IETF Logo Mail Archive

Re: [dns-privacy] [Ext] DS Hacks

Ben Schwartz <bemasc@google.com> Fri, 06 August 2021 15:21 UTC

Return-Path: <bemasc@google.com>
X-Original-To: dns-privacy@ietfa.amsl.com
Delivered-To: dns-privacy@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E9AAA3A32BF for <dns-privacy@ietfa.amsl.com>; Fri, 6 Aug 2021 08:21:55 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -18.097
X-Spam-Level:
X-Spam-Status: No, score=-18.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.499, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, ENV_AND_HDR_SPF_MATCH=-0.5, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5, USER_IN_DEF_SPF_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=google.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2OAyWN9zpTXe for <dns-privacy@ietfa.amsl.com>; Fri, 6 Aug 2021 08:21:50 -0700 (PDT)
Received: from mail-wm1-x32e.google.com (mail-wm1-x32e.google.com [IPv6:2a00:1450:4864:20::32e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 989DF3A32BC for <dns-privacy@ietf.org>; Fri, 6 Aug 2021 08:21:50 -0700 (PDT)
Received: by mail-wm1-x32e.google.com with SMTP id n12-20020a05600c3b8cb029025a67bbd40aso9272161wms.0 for <dns-privacy@ietf.org>; Fri, 06 Aug 2021 08:21:50 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=zYFORYFAkW1q+zkB4W1Hk98JfY1q90lomNlye3zqa0Y=; b=ZYt5bCqIXeUOtyI9b4AZ8Q/rum6Vh4hffRY0obdC1m79PlZr5HzgK65eGzUfyw/Vuy mHpwG6eaxpLx9cv3VoiCnqYOR+3WpKuKXIuaewf4Pb6/FUDTB5A2CHB8Ul9pjMupQGEh 2ND9m4+1IndMaD6IEwKlEyLld/fuKc7wRfTuROjfnDnLAWFk6Rk+Rv8U/uRF0LXGRt+K 29amP96Pbwf04gRnGrpDXWkpNkU5kv/oSiX8Qxf9ELLGPezbR/hmpP0oGJYEf02KZ3jt YBkDrgyrj0Er7Jkh1PQeP+jb0l8zrFx+unOVqUc/QimcEzlwZjzPnaSlQpKWT1fqdcEB a0RA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=zYFORYFAkW1q+zkB4W1Hk98JfY1q90lomNlye3zqa0Y=; b=GTlkLIXARBytOEHe2jsEjmfzzttgn8d6NqQgYbMMvXZrxYwfotTlkdgvh7RCnWxc4E v5tJXzUJaERREp2J/+oNbPovWlUE0BtbmziFDlvaXdqb2PRj7oSRixT+2xeAus+dZyn5 EmRzNOCYiE9QRo/vDp+Vq/uKlOV/nQmUS0uH0z6pkadVxQPLcbjSEQNvZKde6+aML1lc SNHCdMQF07VR6BVG48+E3eKrr5WazJyLiJfR30OjAf6Zyzvwr1KXLU2BfJb3S2I7h6h5 I3ygzmOLtYPnz0/SlYRN1RfbplS0dUp1Qwd+8JYFhTf8C5x0q4tQr5Na5P8rX5Mn/FNq t0vA==
X-Gm-Message-State: AOAM530f1xGFFRHiHbNMQsDofE7Cualn7JfKLF7Hkc1kKf1KPuy8g5Gz gzN2WIQqiR/7ULOiHYukqXwaoq8kEhYUize9iheV9Q==
X-Google-Smtp-Source: ABdhPJxzTqd76+nAxHCxZlSTczQYAg09/OWflOqQy0iqeIzyi2e0hnHFlGLcBqpxjbd3yTVhCNDYuFQxJY5he4v0I6M=
X-Received: by 2002:a7b:c5d2:: with SMTP id n18mr21041689wmk.97.1628263307165; Fri, 06 Aug 2021 08:21:47 -0700 (PDT)
MIME-Version: 1.0
References: <CAHbrMsAXFiPT_P_hdWXborXnbw3YagjW6aXXvGJnxWbtRofB2g@mail.gmail.com> <5f649d68-94be-579a-31c6-6ad02466cd15@time-travellers.org> <CAHbrMsCj8LzJff7BXwnY4TOcOU2POuZfP4h+fyA6VUKeGpksCQ@mail.gmail.com> <E0430A84-D844-4B79-B71F-A92A21942329@icann.org> <CAHbrMsCPPq-o8U4mhFPZ1U+GE+57yneEGo7AD5uDQ_QDDUO0rw@mail.gmail.com> <03FDA925-2BC3-4830-B27B-5F6E19676678@icann.org> <CAPp9mxJM1b4+OFHX0x6QwhoJpE+8Sz82K_e=DJ9EJFaK691_3Q@mail.gmail.com> <4AE29BBE-9B29-4E89-93CF-14153B25FD5C@icann.org>
In-Reply-To: <4AE29BBE-9B29-4E89-93CF-14153B25FD5C@icann.org>
From: Ben Schwartz <bemasc@google.com>
Date: Fri, 06 Aug 2021 11:21:35 -0400
Message-ID: <CAHbrMsBQ88mKx-FLU0KT8W-AGyi=3HS3f5nuSO93-TOo_HTyNw@mail.gmail.com>
To: Paul Hoffman <paul.hoffman@icann.org>
Cc: Robert Evans <evansr@google.com>, DNS Privacy Working Group <dns-privacy@ietf.org>
Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg="sha-256"; boundary="0000000000000cad8905c8e598be"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dns-privacy/Q1YnBT_udhJ5pOI5yPY6tFwIdfU>
Subject: Re: [dns-privacy] [Ext] DS Hacks
X-BeenThere: dns-privacy@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Addition of privacy to the DNS protocol <dns-privacy.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dns-privacy/>
List-Post: <mailto:dns-privacy@ietf.org>
List-Help: <mailto:dns-privacy-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 06 Aug 2021 15:21:56 -0000

Hi DPRIVE.  I've written this up as a proper I-D at
https://datatracker.ietf.org/doc/html/draft-schwartz-ds-glue-00.  Please
review.

In addition to the precise description of how to extend "DS" in this way,
there's also some text explaining how this interacts with DANE and PKI
authentication, making creative use of NSEC for performance.

On Fri, Jul 30, 2021 at 4:49 PM Paul Hoffman <paul.hoffman@icann.org> wrote:

> Thanks! If this is indeed what Ben meant, that works for me. (Apologies
> for being That Kind Of Person who mostly thinks in examples...)
>
> Given the discussion yesterday, we would also want a signal for
> "authenticate me or die" versus "I'm fine if you can't authenticate me",
> but that's an easy detail to add to the format.
>
> --Paul Hoffman
>
> On Jul 30, 2021, at 12:29 PM, Robert Evans <evansr@google.com> wrote:
> >
> > If I understand correctly, the encoding could cover any below-the-cut
> records in the referral response.
> >
> > For in-bailiwick response, this would be the child NS rrset, glue A/AAAA
> records, and SVCB records:
> >
> > ;; Authority
> > example.com [example.com] NS ns1.example.com
> > example.com [example.com] NS ns2.example.com=
> >
> > ;; Additional
> > ns1.example.com [ns1.example.com] A 192.0.2.1
> > ns1.example.com [ns1.example.com] AAAA 2001:db8::1
> > ns2.example.com [ns2.example.com] A 192.0.2.2
> > ns2.example.com [ns2.example.com] AAAA 2001:db8::2
> >
> > There could be a DS record that contains encoded RDATA:
> > rr_type=NS prefix=<empty> rdata="ns1.example.com"
> > rr_type=NS prefix=<empty> rdata="ns2.example.com"
> > rr_type=A prefix=ns1 rdata="192.0.2.1"
> > rr_type=A prefix=ns2 rdata="192.0.2.2"
> > rr_type=AAAA prefix=ns1 rdata="2001:db8::1"
> > rr_type=AAAA prefix=ns2 rdata="2001:db8::2"
> > rr_type=SVCB prefix=_dns.ns1 rdata="ns1.example.com 1 alpn=dot
> adox=tlsa"
> > rr_type=SVCB prefix=_dns.ns2 rdata="ns2.example.com] 1 alpn=dot
> adox=pki"
> >
> > (Or maybe leave out the A and AAAA records, but that makes it easier for
> attackers to trick resolvers into talking to malicious endpoints.)
> >
> > For out-of-bailiwick response, this would be only child NS records.
> >
> > ;; Authority
> > example.com [example.com] NS ns1.other-example.com
> > example.com [example.com] NS ns2.other-example.com
> >
> > ;; Additional
> > <empty>
> >
> > There would be a DS record that contains encoded RDATA:
> > rr_type=NS prefix=<empty> rdata="ns1.other-example.com"
> > rr_type=NS prefix=<empty> rdata="ns2.other-example.com"
> >
> > This referral conveys no authenticated SVCB (only authenticated NS
> names), so encryption-aware recursive resolvers would query for SVCB in
> parallel with A and AAAA queries for the name servers.
>
>

v2.23.0 | Report a Bug | By Email