmH5FoB2Ql1G3YaYHhtrx3Z7hCzmyEs6HRrI=; b=IdkrH9PvqDGPktPjdUezlhs7Pr2jeRgh2vel+t4Dcel9XAR43CG/NEbKuJ7ON5NZqK eEQKL4i8VR5YQ9KlXLBeyPeVjyfQQY0U0aqmcy/mJXquvo+f4kySEm6V+H3Hv7AmlUiJ rDatx728M4E/4fMs51Caa/XN412x0Pm6DpXKnZ96lML2UL6G5q/u2347gWQ7gDpdfBCk 4gFieGxp1uzbaMaquxHBJPSkh/6z2TVgYM4okfNRKtIa5Q1FOjdhJAm0+EHFMJ2tDSpP kRB3zJehL2M9rOM5vz9XoLv3+VIlWunvxXvwjPeLDWKF3bJn5OVLMmptKQ6zD5QNof1L 5F2w==
MIME-Version: 1.0
X-Received: by 10.152.42.144 with SMTP id o16mr35838913lal.9.1395436567022; Fri, 21 Mar 2014 14:16:07 -0700 (PDT)
Received: by 10.112.234.229 with HTTP; Fri, 21 Mar 2014 14:16:06 -0700 (PDT)
Date: Fri, 21 Mar 2014 17:16:06 -0400
Message-ID: <CAMm+Lwi2k2qY_+=CVAPyVCBG7Sc0-ME0W=UoPs7qm09TU-YpMw@mail.gmail.com>
From: Phillip Hallam-Baker <hallam@gmail.com>
To: dns-privacy@ietf.org
Content-Type: text/plain; charset="ISO-8859-1"
Archived-At: http://mailarchive.ietf.org/arch/msg/dns-privacy/5IsVXwUI0PQsjMtVXZTMDlIx6aA
Subject: [dns-privacy] DNS Privacy requirements and PRIVATE-DNS
X-BeenThere: dns-privacy@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: <dns-privacy.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dns-privacy/>
List-Post: <mailto:dns-privacy@ietf.org>
List-Help: <mailto:dns-privacy-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 21 Mar 2014 21:16:20 -0000
I have a first cut of a use cases and requirements draft. It also contains a description of my proposed solution. http://www.ietf.org/id/draft-hallambaker-dnse-00.txt I have not gone through and audited the proposal against the requirements but I am pretty sure it meets them all. The key is the division of the problem between the service connection service and the query hosts. If we divide up the problem that way so that the two are independent services that can be implemented separately if desired, I have enough flexibility to meet pretty much any set of requirements people want to throw at it. And none of the consequences show through the query host part. So looking at the way this might deploy on a service like dnsbycomodo.com, the dns publication constellation does not need to be affected very much. All I need to do is to rack up some Service Connection hosts that can handle the new work. I have to deploy the new message encapsulation format for the query hosts but that just means doing a few simple symmetric crypto steps on each request. I don't think its going to affect the server load at all. -- Website: http://hallambaker.com/
- [dns-privacy] DNS Privacy requirements and PRIVAT… Phillip Hallam-Baker
- Re: [dns-privacy] DNS Privacy requirements and PR… Hosnieh Rafiee
- Re: [dns-privacy] DNS Privacy requirements and PR… Phillip Hallam-Baker
- Re: [dns-privacy] DNS Privacy requirements and PR… Hosnieh Rafiee
- Re: [dns-privacy] DNS Privacy requirements and PR… Phillip Hallam-Baker
- Re: [dns-privacy] DNS Privacy requirements and PR… Stephane Bortzmeyer