IETF Logo Mail Archive

Re: [dns-privacy] [SPAM] Re: New draft on encrypting the stub-to-resolver link: draft-hoffman-dns-tls-stub-00.txt

Carsten Strotmann <carsten@strotmann.de> Wed, 20 August 2014 05:29 UTC

Return-Path: <cas@strotmann.de>
X-Original-To: dns-privacy@ietfa.amsl.com
Delivered-To: dns-privacy@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AA3D21A8779 for <dns-privacy@ietfa.amsl.com>; Tue, 19 Aug 2014 22:29:16 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.809
X-Spam-Level:
X-Spam-Status: No, score=0.809 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HELO_EQ_DE=0.35, HELO_MISMATCH_DE=1.448, HOST_MISMATCH_NET=0.311, J_CHICKENPOX_21=0.6] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Fw8Dnk783J71 for <dns-privacy@ietfa.amsl.com>; Tue, 19 Aug 2014 22:29:15 -0700 (PDT)
Received: from csgate3.strotmann.de (cstrotm-1-pt.tunnel.tserv5.lon1.ipv6.he.net [IPv6:2001:470:1f08:f1d::2]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CB5AB1A8774 for <dns-privacy@ietf.org>; Tue, 19 Aug 2014 22:29:13 -0700 (PDT)
Received: from Carstens-MacBook-Pro.local (b9168e27.cgn.dg-w.de [185.22.142.39]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by csgate3.strotmann.de (Postfix) with ESMTPSA id DFFFA50ED; Wed, 20 Aug 2014 07:29:04 +0200 (CEST)
Received: by Carstens-MacBook-Pro.local (Postfix, from userid 501) id 1996C2533F55; Wed, 20 Aug 2014 07:29:08 +0200 (CEST)
References: <00ba01cfbbf9$d561f010$8025d030$@rozanak.com>
From: Carsten Strotmann <carsten@strotmann.de>
To: Hosnieh Rafiee <ietf@rozanak.com>
Date: Wed, 20 Aug 2014 07:20:08 +0200
In-reply-to: <00ba01cfbbf9$d561f010$8025d030$@rozanak.com>
Message-ID: <m2ppfv6863.fsf@strotmann.de>
MIME-Version: 1.0
Content-Type: text/plain
Archived-At: http://mailarchive.ietf.org/arch/msg/dns-privacy/At_hnyVcv7LzZyJ61u7aibNZ6b4
Cc: dns-privacy@ietf.org, 'Paul Wouters' <paul@nohats.ca>
Subject: Re: [dns-privacy] [SPAM] Re: New draft on encrypting the stub-to-resolver link: draft-hoffman-dns-tls-stub-00.txt
X-BeenThere: dns-privacy@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: <dns-privacy.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dns-privacy/>
List-Post: <mailto:dns-privacy@ietf.org>
List-Help: <mailto:dns-privacy-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 20 Aug 2014 05:29:16 -0000

Hello Hosnieh,

Hosnieh Rafiee writes:

> I change my story a bit based on some offlist discussions ...
>
> So the point 1 from summary email changes like this
> 1-  Opportunistic encryption is not appropriate for the privacy of stub
> resolver to recursive resolver scenario unless the node has a possibility to
> authenticate this resolver.
> If you think when your domain is signed by DNSSEC, a fake resolver cannot
> cause any problem for you, I gives you an example. You can argue with your
> own example.
>
> This is the scenario where there is no authentication but a  record is
> supposed to signed by a DNSSEC server. 
> A domain called www.example.com signed by DNSSEC A.  
> Client B wants to browse "www.example.com". 
> It asks the IP address of this from resolver C. Attacker D spoof the IP
> address of resolver C and response to this query with the IP address of his
> own server F. The client cannot verify this attacker in any case since it is
> only a stub resolver and dependent to a recursive resolver for query
> different authoritative DNS server in order to verify this DNSSEC server.
> This is why the stub resolver accepts whatever receives from this fake
> DNSSEC server. 
>
> So, either client B encrypt the queries send back and forth to the resolver,
> it ends to the case where the unwanted person can still eavesdrop this
> communication by directly answer to the node in place of resolver.
>
> In my opinion it does not matter whether this record is signed or encrypted,
> the stub resolver has no possibility to verify that record. So, an attacker
> can directly be in the middle of the communication and forward all the
> packets to his desire place. So DNSSEC in this stage or last mile does not
> help. 
>
>
>> > How can you sign DNSSEC data without being in the posession of the
>> > private signing key(s) all the way to the root?
>
> So based on the revision in item 1. I can also revise my answer here.
>
> I don't need to sign the DNSSEC data since the stub resolver is dependent to
> me (or a DNSSEC recursive resolver) to verify any other DNSSEC server. 
>

As the draft mentioned the stub-resolver cannot rely on the DNSSEC
validation of an un-authenticated, unknown DNS resolver. 

Either the stub-resolver, or the application, needs to do the DNSSEC
validation. While not widely deployed, this is possible today. 

For this local validation, the stub-resolver or the application has one
or more DNSSEC "well-known" trust-anchors (like the DNS root zone trust
anchor, or the ".de" zone trust anchor) pre-configured. The validation
does not rely on the any data received via the unautenticated DNS
resolver. The integrety of DNSSEC signed DNS zone data can always be
checked.

A malicious unauthenticated and unknown DNS resolver can stop all
communication by providing false DNS data, but the false data is always
detected.

DNSSEC validation does not rely on the the data received through the DNS
resolver, which might be malicious. The trust anchor is configured
before this communication, out-of-band, coming with the software or
manually configured.

-- Carsten
-- 
Sent with my mu4e

v2.23.0 | Report a Bug | By Email