IETF Logo Mail Archive

[dns-privacy] Direction of draft-mayrhofer-edns0-padding

Alexander Mayrhofer <alexander.mayrhofer@nic.at> Wed, 29 July 2015 12:28 UTC

Return-Path: <alexander.mayrhofer@nic.at>
X-Original-To: dns-privacy@ietfa.amsl.com
Delivered-To: dns-privacy@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1B2B91A8943 for <dns-privacy@ietfa.amsl.com>; Wed, 29 Jul 2015 05:28:49 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.842
X-Spam-Level:
X-Spam-Status: No, score=-3.842 tagged_above=-999 required=5 tests=[BAYES_40=-0.001, HELO_EQ_AT=0.424, HOST_EQ_AT=0.745, RCVD_IN_DNSWL_HI=-5, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tlsVA5bZ_DhQ for <dns-privacy@ietfa.amsl.com>; Wed, 29 Jul 2015 05:28:47 -0700 (PDT)
Received: from mail.sbg.nic.at (mail.sbg.nic.at [83.136.33.227]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 48F1C1A870A for <dns-privacy@ietf.org>; Wed, 29 Jul 2015 05:28:46 -0700 (PDT)
Received: from nics-exch2.sbg.nic.at ([10.17.175.6]) by mail.sbg.nic.at with XWall v3.50 ; Wed, 29 Jul 2015 14:28:44 +0200
Received: from NICS-EXCH2.sbg.nic.at ([fe80::a5b2:6e42:e54d:9d57]) by NICS-EXCH2.sbg.nic.at ([fe80::a5b2:6e42:e54d:9d57%12]) with mapi id 14.03.0248.002; Wed, 29 Jul 2015 14:28:42 +0200
From: Alexander Mayrhofer <alexander.mayrhofer@nic.at>
To: "dns-privacy@ietf.org" <dns-privacy@ietf.org>
Thread-Topic: Direction of draft-mayrhofer-edns0-padding
Thread-Index: AdDJ+Pf3uf9WD1K6QVOV2qkBDDGzJw==
Date: Wed, 29 Jul 2015 12:28:41 +0000
Message-ID: <19F54F2956911544A32543B8A9BDE075468A9354@NICS-EXCH2.sbg.nic.at>
Accept-Language: en-US, de-DE
Content-Language: de-DE
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.10.0.163]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-XWALL-BCKS: auto
Archived-At: <http://mailarchive.ietf.org/arch/msg/dns-privacy/6Tj0T3Q6co4GTyjDbhTNnuixTCY>
Subject: [dns-privacy] Direction of draft-mayrhofer-edns0-padding
X-BeenThere: dns-privacy@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: <dns-privacy.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dns-privacy/>
List-Post: <mailto:dns-privacy@ietf.org>
List-Help: <mailto:dns-privacy-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 29 Jul 2015 12:28:49 -0000

Hi,

I'm working through my notes from the DPRIVE session regarding the EDNS0 Padding option. My takeaway was as follows:

- Generally, this seems to be a reasonable idea
- Besides the use to evade size-based message correlation, this could also be useful in other cases, eg. "proof of work" for clients when requesting larger packets (Peter K.)
- However, the draft should only specify the option itself, and not indulge into the various usage scenarios
- The EDNS0 assignment policy is Speficiation Required / Expert Review, hence does not necessarily require an RFC
- The preferred way forward is individual draft, AD-sponsored.
- Discussion can continue on the DPRIVE list

Regarding the actual contents of the draft, my takeaway was:

- Is "1" the right minimum length for the option? Why not "0"?
- Padding must obviously not exceed the announced EDNS0 packet size - some words about that
- No consideration is required whether or not a server may pad, because clients are required to ignore unknown options anyways.
- The Security considerations section needs more work.

Is that in line with the perception of the WG members? Anything I forgot to mention / consider?

Thanks,
Alex

v2.23.0 | Report a Bug | By Email