Re: [dns-privacy] Datatracker State Update Notice: <draft-ietf-dprive-rfc7626-bis-04.txt>
Stephane Bortzmeyer <bortzmeyer@nic.fr> Tue, 12 May 2020 15:38 UTC
Return-Path: <stephane@sources.org>
X-Original-To: dns-privacy@ietfa.amsl.com
Delivered-To: dns-privacy@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8EB3A3A0B3F; Tue, 12 May 2020 08:38:11 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.649
X-Spam-Level:
X-Spam-Status: No, score=-1.649 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HEADER_FROM_DIFFERENT_DOMAINS=0.25, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id epUaDK7IfwMD; Tue, 12 May 2020 08:38:09 -0700 (PDT)
Received: from ayla.bortzmeyer.org (ayla.bortzmeyer.org [IPv6:2001:4b98:dc0:41:216:3eff:fe27:3d3f]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 557C83A0B38; Tue, 12 May 2020 08:38:09 -0700 (PDT)
Received: by ayla.bortzmeyer.org (Postfix, from userid 10) id 5B70DA027B; Tue, 12 May 2020 17:38:07 +0200 (CEST)
Received: by mail.sources.org (Postfix, from userid 1000) id 590C5CB75F; Tue, 12 May 2020 17:33:45 +0200 (CEST)
Date: Tue, 12 May 2020 17:33:45 +0200
From: Stephane Bortzmeyer <bortzmeyer@nic.fr>
To: Christian Huitema <huitema@huitema.net>
Cc: Sara Dickinson <sara@sinodun.com>, Eric Rescorla <ekr@rtfm.com>, "dns-privacy@ietf.org" <dns-privacy@ietf.org>, "Eric Vyncke (evyncke)" <evyncke@cisco.com>, "draft-ietf-dprive-rfc7626-bis@ietf.org" <draft-ietf-dprive-rfc7626-bis@ietf.org>, "dprive-chairs@ietf.org" <dprive-chairs@ietf.org>
Message-ID: <20200512153345.GB13200@sources.org>
References: <3345FB83-A19A-4542-8A8E-C535884B157F@sinodun.com> <CABcZeBPP6J=a=hW6BLcMnKawupa3RjjpYAzgZ317=ryLy39n+A@mail.gmail.com> <8CEFE3CB-A88C-4BBC-95B8-9850142DB5EE@sinodun.com> <CABcZeBPF41eq-HYXdYScx7bqYyUO7-oH6zWKqj7Ka23u8x_E4A@mail.gmail.com> <ACA9854E-00B7-4776-A850-E5069C672121@cisco.com> <CABcZeBOxN7iNTLFUw7JDc4ZGH_u4awys3g52de29CuOyQv2JUQ@mail.gmail.com> <C8B168D0-F719-405F-892F-14573A7C568D@sinodun.com> <CABcZeBPGAgqSPKWXKaL6kK5CYzgK+RmwFrMwhc6ED7aGnV_ayA@mail.gmail.com> <8AB227E2-F968-47C4-9EB6-40A988263892@sinodun.com> <4fc44293-cdd9-24b7-cf26-1451a3652f73@huitema.net>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <4fc44293-cdd9-24b7-cf26-1451a3652f73@huitema.net>
X-Transport: UUCP rules
X-Operating-System: Debian GNU/Linux 10.3
X-Charlie: Je suis Charlie
User-Agent: Mutt/1.10.1 (2018-07-13)
Archived-At: <https://mailarchive.ietf.org/arch/msg/dns-privacy/8TWlayR7vjucNOz-AR9oBJaWSnM>
Subject: Re: [dns-privacy] Datatracker State Update Notice: <draft-ietf-dprive-rfc7626-bis-04.txt>
X-BeenThere: dns-privacy@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <dns-privacy.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dns-privacy/>
List-Post: <mailto:dns-privacy@ietf.org>
List-Help: <mailto:dns-privacy-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 12 May 2020 15:38:12 -0000
On Mon, May 11, 2020 at 12:35:11PM -0700, Christian Huitema <huitema@huitema.net> wrote a message of 294 lines which said: > The paragraph in section 5.1 seems to imply that embedding a > recursive resolver in the end point or close to reduces the privacy > attack surface: Note that it was already in RFC 7626 (which does not mean it was right). I agree with you that there is a weakness in the reasoning (a sniffer located between such a resolver and the rest of the Internet would see a lot since a one-user resolver may have little caching). I think the problem is that the RFC (in 7626-ter?) should better separate upstream surveillance (before the resolver), downstream surveillance (after the resolver) and internal surveillance (inside the resolver). Using a in-host resolver decreases upstream surveillance and suppresses internal surveillance, but does little for downstream surveillance (because of limited caching). Using a remote resolver with DoT or DoH to reach it may expose to internal surveillance (if the trust in this resolver is misplaced) but decreases upstream and downstream (because of caching) surveillance. > At a minimum, I would like to see a forward pointer to section 6.2 > in the recursive resolver on device paragraph. A general warning > that this is a trade-off would be nice too. I agree and I suggest "As it is often the case with privacy, there is a trade-off here. A local (to the user's machine or LAN) resolver reduces the risk that the resolver's administrator read the user's DNS traffic, but it does not protect a lot against later sniffing, done at the place where the resolver talks with authoritative name servers." > I found the discussion of application embedded resolvers bizarre. See <https://mailarchive.ietf.org/arch/msg/dns-privacy/ZATyqXQ6ccNHTqsMpbq__3a72WM> I know think that it is indeed on the wrong track. > In a modern environment, the concept of host is very fuzzy. We get all > kinds of special devices. We also get containers or virtual machines > running inside hosts. A browser is in practice such a container. I agree that OSvsApplication it should not be in this draft. > As for section 6.1.1.2, I would scratch most of it, I completely agree.
- [dns-privacy] Datatracker State Update Notice: <d… IETF Secretariat
- Re: [dns-privacy] Datatracker State Update Notice… Eric Vyncke (evyncke)
- Re: [dns-privacy] Datatracker State Update Notice… Eric Rescorla
- Re: [dns-privacy] Datatracker State Update Notice… Eric Rescorla
- Re: [dns-privacy] Datatracker State Update Notice… Vittorio Bertola
- Re: [dns-privacy] Datatracker State Update Notice… Eric Rescorla
- Re: [dns-privacy] Datatracker State Update Notice… Sara Dickinson
- Re: [dns-privacy] Datatracker State Update Notice… Sara Dickinson
- Re: [dns-privacy] Datatracker State Update Notice… Vittorio Bertola
- Re: [dns-privacy] Datatracker State Update Notice… Eric Rescorla
- Re: [dns-privacy] Datatracker State Update Notice… Sara Dickinson
- Re: [dns-privacy] Datatracker State Update Notice… Sara Dickinson
- Re: [dns-privacy] Datatracker State Update Notice… Eric Rescorla
- Re: [dns-privacy] Datatracker State Update Notice… Brian Dickson
- Re: [dns-privacy] Datatracker State Update Notice… Eric Rescorla
- Re: [dns-privacy] Datatracker State Update Notice… Stephen Farrell
- Re: [dns-privacy] Datatracker State Update Notice… Sara Dickinson
- Re: [dns-privacy] Datatracker State Update Notice… Vittorio Bertola
- Re: [dns-privacy] Datatracker State Update Notice… Sara Dickinson
- Re: [dns-privacy] Datatracker State Update Notice… Eric Rescorla
- Re: [dns-privacy] Datatracker State Update Notice… Sara Dickinson
- Re: [dns-privacy] Datatracker State Update Notice… Eric Rescorla
- Re: [dns-privacy] Datatracker State Update Notice… Brian Dickson
- Re: [dns-privacy] Datatracker State Update Notice… Eric Rescorla
- Re: [dns-privacy] Datatracker State Update Notice… Brian Dickson
- Re: [dns-privacy] Datatracker State Update Notice… Jim Reid
- Re: [dns-privacy] Datatracker State Update Notice… Brian Dickson
- Re: [dns-privacy] Datatracker State Update Notice… Eric Rescorla
- Re: [dns-privacy] Datatracker State Update Notice… Tony Finch
- Re: [dns-privacy] Datatracker State Update Notice… Sara Dickinson
- Re: [dns-privacy] Datatracker State Update Notice… Eric Rescorla
- Re: [dns-privacy] Datatracker State Update Notice… Vittorio Bertola
- Re: [dns-privacy] Datatracker State Update Notice… Eric Rescorla
- Re: [dns-privacy] Datatracker State Update Notice… Eric Orth
- Re: [dns-privacy] Datatracker State Update Notice… Sara Dickinson
- Re: [dns-privacy] Datatracker State Update Notice… Eric Orth
- Re: [dns-privacy] Datatracker State Update Notice… Sara Dickinson
- Re: [dns-privacy] [EXT] Re: Datatracker State Upd… Vittorio Bertola
- Re: [dns-privacy] Datatracker State Update Notice… Eric Rescorla
- Re: [dns-privacy] Datatracker State Update Notice… Sara Dickinson
- Re: [dns-privacy] Datatracker State Update Notice… Eric Rescorla
- Re: [dns-privacy] Datatracker State Update Notice… Sara Dickinson
- Re: [dns-privacy] Datatracker State Update Notice… Sara Dickinson
- Re: [dns-privacy] Datatracker State Update Notice… Eric Vyncke (evyncke)
- Re: [dns-privacy] Datatracker State Update Notice… Eric Rescorla
- Re: [dns-privacy] Datatracker State Update Notice… Sara Dickinson
- Re: [dns-privacy] Datatracker State Update Notice… Eric Rescorla
- Re: [dns-privacy] Datatracker State Update Notice… Sara Dickinson
- Re: [dns-privacy] Datatracker State Update Notice… Christian Huitema
- Re: [dns-privacy] Datatracker State Update Notice… Vittorio Bertola
- Re: [dns-privacy] Datatracker State Update Notice… Stephane Bortzmeyer
- Re: [dns-privacy] Datatracker State Update Notice… Stephane Bortzmeyer
- Re: [dns-privacy] Datatracker State Update Notice… Ben Schwartz
- Re: [dns-privacy] Datatracker State Update Notice… Vittorio Bertola
- Re: [dns-privacy] Datatracker State Update Notice… Vittorio Bertola
- Re: [dns-privacy] Datatracker State Update Notice… S Moonesamy
- Re: [dns-privacy] Datatracker State Update Notice… Andrew Campling
- Re: [dns-privacy] Datatracker State Update Notice… Andrew Campling
- Re: [dns-privacy] Datatracker State Update Notice… Christian Huitema
- Re: [dns-privacy] Datatracker State Update Notice… Brian Dickson
- Re: [dns-privacy] Datatracker State Update Notice… Rob Sayre