Re: [dns-privacy] what's good enough, or Threat Model
"John Levine" <johnl@taugh.com> Sat, 02 November 2019 23:47 UTC
Return-Path: <johnl@iecc.com>
X-Original-To: dns-privacy@ietfa.amsl.com
Delivered-To: dns-privacy@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 33586120071 for <dns-privacy@ietfa.amsl.com>; Sat, 2 Nov 2019 16:47:16 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.75
X-Spam-Level:
X-Spam-Status: No, score=-1.75 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.25, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1536-bit key) header.d=iecc.com header.b=G1vWuZ0f; dkim=pass (1536-bit key) header.d=taugh.com header.b=r+62O6BB
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id WWR2c7HCkc_h for <dns-privacy@ietfa.amsl.com>; Sat, 2 Nov 2019 16:47:15 -0700 (PDT)
Received: from gal.iecc.com (gal.iecc.com [IPv6:2001:470:1f07:1126:0:43:6f73:7461]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 10A7E120020 for <dns-privacy@ietf.org>; Sat, 2 Nov 2019 16:47:14 -0700 (PDT)
Received: (qmail 65993 invoked from network); 2 Nov 2019 23:47:13 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=iecc.com; h=date:message-id:from:to:cc:subject:in-reply-to:mime-version:content-type:content-transfer-encoding; s=101c7.5dbe1581.k1911; i=printer-iecc.com@submit.iecc.com; bh=SsyR4FvZhkOm7Zgcwl2rUY1kowbeNE9gBRD/yGpW2Bo=; b=G1vWuZ0fvv8v/Ol83M2g4a+F9oNIhoferdIwYj9QRE/QWcJnEKi6LHEpnq+EdW1E+m/8vYoxmeJPL9p2Zg30faxuI7XCz4RvGoz9S79KUqT2Pnj/PubaJHo354lzaQaZxhOmStiTKY/UXuquPJWDVr/2ml8fFRCDyjnb8vIzfpAt52kqPhg68UR5QDJQ5miaOHqHP+dfzsrIAc+MoQCeHAy0grcMZrtBJOWlqG4nEZR2BlBsiTcjEWvuckLv65Z1
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=taugh.com; h=date:message-id:from:to:cc:subject:in-reply-to:mime-version:content-type:content-transfer-encoding; s=101c7.5dbe1581.k1911; olt=printer-iecc.com@submit.iecc.com; bh=SsyR4FvZhkOm7Zgcwl2rUY1kowbeNE9gBRD/yGpW2Bo=; b=r+62O6BBj83oKKfCj8W3sgoH2D/qhMbxMluc2vqiQEmgqAHRZu7EcAJRHe+VIlcqhFZjQ0UMXtcNAwyI45vjUyLmsjER5bBQPH7SXGG0unE4rDlyYPKL7Wsw7n3efuF36yqcqSn+NZ4YATTwx/wC29qw6ABP/keUpINaAUMacS3FAbO5TZTPWlE0UzsSx0RufT9GCL6msuP0Cn82j6F1iGXu7SdHnu/IKA/Sd0bSM4cTj9qJT2a/7vx5CHD4lTwn
Received: from ary.local ([IPv6:2001:470:1f07:1126::78:696d:6170]) by imap.iecc.com ([IPv6:2001:470:1f07:1126::78:696d:6170]) with ESMTPSA (TLS1.2 ECDHE-RSA AES-256-GCM AEAD, printer@iecc.com) via TCP6; 02 Nov 2019 23:47:11 -0000
Received: by ary.local (Postfix, from userid 501) id 647F6E473E5; Sat, 2 Nov 2019 19:47:08 -0400 (EDT)
Date: Sat, 02 Nov 2019 19:47:08 -0400
Message-Id: <20191102234708.647F6E473E5@ary.local>
From: John Levine <johnl@taugh.com>
To: dns-privacy@ietf.org
Cc: ekr@rtfm.com
In-Reply-To: <CABcZeBOBFFi=dA_XEzhkYvRU6kzvND5CMQcMoyriYusDH0RbKQ@mail.gmail.com>
Organization: Taughannock Networks
X-Headerized: yes
Mime-Version: 1.0
Content-type: text/plain; charset="utf-8"
Content-transfer-encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/dns-privacy/HxIecFOKND4Ii5DZbcIqmcREfB4>
Subject: Re: [dns-privacy] what's good enough, or Threat Model
X-BeenThere: dns-privacy@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <dns-privacy.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dns-privacy/>
List-Post: <mailto:dns-privacy@ietf.org>
List-Help: <mailto:dns-privacy-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 02 Nov 2019 23:47:16 -0000
In article <CABcZeBOBFFi=dA_XEzhkYvRU6kzvND5CMQcMoyriYusDH0RbKQ@mail.gmail.com> you write: >Conversely, what made opportunistic style approaches viable for >SMTP was that there was an existing protocol handshake that >could be conveniently adopted to have upward negotiation (STARTTLS). ... >In this case, I think the relevant question is whether there is some >viable mechanism (by which I mean one that people might actually >use) by which recursive resolvers would, in talking to an authoritative >resolver, detect that that resolver supported secure transport and >upgrade. It's easy enough to imagine an EDNS option that asks whether a server supports ADoT, that the client can use as a signal to try again on port 853. This is roughly the same amount of traffic as using STARTTLS in SMTP, but I have no idea whether the DNS crowd would think it's OK, or too horribly slow, or we're not interested because you can fake it out and force downgrades. (SMTP also has that last problem, of course, at least until MTA-STS and/or signed TLSA.) R's, John PS: there's always dnscurve
- [dns-privacy] Threat Model Eric Rescorla
- Re: [dns-privacy] Threat Model Christian Huitema
- Re: [dns-privacy] Threat Model Brian Dickson
- Re: [dns-privacy] Threat Model Ted Hardie
- Re: [dns-privacy] Threat Model Brian Dickson
- Re: [dns-privacy] [Ext] Threat Model Paul Hoffman
- Re: [dns-privacy] [Ext] Threat Model Eric Rescorla
- Re: [dns-privacy] [Ext] Threat Model Paul Hoffman
- Re: [dns-privacy] [Ext] Threat Model Eric Rescorla
- Re: [dns-privacy] [Ext] Threat Model Stephen Farrell
- Re: [dns-privacy] [Ext] Threat Model Eric Rescorla
- Re: [dns-privacy] what's good enough, or Threat M… John Levine
- Re: [dns-privacy] what's good enough, or Threat M… Eric Rescorla
- Re: [dns-privacy] [Ext] Threat Model Warren Kumari
- Re: [dns-privacy] [Ext] Threat Model Eric Rescorla
- Re: [dns-privacy] what's good enough, or Threat M… John R Levine
- Re: [dns-privacy] [Ext] Threat Model Warren Kumari
- Re: [dns-privacy] [Ext] Threat Model David Conrad
- Re: [dns-privacy] [Ext] Threat Model Paul Wouters
- Re: [dns-privacy] [Ext] Threat Model Stephen Farrell
- Re: [dns-privacy] Threat Model Livingood, Jason
- Re: [dns-privacy] [Ext] Threat Model Tony Finch
- Re: [dns-privacy] [Ext] Threat Model Paul Wouters
- Re: [dns-privacy] [Ext] Threat Model Brian Dickson
- Re: [dns-privacy] [Ext] Threat Model Paul Wouters
- Re: [dns-privacy] [Ext] Threat Model Eric Rescorla
- Re: [dns-privacy] [Ext] Threat Model Brian Dickson
- Re: [dns-privacy] [Ext] Threat Model John Levine
- Re: [dns-privacy] [Ext] Threat Model John Levine
- Re: [dns-privacy] [Ext] Threat Model Tony Finch
- Re: [dns-privacy] [Ext] Threat Model Paul Wouters
- Re: [dns-privacy] [Ext] Threat Model Warren Kumari
- Re: [dns-privacy] [Ext] Threat Model Warren Kumari
- Re: [dns-privacy] [Ext] Threat Model Paul Wouters
- Re: [dns-privacy] [Ext] Threat Model Warren Kumari
- Re: [dns-privacy] [Ext] Threat Model Brian Dickson
- Re: [dns-privacy] [Ext] Threat Model Dan Wing
- Re: [dns-privacy] [Ext] Threat Model Mark Andrews
- Re: [dns-privacy] [Ext] Threat Model Ralf Weber
- Re: [dns-privacy] [Ext] Threat Model Hugo Connery
- Re: [dns-privacy] [Ext] Threat Model Paul Wouters
- Re: [dns-privacy] [Ext] Threat Model Stephen Farrell
- Re: [dns-privacy] [Ext] Threat Model Paul Hoffman
- Re: [dns-privacy] [Ext] Threat Model Brian Dickson
- Re: [dns-privacy] [Ext] Threat Model Ted Hardie
- Re: [dns-privacy] [Ext] Threat Model Brian Dickson
- Re: [dns-privacy] [Ext] Threat Model Paul Wouters
- Re: [dns-privacy] [Ext] Threat Model Bob Harold
- Re: [dns-privacy] [Ext] Threat Model Paul Wouters
- Re: [dns-privacy] [Ext] Threat Model Stephen Farrell
- Re: [dns-privacy] [Ext] Threat Model Brian Dickson
- Re: [dns-privacy] [Ext] Threat Model Paul Ebersman
- Re: [dns-privacy] [Ext] Threat Model Paul Wouters
- Re: [dns-privacy] [Ext] Threat Model Bob Harold
- Re: [dns-privacy] [Ext] Threat Model sthaug