Re: [dns-privacy] [Ext] Threat Model
Eric Rescorla <ekr@rtfm.com> Sun, 03 November 2019 02:02 UTC
Return-Path: <ekr@rtfm.com>
X-Original-To: dns-privacy@ietfa.amsl.com
Delivered-To: dns-privacy@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B4098120077 for <dns-privacy@ietfa.amsl.com>; Sat, 2 Nov 2019 19:02:03 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.897
X-Spam-Level:
X-Spam-Status: No, score=-1.897 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_NONE=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=rtfm-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id yv3CmeEMgvTA for <dns-privacy@ietfa.amsl.com>; Sat, 2 Nov 2019 19:02:01 -0700 (PDT)
Received: from mail-lj1-x234.google.com (mail-lj1-x234.google.com [IPv6:2a00:1450:4864:20::234]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E74BB120013 for <dns-privacy@ietf.org>; Sat, 2 Nov 2019 19:02:00 -0700 (PDT)
Received: by mail-lj1-x234.google.com with SMTP id m9so13910673ljh.8 for <dns-privacy@ietf.org>; Sat, 02 Nov 2019 19:02:00 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rtfm-com.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=HGE5iz+hyNA3rBaw5qPl9DMl6ZMZ3KjjjddJfGlgN2g=; b=oRkQpVsNotfhB0QmKTbYUf4J9X2WBsOwtM4NR82XLLTxMNgaDngkSh4ye5Ar1glcvL DOtYrApD5DbhYxxuGJ+ViMJuWzdGZGNpAO+//mnR4ilvxhJhS+gF+xEnv1pbWv5cXnq8 o3igyVdmOR7+3Oa3/XYtBoZ/YuhT59ry0q3YzjXiCRgrwvZ3e6T689XOZViEjiQ6I9xi p3XPpAVrqZnUCSMw1FO5H5roMZ1FeA2dz2uRQ9OYd1I7Y4vvGdkjYrmww0LyH7hV5QtA aLWNIB+0x+gGlAMgc9tXY0zXVv4DEsbP5HPaxsbbVgYypwdwJNzq75pHj1SHAI/LIQLf gKyw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=HGE5iz+hyNA3rBaw5qPl9DMl6ZMZ3KjjjddJfGlgN2g=; b=TdLUWMGSmaDE5doNAWp66xW3+rvBVUyaCDWnCuPhTI2Jx3RARMTRzMOqMEmyzCoVg8 f+r3mv2fZ0IoBars7DLL9S+mJU/xHUr5dbJgLCyT8lpMxhsrkBMx2SS+Q+1tpIhtJ6E4 2wX29TQt5Pth+sGlrf8gGp5YLqhjM7Vytf2okeJBmR4tQm+GxXX4H6zVH03L3ADeGpao ++Y4vWtqcN8RypLK/7MJFa7LZFLzcCfVJ/Cin7vCmo/o7h1eQUtM+2NF3jglPJrnnueq PqJgxHz28qK27vHd9tf6AdPfrhW4UrEBmTvbjYsgcAjZY/ZrNL52rD9h6dm32RRDu9qJ 93dg==
X-Gm-Message-State: APjAAAUqT8x3jnz3lx5Y4dEoGWk/gC7BX/aJccypAdXNrz7xaguGGc+i Kdhj9NRVYlOmBdPd/t3VlrRwcDHni/Axfwaiu/6q0w==
X-Google-Smtp-Source: APXvYqzwK2DPSgStjQyHOAo6fJtivAop86enxsageea2WXYlOvB7rc7YBJkCOfOPbnaUcoY1dpNJiYrBP9OgpjwMqNA=
X-Received: by 2002:a2e:a303:: with SMTP id l3mr13676688lje.38.1572746519135; Sat, 02 Nov 2019 19:01:59 -0700 (PDT)
MIME-Version: 1.0
References: <CABcZeBMQEJ=LE8ATQYnJj59srsK47hf4HT3BMMg3X2crVfSUXQ@mail.gmail.com> <1a70035e-edef-a3f4-ea91-52409ba37828@icann.org> <CABcZeBPAtvf3RU2gKWzyTaNwd6NBGsBuxq+n6r0W6-2RCnivSA@mail.gmail.com> <17189d1a-7689-f68d-6fe3-8d704af614a3@icann.org> <CABcZeBOhSYvqPyDcm9zbMYRc03DmPcCKYTYE-uC54=Mm9HMcnQ@mail.gmail.com> <99ee8cd4-9418-2d64-57fd-487b4f2c3a1a@cs.tcd.ie> <CABcZeBOBFFi=dA_XEzhkYvRU6kzvND5CMQcMoyriYusDH0RbKQ@mail.gmail.com> <CAHw9_iLz5No-SKa74To03ida3DHfeKY58CrJFJpLph8FsvzNQQ@mail.gmail.com>
In-Reply-To: <CAHw9_iLz5No-SKa74To03ida3DHfeKY58CrJFJpLph8FsvzNQQ@mail.gmail.com>
From: Eric Rescorla <ekr@rtfm.com>
Date: Sat, 02 Nov 2019 19:01:22 -0700
Message-ID: <CABcZeBMFDbATVRvJvvs5b4giQ=0B82i76ahv-ffDgWJOzqZccw@mail.gmail.com>
To: Warren Kumari <warren@kumari.net>
Cc: Stephen Farrell <stephen.farrell@cs.tcd.ie>, Paul Hoffman <paul.hoffman@icann.org>, "dns-privacy@ietf.org" <dns-privacy@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000985d35059667957a"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dns-privacy/C3FDj3Vvi8mtL5xGc2uD1SJ7tos>
Subject: Re: [dns-privacy] [Ext] Threat Model
X-BeenThere: dns-privacy@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <dns-privacy.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dns-privacy/>
List-Post: <mailto:dns-privacy@ietf.org>
List-Help: <mailto:dns-privacy-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 03 Nov 2019 02:02:04 -0000
On Sat, Nov 2, 2019 at 6:02 PM Warren Kumari <warren@kumari.net> wrote: > On Sat, Nov 2, 2019 at 3:59 PM Eric Rescorla <ekr@rtfm.com> wrote: > > > > > > > > On Sat, Nov 2, 2019 at 11:52 AM Stephen Farrell < > stephen.farrell@cs.tcd.ie> wrote: > >> > >> > >> Hiya, > >> > >> On 02/11/2019 18:33, Eric Rescorla wrote: > >> > On Sat, Nov 2, 2019 at 7:03 AM Paul Hoffman <paul.hoffman@icann.org> > wrote: > >> > > >> >> On 11/2/19 9:58 AM, Eric Rescorla wrote: > >> >>> Generally, I would expect that a solution which addressed the active > >> >> threat model would also address the passive one. > >> >> > >> >> Of course, but there are many threat models that have different > solutions. > >> >> The passive threat models might be addressable more quickly than the > active > >> >> threat model. > >> >> > >> > > >> > Yes, that's why I asked the question of whether we are trying to > solve the > >> > active attacker case. > >> > >> Tackling passive and active attacks are not mutually > >> exclusive goals. > > > > > > Nor did I say they were. > > > > > >> > >> Experience from SMTP/TLS (as I interpret it anyway) > >> was that defence against active attacks only really > >> became tractable a few years after mitigations against > >> passive attacks had been deployed and clearly hadn't > >> broken anything. Note that that transition did not require any changes > >> to SMTP/TLS, though it may have needed > >> the mail equivalent of HSTS and reporting to have been > >> defined (it's hard to tell what really motivated folks > >> to try mitigate active attacks for sure). > >> > >> Whether or not adot is sufficiently similar is (for me) > >> an unknown at this point but I'd hope we don't rule that > >> out. > > > > > > I think the primary difference between this case and the TLS case, > > where, as I note below, defense against active attacks was required from > > the beginning, is the question of whether or not the reference that > > the initiator has tells it that it supposed to expect security. In the > case > > of TLS you have that with the different URI scheme (https) but in > > the case of email you do not. > > > > Conversely, what made opportunistic style approaches viable for > > SMTP was that there was an existing protocol handshake that > > could be conveniently adopted to have upward negotiation (STARTTLS). > > This was more of a pain with HTTP, though RFC 2817 does in fact > > specify something. > > > > In this case, I think the relevant question is whether there is some > > viable mechanism (by which I mean one that people might actually > > use) by which recursive resolvers would, in talking to an authoritative > > resolver, detect that that resolver supported secure transport and > > upgrade. If there is, then it's potentially possible to have some kind > > of opportunistic approach. And conversely, whether it's viable > > to have the records that point you to the next authoritative convey > > that you should expect security.. If there is, then it's potentially > > possible/better to have a non-opportunistic approach > > I've suggested a number of times, but haven't actually written up, > that you could encode this in the nameserver name - this is somewhat > similar to the dnscrypt idea... > > E.g - no DoX expected: > $ dig ns example.com > ;; ANSWER SECTION: > example.com. 42923 IN NS b.iana-servers.net. > example.com. 42923 IN NS a.iana-servers.net. > > Recursive resolvers should expect DoT: > $ dig ns example.com > ;; ANSWER SECTION: > example.com. 42923 IN NS b-dot.iana-servers.net. > example.com. 42923 IN NS a-dot.iana-servers.net. > > > Yes, I'll be the first to admit that it is hacky, and not it's not > completely foolproof, but it requires an attacker to do more than just > block port 853 to force a downgrade, and also means that resolvers > don't have to probe 853, wait for a timeout and then try 53 > instead.... > Can you expand on this? Is the convention that if I see x-dot.example.com, then I should expect DoT? -Ekr > W > > > > > > > > >> > >> ISTM that requiring day-1 defence against active attacks was to an > >> extent responsible for the lack of deployment > >> of IPsec and DNSSEC, > > > > > > I don't understand what DNSSEC would do if not defend against active > > attack. > > > > > >> so I hope we keep an eye on that > >> ball too. > > > > > > OTOH, TLS had day one defense against active attacks. > > > > -Ekr > > > > _______________________________________________ > > dns-privacy mailing list > > dns-privacy@ietf.org > > https://www.ietf.org/mailman/listinfo/dns-privacy > > > > -- > I don't think the execution is relevant when it was obviously a bad > idea in the first place. > This is like putting rabid weasels in your pants, and later expressing > regret at having chosen those particular rabid weasels and that pair > of pants. > ---maf >
- [dns-privacy] Threat Model Eric Rescorla
- Re: [dns-privacy] Threat Model Christian Huitema
- Re: [dns-privacy] Threat Model Brian Dickson
- Re: [dns-privacy] Threat Model Ted Hardie
- Re: [dns-privacy] Threat Model Brian Dickson
- Re: [dns-privacy] [Ext] Threat Model Paul Hoffman
- Re: [dns-privacy] [Ext] Threat Model Eric Rescorla
- Re: [dns-privacy] [Ext] Threat Model Paul Hoffman
- Re: [dns-privacy] [Ext] Threat Model Eric Rescorla
- Re: [dns-privacy] [Ext] Threat Model Stephen Farrell
- Re: [dns-privacy] [Ext] Threat Model Eric Rescorla
- Re: [dns-privacy] what's good enough, or Threat M… John Levine
- Re: [dns-privacy] what's good enough, or Threat M… Eric Rescorla
- Re: [dns-privacy] [Ext] Threat Model Warren Kumari
- Re: [dns-privacy] [Ext] Threat Model Eric Rescorla
- Re: [dns-privacy] what's good enough, or Threat M… John R Levine
- Re: [dns-privacy] [Ext] Threat Model Warren Kumari
- Re: [dns-privacy] [Ext] Threat Model David Conrad
- Re: [dns-privacy] [Ext] Threat Model Paul Wouters
- Re: [dns-privacy] [Ext] Threat Model Stephen Farrell
- Re: [dns-privacy] Threat Model Livingood, Jason
- Re: [dns-privacy] [Ext] Threat Model Tony Finch
- Re: [dns-privacy] [Ext] Threat Model Paul Wouters
- Re: [dns-privacy] [Ext] Threat Model Brian Dickson
- Re: [dns-privacy] [Ext] Threat Model Paul Wouters
- Re: [dns-privacy] [Ext] Threat Model Eric Rescorla
- Re: [dns-privacy] [Ext] Threat Model Brian Dickson
- Re: [dns-privacy] [Ext] Threat Model John Levine
- Re: [dns-privacy] [Ext] Threat Model John Levine
- Re: [dns-privacy] [Ext] Threat Model Tony Finch
- Re: [dns-privacy] [Ext] Threat Model Paul Wouters
- Re: [dns-privacy] [Ext] Threat Model Warren Kumari
- Re: [dns-privacy] [Ext] Threat Model Warren Kumari
- Re: [dns-privacy] [Ext] Threat Model Paul Wouters
- Re: [dns-privacy] [Ext] Threat Model Warren Kumari
- Re: [dns-privacy] [Ext] Threat Model Brian Dickson
- Re: [dns-privacy] [Ext] Threat Model Dan Wing
- Re: [dns-privacy] [Ext] Threat Model Mark Andrews
- Re: [dns-privacy] [Ext] Threat Model Ralf Weber
- Re: [dns-privacy] [Ext] Threat Model Hugo Connery
- Re: [dns-privacy] [Ext] Threat Model Paul Wouters
- Re: [dns-privacy] [Ext] Threat Model Stephen Farrell
- Re: [dns-privacy] [Ext] Threat Model Paul Hoffman
- Re: [dns-privacy] [Ext] Threat Model Brian Dickson
- Re: [dns-privacy] [Ext] Threat Model Ted Hardie
- Re: [dns-privacy] [Ext] Threat Model Brian Dickson
- Re: [dns-privacy] [Ext] Threat Model Paul Wouters
- Re: [dns-privacy] [Ext] Threat Model Bob Harold
- Re: [dns-privacy] [Ext] Threat Model Paul Wouters
- Re: [dns-privacy] [Ext] Threat Model Stephen Farrell
- Re: [dns-privacy] [Ext] Threat Model Brian Dickson
- Re: [dns-privacy] [Ext] Threat Model Paul Ebersman
- Re: [dns-privacy] [Ext] Threat Model Paul Wouters
- Re: [dns-privacy] [Ext] Threat Model Bob Harold
- Re: [dns-privacy] [Ext] Threat Model sthaug