Re: [dns-privacy] [art] [Ext] Artart last call review of draft-ietf-dprive-unilateral-probing-12
Daniel Kahn Gillmor <dkg@fifthhorseman.net> Wed, 13 September 2023 00:26 UTC
Return-Path: <dkg@fifthhorseman.net>
X-Original-To: dns-privacy@ietfa.amsl.com
Delivered-To: dns-privacy@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2CB4DC13AE3C; Tue, 12 Sep 2023 17:26:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.313
X-Spam-Level:
X-Spam-Status: No, score=-1.313 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, RDNS_NONE=0.793, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=neutral reason="invalid (unsupported algorithm ed25519-sha256)" header.d=fifthhorseman.net header.b="hzjbl6I7"; dkim=pass (2048-bit key) header.d=fifthhorseman.net header.b="WvfY5/zk"
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id nlcyO7B6AcbP; Tue, 12 Sep 2023 17:26:12 -0700 (PDT)
Received: from che.mayfirst.org (unknown [162.247.75.117]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B1F84C151707; Tue, 12 Sep 2023 17:26:11 -0700 (PDT)
DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/simple; d=fifthhorseman.net; i=@fifthhorseman.net; q=dns/txt; s=2019; t=1694564770; h=from : to : cc : subject : in-reply-to : references : date : message-id : mime-version : content-type : from; bh=BSAUefglay3vdhMSfmvEkNGmj7wa2Ahc+zHV6SM2QVM=; b=hzjbl6I749YD/JzoiycOnsUsnIdfA/sWKUwyMlTx20UjhK+tGBwa2V2v4t/G30YAtXTEF 81TtybqSTx+1a1aCQ==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=fifthhorseman.net; i=@fifthhorseman.net; q=dns/txt; s=2019rsa; t=1694564770; h=from : to : cc : subject : in-reply-to : references : date : message-id : mime-version : content-type : from; bh=BSAUefglay3vdhMSfmvEkNGmj7wa2Ahc+zHV6SM2QVM=; b=WvfY5/zksnvZiwfuSDnwfgPWQWDUnYjRIInWWJY2d3paDs35CkwwnXCxGPzxRVr7v1Z3b /g5+Em78gMJSiZ9V5vt5byXDSRz3+U+mwLVr5RIJAcuJUwSBIv2cgl47cntIJmPdcIBEaVK bjlDP2vS2OeHxKeszKxLKokANyk8xsdSSs9RqnF9FSbof0+jUCVK5Uz9xe51YeYROmINgra TNMYwQTRRRHRidNoPuLct/qZA2Sf+MQtXgzkg8vXCHXEXhGCwRLxBMTei9CnB1TGQHYgD7R mpSSgik16JA5R97sMJzvQk5lOUdmnerPMB+/VL9071FgX4w1XLMZx9FKjFFA==
Received: from fifthhorseman.net (lair.fifthhorseman.net [108.58.6.98]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384) (No client certificate requested) by che.mayfirst.org (Postfix) with ESMTPSA id F004BF9E6; Tue, 12 Sep 2023 20:26:09 -0400 (EDT)
Received: by fifthhorseman.net (Postfix, from userid 1000) id E8F0E204F1; Tue, 12 Sep 2023 20:26:06 -0400 (EDT)
From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
To: Rob Sayre <sayrer@gmail.com>, Paul Hoffman <paul.hoffman@icann.org>
Cc: Bron Gondwana <brong@fastmailteam.com>, "art@ietf.org" <art@ietf.org>, "dns-privacy@ietf.org" <dns-privacy@ietf.org>, "draft-ietf-dprive-unilateral-probing.all@ietf.org" <draft-ietf-dprive-unilateral-probing.all@ietf.org>, "last-call@ietf.org" <last-call@ietf.org>
In-Reply-To: <CAChr6Sydrhs9i+WnzA9gBOuvGCE7_5ndNEJEmUTZLKxU6e9YrQ@mail.gmail.com>
References: <169409620800.15857.16759296263081674061@ietfa.amsl.com> <EC3FE6BF-3296-404F-A888-F2D3D0573FE4@icann.org> <932d01e4-1bc1-46b9-bd8b-76241b42461c@app.fastmail.com> <F7A25965-3570-4516-9D1B-74D0EA93DC4F@icann.org> <CAChr6Sydrhs9i+WnzA9gBOuvGCE7_5ndNEJEmUTZLKxU6e9YrQ@mail.gmail.com>
Autocrypt: addr=dkg@fifthhorseman.net; prefer-encrypt=mutual; keydata= mDMEX+i03xYJKwYBBAHaRw8BAQdACA4xvL/xI5dHedcnkfViyq84doe8zFRid9jW7CC9XBiI0QQf FgoAgwWCX+i03wWJBZ+mAAMLCQcJEOCS6zpcoQ26RxQAAAAAAB4AIHNhbHRAbm90YXRpb25zLnNl cXVvaWEtcGdwLm9yZ/tr8E9NA10HvcAVlSxnox6z62KXCInWjZaiBIlgX6O5AxUKCAKbAQIeARYh BMKfigwB81402BaqXOCS6zpcoQ26AADZHQD/Zx9nc3N2kj13AUsKMr/7zekBtgfSIGB3hRCU74Su G44A/34Yp6IAkndewLxb1WdRSokycnaCVyrk0nb4imeAYyoPtBc8ZGtnQGZpZnRoaG9yc2VtYW4u bmV0PojRBBMWCgCDBYJf6LTfBYkFn6YAAwsJBwkQ4JLrOlyhDbpHFAAAAAAAHgAgc2FsdEBub3Rh dGlvbnMuc2VxdW9pYS1wZ3Aub3JnL0Gwxvypz2tu1IPG+yu1zPjkiZwpscsitwrVvzN3bbADFQoI ApsBAh4BFiEEwp+KDAHzXjTYFqpc4JLrOlyhDboAAPkXAP0Z29z7jW+YzLzPTQML4EQLMbkHOfU4 +s+ki81Czt0WqgD/SJ8RyrqDCtEP8+E4ZSR01ysKqh+MUAsTaJlzZjehiQ24MwRf6LTfFgkrBgEE AdpHDwEBB0DkKHOW2kmqfAK461+acQ49gc2Z6VoXMChRqobGP0ubb4kBiAQYFgoBOgWCX+i03wWJ BZ+mAAkQ4JLrOlyhDbpHFAAAAAAAHgAgc2FsdEBub3RhdGlvbnMuc2VxdW9pYS1wZ3Aub3Jnfvo+ nHoxDwaLaJD8XZuXiaqBNZtIGXIypF1udBBRoc0CmwICHgG+oAQZFgoAbwWCX+i03wkQPp1xc3He VlxHFAAAAAAAHgAgc2FsdEBub3RhdGlvbnMuc2VxdW9pYS1wZ3Aub3JnaheiqE7Pfi3Atb3GGTw+ jFcBGOaobgzEJrhEuFpXREEWIQQttUkcnfDcj0MoY88+nXFzcd5WXAAAvrsBAIJ5sBg8Udocv25N stN/zWOiYpnjjvOjVMLH4fV3pWE1AP9T6hzHz7hRnAA8d01vqoxOlQ3O6cb/kFYAjqx3oMXSBhYh BMKfigwB81402BaqXOCS6zpcoQ26AADX7gD/b83VObe14xrNP8xcltRrBZF5OE1rQSPkMNy+eWpk eCwA/1hxiS8ZxL5/elNjXiWuHXEvUGnRoVj745Vl48sZPVYMuDgEX+i03xIKKwYBBAGXVQEFAQEH QIGex1WZbH6xhUBve5mblScGYU+Y8QJOomXH+rr5tMsMAwEICYjJBBgWCgB7BYJf6LTfBYkFn6YA CRDgkus6XKENukcUAAAAAAAeACBzYWx0QG5vdGF0aW9ucy5zZXF1b2lhLXBncC5vcmcEAx9vTD3b J0SXkhvcRcCr6uIDJwic3KFKxkH1m4QW0QKbDAIeARYhBMKfigwB81402BaqXOCS6zpcoQ26AAAX mwD8CWmukxwskU82RZLMk5fm1wCgMB5z8dA50KLw3rgsCykBAKg1w/Y7XpBS3SlXEegIg1K1e6dR fRxL7Z37WZXoH8AH
Date: Tue, 12 Sep 2023 20:26:05 -0400
Message-ID: <87a5tqzzoi.fsf@fifthhorseman.net>
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-="; micalg="pgp-sha256"; protocol="application/pgp-signature"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dns-privacy/Lo__Tm_HlsS5KDUO2yax0BYDxTY>
Subject: Re: [dns-privacy] [art] [Ext] Artart last call review of draft-ietf-dprive-unilateral-probing-12
X-BeenThere: dns-privacy@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Addition of privacy to the DNS protocol <dns-privacy.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dns-privacy/>
List-Post: <mailto:dns-privacy@ietf.org>
List-Help: <mailto:dns-privacy-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 13 Sep 2023 00:26:17 -0000
On Thu 2023-09-07 19:38:01 -0700, Rob Sayre wrote: > On Thu, Sep 7, 2023 at 7:15 PM Paul Hoffman <paul.hoffman@icann.org> wrote: > >> On Sep 7, 2023, at 6:58 PM, Bron Gondwana <brong@fastmailteam.com> wrote: >> >> Are you proposing a shorter value for "damping", or a note saying "1 >> day is just the suggested value, you might choose a shorter one if you >> want"? Or something else? >> > >> > I'm suggesting a backoff algorithm which isn't "single failure gives you >> N hours of no retry" - particularly, if you have an existing encrypted >> connection and it has a fault, my reading was that you don't retry at all >> to form an encrypted connection, even when talking to somewhere that has >> previously succeeded. I agree you don't want to try more than once per day >> against a server that's never supported encryption, but if you have had >> consistent success encrypting to a server, then a single failure, you don't >> want to be treating that one the same! It's definitely worth retrying >> faster than a full day later. >> >> This sounds like you want a smaller value than 1 day for `damping` then. >> Because those parameters are only suggested defaults, a resolver operator >> like you could simply change the 1 day to maybe 1 hour, with the risk of >> slowing down resolution to that one nameserver. > > I think you might want to rephrase this part. It seems like you really mean > retries asymptotically approaching a 1 day timeout. What I've found works > is exponential backoff that doesn't get too pessimistic, and also contains > some amount of uncertain time intervals. It seems very dumb at first. But, > if one piece breaks that may have nothing to do with DNS, you will get a > stampede. Introducing a little bit of uncertainty can help. Thanks for all this discussion. The main purpose of having any sort of damping in the draft is to encourage operators of authoritative servers that they will not find themselves in trouble even if they enable encrypted transport briefly for experimentation or evaluation, and then turn it off again. There are two kinds of trouble that such an authoritative server could find itself in: a) It could be flooded with queries on a transport that it no longer supports. b) Queries from recursive resolvers could fail or be substantially delayed when the encrypted transport is disabled. The `damping` parameter primarily influences (a), which i'd argue is likely the less-important of the two, operationally, since it doesn't cost the authoritative operator that much to send a "port closed" ICMP response. ((b) is influenced more by the `timeout` parameter.) It looks to me like it would be fine to introduce something more sophisticated than a static `damping` parameter with the aim of increasing the total amount of encrypted transport happening, but to do so, you'd need to add to the per-authoritative-IP state held by recursive resolver. This would further expand the table "Recursive resolver state per authoritative IP, per encrypted transport", adding more complexity to the implementation. (it looks to me like you could probably do the uncertainty proposal it without adding to the state if you just applied a randomized offset to the test that evaluates: `(T0 - E-completed[X]) > damping` though) If done wrong, it could also increase the risk of (b) happening: in particular, you'd want make sure any change would *only* affect the reversion to "happy eyeballs" style dual querying, rather than avoiding the cleartext queries for too long. and of course, happy-eyeballs-style queries will leak information. From my perspective, the simple approach described in the draft is a good opportunistic baseline -- minimally complex, works fine (opportunistically) with a functioning server in the absence of an active attacker, and fails gracefully in the face of errors on the server side. Any subsequent draft that specifies strong (non-opportunistic) confidentiality for DNS queries should of course be more cautious. But i think sticking with the simplest guidance that provides moderate confidentiality for this case is the right way to go. If implementers end up doing something more sophisticated i'd hope they would report back on what they did and what parameters they chose. I don't think more sophistication or complexity needs to be in this particular draft, though. --dkg
- [dns-privacy] Artart last call review of draft-ie… Bron Gondwana via Datatracker
- Re: [dns-privacy] [Ext] Artart last call review o… Paul Hoffman
- Re: [dns-privacy] [art] [Ext] Artart last call re… Bron Gondwana
- Re: [dns-privacy] [art] [Ext] Artart last call re… Paul Hoffman
- Re: [dns-privacy] [art] [Ext] Artart last call re… Rob Sayre
- Re: [dns-privacy] [art] [Ext] Artart last call re… Daniel Kahn Gillmor
- Re: [dns-privacy] [art] [Ext] Artart last call re… Rob Sayre