[dns-privacy] Presenting draft-dkgjsal-dprive-unilateral-probing
Joey Salazar <joeygsal@gmail.com> Fri, 05 November 2021 15:52 UTC
Return-Path: <joeygsal@gmail.com>
X-Original-To: dns-privacy@ietfa.amsl.com
Delivered-To: dns-privacy@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5882E3A10E8 for <dns-privacy@ietfa.amsl.com>; Fri, 5 Nov 2021 08:52:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id N5jZUj3XGqqB for <dns-privacy@ietfa.amsl.com>; Fri, 5 Nov 2021 08:52:37 -0700 (PDT)
Received: from mail-ua1-x92c.google.com (mail-ua1-x92c.google.com [IPv6:2607:f8b0:4864:20::92c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D1CCD3A10E5 for <dns-privacy@ietf.org>; Fri, 5 Nov 2021 08:52:36 -0700 (PDT)
Received: by mail-ua1-x92c.google.com with SMTP id b3so17958753uam.1 for <dns-privacy@ietf.org>; Fri, 05 Nov 2021 08:52:36 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=mime-version:from:date:message-id:subject:to:cc; bh=17UJQ2n0e4q3rwDPT6B5yvKWlGruJKENq0Nj3n8miwU=; b=JRWgJ3SsxX0Pw6+mlDH9CYhPR7+yaZjbLIKVGAb9Q5Dho+33T1cMfTMRQZBXR8UnPM vKzyoWUqk5Y3QgnHi2BoqRjvlhfKAgreMSfC/QidC6A7rw5I7ABxED9UABUPlKCsL9hY PWtuhengNtLLQHGE4BV+KDvdul4FZ2JasCaOd+Iv6wL5/Qrc0WnV47MhY57f0GYgvJ0j Qk6Il25fhFGUYHbumfh0cXMYgz09YXhycGNUbVOMmiY42sqf/dxj2ScAM78MWmRn4EpE NK4NqiK2XlEeP02TfF4YLiUJK7QaPAf9couHzI0RfX4vkKFa+/aLu2Yn0q+iFLVLsd+b EkAw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:from:date:message-id:subject:to:cc; bh=17UJQ2n0e4q3rwDPT6B5yvKWlGruJKENq0Nj3n8miwU=; b=z9aCZCvcKKSPINS3blvvyTVMMRHVlVK+rhaVYnADmxEvbbO39pUArfLVIqcPdy3WTD vSS9aVvLVMPiHsAiydKyjwODwRu4I9XEPBybF6ug0obImQrUrH0YhP061vRJxQcnXaax 0RTqFVdk0uIh++JKhRA8W6CxlHe3gKMUE2WcHw6p33mr6wQLGLKd8DTZvjjHcejFb8Cc mSmyejpvoyIF1c5izoPRJW3JYPdmZMWYXrnP+gEPbNriEXS94/XU/G6g1gILexMqIDW4 sHjbv4wJFCiGbMKlSdSjBzNXHRCBQSdMOZlduy/1ZbsGUp7pa1hFihci7dSqj6eDjE84 6MXg==
X-Gm-Message-State: AOAM530txRRNpnnAk1SivtCaEpTCFmQBpcJJvplNSIntxiKQVuagJ0hu 9D5mcxPbqJykX3ZgIhwh4PWJssjeDzg1JHUAKcfeFFTcfgI=
X-Google-Smtp-Source: ABdhPJw6li9XKk2MbqdC9aMH9TY+E9Ggy1k8b2zt5nAX22h6At32y/TLjz4gr5MuaGzb9sgm/z2/lgPsOqixgLGp4E4=
X-Received: by 2002:a67:de88:: with SMTP id r8mr12984311vsk.15.1636127554407; Fri, 05 Nov 2021 08:52:34 -0700 (PDT)
MIME-Version: 1.0
From: Joey Salazar <joeygsal@gmail.com>
Date: Fri, 05 Nov 2021 16:54:30 +0100
Message-ID: <CAEhLraigpHAzit_EHwOSE7uS12Q4EngGpTsYgm_JVbZmVR82pg@mail.gmail.com>
To: dns-privacy@ietf.org
Cc: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Content-Type: multipart/alternative; boundary="000000000000b00f9805d00ca132"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dns-privacy/6d8aSQoUeP-uzQ_n8RqDGYFu_zc>
X-Mailman-Approved-At: Fri, 05 Nov 2021 09:17:45 -0700
Subject: [dns-privacy] Presenting draft-dkgjsal-dprive-unilateral-probing
X-BeenThere: dns-privacy@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Addition of privacy to the DNS protocol <dns-privacy.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dns-privacy/>
List-Post: <mailto:dns-privacy@ietf.org>
List-Help: <mailto:dns-privacy-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 05 Nov 2021 15:52:41 -0000
Hi dprive, dkg and I have been working on a draft [1] on unilateral, opportunistic DNS probing for encrypted connections between recursive resolvers and authoritative servers. We welcome the groups' feedback on the early work we have so far. [1] https://dkg.gitlab.io/dprive-unilateral-probing/ The draft's main difference from draft-ietf-dprive-unauth-to-authoritative is that we currently focus on probing instead of signaling; we're trying to define *how* to probe for encrypted transports in a way that is the most efficient (that is, that introduces the smallest costs to the participants in the ecosystem), without introducing any new protocol elements. >From drafting this proposal, we believe that signaling seems necessary for strong (authenticated) encryption, but we don't think that there is any reason to delay deployment of protection against passive observers while the WG hashes out the details of the signal. We also think this proposal highlights some of the most relevant factors potentially needed in the signal. We will present the work at the upcoming DPRIVE meeting at IETF 112 (Thursday Session I, 12:00-14:00 UTC). All your comments, critiques, and suggestions very much welcome, -- dkg and Joey
- [dns-privacy] Presenting draft-dkgjsal-dprive-uni… Joey Salazar
- Re: [dns-privacy] Presenting draft-dkgjsal-dprive… Joey Salazar