IETF Logo Mail Archive

Re: [dns-privacy] [internet-drafts@ietf.org: I-D Action: draft-bortzmeyer-dprive-step-2-00.txt]

Shane Kerr <shane@time-travellers.org> Wed, 03 August 2016 13:28 UTC

Return-Path: <shane@time-travellers.org>
X-Original-To: dns-privacy@ietfa.amsl.com
Delivered-To: dns-privacy@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BDFD612D1A1 for <dns-privacy@ietfa.amsl.com>; Wed, 3 Aug 2016 06:28:19 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.902
X-Spam-Level:
X-Spam-Status: No, score=-1.902 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hlHsSIQ8Sv82 for <dns-privacy@ietfa.amsl.com>; Wed, 3 Aug 2016 06:28:18 -0700 (PDT)
Received: from time-travellers.nl.eu.org (c.time-travellers.nl.eu.org [IPv6:2a02:2770::21a:4aff:fea3:eeaa]) (using TLSv1.2 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6C58612DC51 for <dns-privacy@ietf.org>; Wed, 3 Aug 2016 06:26:12 -0700 (PDT)
Received: from [2001:470:78c8:2:224:9bff:fe13:3a9c] (helo=pallas.home.time-travellers.org) by time-travellers.nl.eu.org with esmtpsa (TLS1.2:RSA_AES_256_CBC_SHA1:256) (Exim 4.80) (envelope-from <shane@time-travellers.org>) id 1bUwBU-0002su-9Z; Wed, 03 Aug 2016 13:26:08 +0000
Date: Wed, 03 Aug 2016 15:26:08 +0200
From: Shane Kerr <shane@time-travellers.org>
To: Bob Harold <rharolde@umich.edu>
Message-ID: <20160803152608.282d965d@pallas.home.time-travellers.org>
In-Reply-To: <CA+nkc8CTpZumXUdbK=dEjDfsg87g2p-DSj9HUmC2T1XQx8p=8w@mail.gmail.com>
References: <20160718202546.GA6329@sources.org> <CA+nkc8DsBDxw--mL-PqOXeQ0rS2ui5wOdJ6fqwFSm3OsnrQkkw@mail.gmail.com> <20160719151803.GA21941@nic.fr> <CA+nkc8CTpZumXUdbK=dEjDfsg87g2p-DSj9HUmC2T1XQx8p=8w@mail.gmail.com>
X-Mailer: Claws Mail 3.13.2 (GTK+ 2.24.30; x86_64-pc-linux-gnu)
MIME-Version: 1.0
Content-Type: multipart/signed; micalg="pgp-sha1"; boundary="Sig_/S_G9ZGAZsp1PWu.LTMvJR5k"; protocol="application/pgp-signature"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dns-privacy/5eQE-ZMV2l14Ad4CrXjTpWLGG_4>
Cc: "dns-privacy@ietf.org" <dns-privacy@ietf.org>
Subject: Re: [dns-privacy] [internet-drafts@ietf.org: I-D Action: draft-bortzmeyer-dprive-step-2-00.txt]
X-BeenThere: dns-privacy@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: <dns-privacy.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dns-privacy/>
List-Post: <mailto:dns-privacy@ietf.org>
List-Help: <mailto:dns-privacy-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 03 Aug 2016 13:28:20 -0000

Bob,

At 2016-07-19 11:28:12 -0400
Bob Harold <rharolde@umich.edu> wrote:

> On Tue, Jul 19, 2016 at 11:18 AM, Stephane Bortzmeyer <bortzmeyer@nic.fr>
> wrote:
> 
> > On Tue, Jul 19, 2016 at 11:11:18AM -0400,
> >  Bob Harold <rharolde@umich.edu> wrote
> >  a message of 130 lines which said:
> >  
> > > I would think that "Key in DNS, authenticated by DNSSEC" would be
> > > the obvious choice.  
> >
> > It is mentioned, section 2.2.
> >
> > For the -00 version, I did not try to order ("obvious" or "best") the
> > choices. Feedback welcomed.
> >  
> 
> I was confused by the "bootstrap" issue, or why talk to port 953.  I was
> assuming normal unencrypted DNSSEC to get the key, and then encrypt the
> query that I wanted to protect.  I can see why some would want to try to
> make private getting the key, if possible, but it really complicates
> things, so I am not sure it is worth it.  (Just my opinion, of course.)

As Stephane says this is better than nothing, but it would be nice to
design a protocol that doesn't leak any information. Unfortunately the
bootstrapping issue is a tricky one.

A few other random thoughts...

While the draft mentions that resolvers are configured by IP address
and authoritative servers by name, actually when a resolver is talking
to an authoritative server it is actually using an IP address.

That implies a couple of possible solutions:

1. Using reverse DNS to get a key for the server.

There may be a slight boostrapping problem here too, but since there
are only 5 RIR that manage the reverse DNS some sort of hard-coded or
semi-hard-coded setup might be possible.

Unfortunately the operators for the space are often different from the
operators of the DNS, so this is often not a reasonable solution
administratively.

2. CGA-style keys.

In CGA, the IPv6 address encodes the public key in the lower 64-bits of
the address. So we can use the IPv6 address as the public key of the
servers.

This only works for IPv6, doesn't have (much) cryptographic agility,
and totally ignores any layering so much that it is a stretch to even
call it a layering violation. :)

----

Another way to resolve the bootstrapping problem may be to create a
record which lives in the parent, like a DS record. It could be
considered as a crytographic-glue.

Like an A or AAAA record, it would only be necessary for in-bailiwick
lookups.

Like a DS record, there are potential coordination issues between
parent and child. Also like DS, presumably it could be signed by the
parent and treated like a normal (non-delegation) record.

Also like the DS record, we use the pre-existing trusted channel
between the child and parent to get cryptographic information from the
child to the parent for use by resolvers.

Cheers,

--
Shane

v2.23.0 | Report a Bug | By Email