[dns-privacy] Benoit Claise's No Objection on draft-ietf-dprive-edns0-padding-02: (with COMMENT)
"Benoit Claise" <bclaise@cisco.com> Tue, 01 March 2016 09:04 UTC
Return-Path: <bclaise@cisco.com>
X-Original-To: dns-privacy@ietf.org
Delivered-To: dns-privacy@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 92CF21B3652; Tue, 1 Mar 2016 01:04:57 -0800 (PST)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: Benoit Claise <bclaise@cisco.com>
To: The IESG <iesg@ietf.org>
X-Test-IDTracker: no
X-IETF-IDTracker: 6.15.0
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <20160301090457.18057.61901.idtracker@ietfa.amsl.com>
Date: Tue, 01 Mar 2016 01:04:57 -0800
Archived-At: <http://mailarchive.ietf.org/arch/msg/dns-privacy/7SYXcs8r9UnF6anMJ3p0Vwj7oEY>
Cc: tjw.ietf@gmail.com, draft-ietf-dprive-edns0-padding@ietf.org, dns-privacy@ietf.org, dprive-chairs@ietf.org
Subject: [dns-privacy] Benoit Claise's No Objection on draft-ietf-dprive-edns0-padding-02: (with COMMENT)
X-BeenThere: dns-privacy@ietf.org
X-Mailman-Version: 2.1.15
List-Id: <dns-privacy.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dns-privacy/>
List-Post: <mailto:dns-privacy@ietf.org>
List-Help: <mailto:dns-privacy-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 01 Mar 2016 09:04:57 -0000
Benoit Claise has entered the following ballot position for draft-ietf-dprive-edns0-padding-02: No Objection When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html for more information about IESG DISCUSS and COMMENT positions. The document, along with other ballot positions, can be found here: https://datatracker.ietf.org/doc/draft-ietf-dprive-edns0-padding/ ---------------------------------------------------------------------- COMMENT: ---------------------------------------------------------------------- Looking at this logic ... Responders MUST pad DNS responses when the respective DNS query included the 'Padding' option, unless doing so would violate the maximum UDP payload size. Responders MAY pad DNS responses when the respective DNS query indicated EDNS(0) support of the Requestor. Responders MUST NOT pad DNS responses when the respective DNS query did not indicate EDNS(0). ... I believe we need to improve the second paragraph. Taken out of context of the first paragraph, it might be misleading. Responders MAY pad DNS responses when the respective DNS query indicated EDNS(0) support of the Requestor and the 'Padding' option is not included. Editorial: However, even if both DNS query and response messages were encrypted, meta data of could still be used to correlate such messages with well known unencrypted messages, hence jeopardizing some of the confidentiality gained by encryption. One such property is the message size. meta data of?
- [dns-privacy] Benoit Claise's No Objection on dra… Benoit Claise
- Re: [dns-privacy] Benoit Claise's No Objection on… Alexander Mayrhofer