Re: [dns-privacy] [internet-drafts@ietf.org: I-D Action: draft-bortzmeyer-dns-qname-minimisation-00.txt]

[Phillip Hallam-Baker <hallam@gmail.com>]

On Thu, Mar 20, 2014 at 11:32 AM, Stephane Bortzmeyer <bortzmeyer@nic.fr> wrote:
> On Thu, Mar 20, 2014 at 11:09:34AM -0400,
>  Phillip Hallam-Baker <hallam@gmail.com> wrote
>  a message of 50 lines which said:
>
>> minimization might well cause registries to take countermeasures if
>> minimization was to affect their business models.
>
> It's a general problem of security: the Bad Guys take
> countermeasures. It was discussed in depth at the privacy tutorial at
> the last IETF meeting, in London. Someone mentioned "business issues"
> with privacy. And another one replied "anti-spam measures disturbed
> some people's business, too".
>
>> At the moment their servers support NS queries.  But if minimization
>> is introduced they might change policy and start blocking.
>
> This would be a violation of the protocol. We cannot prevent it but we
> can at least call a spade a spade.

I would like to try to avoid the situation where we only ever allow
ourselves to think one move ahead.


>> the code might want to consider counter strategies. For example, if
>> the request is for A records from secret.example.evil, it might
>> query for A records as follows
>>
>> ? A, _.evil
>> ? A, _.example.evil
>> ? A, www.example.evil
>
> Yes, good idea. "A" is probably the less revealing qtype. Should I add
> this trick in the draft?

I think it is useful.

At the very least raise the issue in implementer's minds. This is all
advice to implementers after all.


Least privilege says that we don't need to leak this information and
so we should not.

Another trick that can be played on larger servers is to use cached
data including stale cached data to inform the decision.

--
Website: http://hallambaker.com/