[dns-privacy] Restarting the discussion of draft-ietf-dprive-unilateral-probing
Paul Hoffman <paul.hoffman@icann.org> Tue, 12 July 2022 18:46 UTC
Return-Path: <paul.hoffman@icann.org>
X-Original-To: dns-privacy@ietfa.amsl.com
Delivered-To: dns-privacy@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CA509C14F6EB for <dns-privacy@ietfa.amsl.com>; Tue, 12 Jul 2022 11:46:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.907
X-Spam-Level:
X-Spam-Status: No, score=-1.907 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id aO8ToKMUAOsQ for <dns-privacy@ietfa.amsl.com>; Tue, 12 Jul 2022 11:46:37 -0700 (PDT)
Received: from ppa3.lax.icann.org (ppa3.lax.icann.org [192.0.33.78]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6CAC1C14F72D for <dns-privacy@ietf.org>; Tue, 12 Jul 2022 11:46:37 -0700 (PDT)
Received: from MBX112-W2-CO-2.pexch112.icann.org (out.mail.icann.org [64.78.33.6]) by ppa3.lax.icann.org (8.17.1.5/8.17.1.5) with ESMTPS id 26CIkZGJ031580 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for <dns-privacy@ietf.org>; Tue, 12 Jul 2022 18:46:35 GMT
Received: from MBX112-W2-CO-1.pexch112.icann.org (10.226.41.128) by MBX112-W2-CO-2.pexch112.icann.org (10.226.41.130) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.26; Tue, 12 Jul 2022 11:46:34 -0700
Received: from MBX112-W2-CO-1.pexch112.icann.org ([10.226.41.128]) by MBX112-W2-CO-1.pexch112.icann.org ([10.226.41.128]) with mapi id 15.02.0986.026; Tue, 12 Jul 2022 11:46:34 -0700
From: Paul Hoffman <paul.hoffman@icann.org>
To: DNS Privacy Working Group <dns-privacy@ietf.org>
Thread-Topic: Restarting the discussion of draft-ietf-dprive-unilateral-probing
Thread-Index: AQHYlh+1c8lfBRKMmUOpC2q3PiCyZA==
Date: Tue, 12 Jul 2022 18:46:34 +0000
Message-ID: <51D3B63D-CCEF-41A8-9D3E-1C9529A0587B@icann.org>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
x-originating-ip: [192.0.32.234]
x-source-routing-agent: Processed
Content-Type: multipart/signed; boundary="Apple-Mail=_97746FA9-87AB-4B6A-A99A-89CB2AA3CD97"; protocol="application/pkcs7-signature"; micalg="sha-256"
MIME-Version: 1.0
X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.205,Aquarius:18.0.883,Hydra:6.0.517,FMLib:17.11.122.1 definitions=2022-07-12_12,2022-07-12_01,2022-06-22_01
Archived-At: <https://mailarchive.ietf.org/arch/msg/dns-privacy/TbaAmShOlRkJJJR9qxdO8vc8JNY>
Subject: [dns-privacy] Restarting the discussion of draft-ietf-dprive-unilateral-probing
X-BeenThere: dns-privacy@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Addition of privacy to the DNS protocol <dns-privacy.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dns-privacy/>
List-Post: <mailto:dns-privacy@ietf.org>
List-Help: <mailto:dns-privacy-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 12 Jul 2022 18:46:41 -0000
Greetings again, and thank you to everyone who contributed comments on the -00 draft. As you can see, we published the -01 draft yesterday, and would love to get some discussion happening on the list to help focus the discussion at IETF 114. (I say "we" because dkg and Joey were kind enough to add me as a co-author!) As you can see from the diffs, there are a lot of changes in -01. The most significant technical change is the addition of a new field, E-last-response, the timestamp of the most recent response received on an established connection. This makes the checks for persistence more accurate. There are still some issues to be resolved in the draft; they are marked with "FIXME". In specific: - Should Extended DNS Errors (EDEs) be passed on to clients that have requested them? Is this different between encrypted and unencrypted transport? - Should resumption tickets be used when encrypted transport fails? - Should we further refine (past what is already in the document) what to do when encrypted transport fails? A few examples are given. We also have a few open issues tracked in our GitLab repo at <https://gitlab.com/dkg/dprive-unilateral-probing/-/issues>. Please review any/all of the above, and if you have a comment, please open a new thread here on the mailing list. We can also take new issues here or in the tracker, and we know that all issues should be resolved here on the list. DPRIVE has a short meeting at IETF 114 (we're in a slot with the ADD WG, and they have three draft that about to go to IESG ballot), but it would be great if we can spend it working on issues instead of the typical slideware presentation just listing the issues. --Paul Hoffman
- [dns-privacy] Restarting the discussion of draft-… Paul Hoffman
- Re: [dns-privacy] Restarting the discussion of dr… Puneet Sood
- Re: [dns-privacy] [Ext] Restarting the discussion… Paul Hoffman
- Re: [dns-privacy] [Ext] Restarting the discussion… Daniel Kahn Gillmor