[dns-privacy] Warren Kumari's Discuss on draft-ietf-dprive-rfc7626-bis-06: (with DISCUSS and COMMENT)
Warren Kumari via Datatracker <noreply@ietf.org> Mon, 05 October 2020 21:42 UTC
Return-Path: <noreply@ietf.org>
X-Original-To: dns-privacy@ietf.org
Delivered-To: dns-privacy@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id E32CB3A0FBD; Mon, 5 Oct 2020 14:42:11 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: Warren Kumari via Datatracker <noreply@ietf.org>
To: The IESG <iesg@ietf.org>
Cc: draft-ietf-dprive-rfc7626-bis@ietf.org, dprive-chairs@ietf.org, dns-privacy@ietf.org, Brian Haberman <brian@innovationslab.net>, dns-privacy@ietf.org, brian@innovationslab.net
X-Test-IDTracker: no
X-IETF-IDTracker: 7.19.0
Auto-Submitted: auto-generated
Precedence: bulk
Reply-To: Warren Kumari <warren@kumari.net>
Message-ID: <160193413191.28964.1483642169279931217@ietfa.amsl.com>
Date: Mon, 05 Oct 2020 14:42:11 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/dns-privacy/KGKoO78ldSfz8-Ozba6hI2Y-c2c>
Subject: [dns-privacy] Warren Kumari's Discuss on draft-ietf-dprive-rfc7626-bis-06: (with DISCUSS and COMMENT)
X-BeenThere: dns-privacy@ietf.org
X-Mailman-Version: 2.1.29
List-Id: <dns-privacy.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dns-privacy/>
List-Post: <mailto:dns-privacy@ietf.org>
List-Help: <mailto:dns-privacy-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 05 Oct 2020 21:42:12 -0000
Warren Kumari has entered the following ballot position for draft-ietf-dprive-rfc7626-bis-06: Discuss When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html for more information about IESG DISCUSS and COMMENT positions. The document, along with other ballot positions, can be found here: https://datatracker.ietf.org/doc/draft-ietf-dprive-rfc7626-bis/ ---------------------------------------------------------------------- DISCUSS: ---------------------------------------------------------------------- Apologies for changing my YES to a DISCUSS -- I found a later version of my notes on this draft. My DISCUS is specifically around the"The Alleged Public Nature of DNS Data" / "It has long been claimed that "the data in the DNS is public" section -- it seems to be unnecessarily creating and then shooting down a strawman. The "the data in the DNS is public" aphorism talks is more about the confidentiality one can expect **publishing** data in the DNS, not the privacy of the lookups. This whole section (to my mind) undersells the threat that publishing something in the DNS and expecting it to remain private creates -- for example, I'd be extremely foolish to insert: my-password-fd345432233e.example.com 600 IN TXT "Hunter2" Services like Farsight Securities (excellent!) DNSDB will likely capture this almost as soon as I use it somewhere. In addition, the "Due to the lack of search capabilities, only a given QNAME will reveal the resource records associated with that name" sentence is either false, or at the very least, misleading. $ dig +dnssec foo.ietf.org | grep NSEC clearly tells me that the names etherpad.ietf.org and ftp.ietf.org both exist, and $ dig +dnssec ftpa.ietf.org | grep NSEC tells me that the next name is guides.ietf.org.... I think that the last 4 or 5 sentences of the section are useful, but that the rest of the section is actively dangerous as it is likely to be misunderstood. Please don't misunderstand - I still believe that the document itself is really important and useful, but the section seems dangerous (and yes, I realize that it is in RFC7626) ---------------------------------------------------------------------- COMMENT: ---------------------------------------------------------------------- [Edit: I accidentally hit "Send" too early; I have another few comments, also non-blocking: 1: "Also, sometimes, the QNAME embeds the software one uses, which could be a privacy issue. For instance, _ldap._tcp.Default-First-Site-Name._sites.gc._msdcs.example.org."... Unless you are a Microsoft or DNS weenie, this is likely not at clear -- what is being leaked here? The fact that the site uses TCP? LDAP? Windows? Goldbach's Conjecture? Example software? (I think adding a sentence here would be helpful...) ] Thank you for this document - it's really useful, and readable as well. I do have a few small comments to (possibly) make it even better - I will in no way be offended if you ignore these... The background on how DNS works is nicely written, and I'm to point people at it when I need to explain how the DNS works -- but I think a better name example than: "What are the SRV records of _xmpp-server._tcp.example.com?" would be good -- SRV is an unusual record type, and names with underscores surprise people. I'd instead suggest "What is the MX records for example.com" or "What is the A record for ftp.example.com?" -- I'm only mentioning this because the rest of the section is a very general introduction and this might confuse newcomers... "At the time of writing, almost all this DNS traffic is currently sent in clear (i.e., unencrypted). However there is increasing deployment of DNS-over-TLS (DoT) [RFC7858] and DNS-over-HTTPS (DoH) [RFC8484], particularly in mobile devices, browsers, and by providers of anycast recursive DNS resolution services." I think that you might want to remove the "particularly in ..." - I suspect that it will not age well; the document does say "At the time of writing" and "increasing", etc., but this document is likely foundational enough that it will still be referenced many many years from now, and this text may just cloud matters then. Whatever the case, thanks again for this document!
- [dns-privacy] Warren Kumari's Discuss on draft-ie… Warren Kumari via Datatracker
- Re: [dns-privacy] Warren Kumari's Discuss on draf… Brian Haberman
- Re: [dns-privacy] Warren Kumari's Discuss on draf… Warren Kumari
- Re: [dns-privacy] Warren Kumari's Discuss on draf… Tim Wicinski
- Re: [dns-privacy] Warren Kumari's Discuss on draf… Rob Sayre
- Re: [dns-privacy] Warren Kumari's Discuss on draf… Peter Koch
- Re: [dns-privacy] Warren Kumari's Discuss on draf… Warren Kumari
- Re: [dns-privacy] Warren Kumari's Discuss on draf… Rob Sayre
- Re: [dns-privacy] Warren Kumari's Discuss on draf… Tim Wicinski
- Re: [dns-privacy] Warren Kumari's Discuss on draf… Warren Kumari
- Re: [dns-privacy] Warren Kumari's Discuss on draf… Eric Vyncke (evyncke)