Re: [dns-privacy] ODoH RFC SetupBaseS clarification
Christopher Wood <caw@heapingbits.net> Wed, 10 August 2022 14:07 UTC
Return-Path: <caw@heapingbits.net>
X-Original-To: dns-privacy@ietfa.amsl.com
Delivered-To: dns-privacy@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7B0DDC15948D for <dns-privacy@ietfa.amsl.com>; Wed, 10 Aug 2022 07:07:53 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.107
X-Spam-Level:
X-Spam-Status: No, score=-7.107 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=heapingbits.net header.b=RjrVj5ai; dkim=pass (2048-bit key) header.d=messagingengine.com header.b=aUrD1yrJ
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id OLcwkrwjvBZZ for <dns-privacy@ietfa.amsl.com>; Wed, 10 Aug 2022 07:07:49 -0700 (PDT)
Received: from out3-smtp.messagingengine.com (out3-smtp.messagingengine.com [66.111.4.27]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7C2C6C14F743 for <dns-privacy@ietf.org>; Wed, 10 Aug 2022 07:07:49 -0700 (PDT)
Received: from compute1.internal (compute1.nyi.internal [10.202.2.41]) by mailout.nyi.internal (Postfix) with ESMTP id A25A15C0195; Wed, 10 Aug 2022 10:07:45 -0400 (EDT)
Received: from mailfrontend2 ([10.202.2.163]) by compute1.internal (MEProxy); Wed, 10 Aug 2022 10:07:45 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=heapingbits.net; h=cc:cc:content-transfer-encoding:content-type:date:date:from :from:in-reply-to:in-reply-to:message-id:mime-version:references :reply-to:sender:subject:subject:to:to; s=fm1; t=1660140465; x= 1660226865; bh=mqHfnf2hkxRrwYGSqdu5Rj6ckdwHKCOiz/fPEQJTMHQ=; b=R jrVj5aiSWBeRFBJvpnVkG17oS1i8eiAof5+gLM1znpFDCSX8DRQycoulPKQIAUpW o8GEhoIYveXIGOS6Ak/SCG8wrio5pyzKVM9Cd4qLpPOKxerWUGrgbNbfYNPKhcBu QVHtlxqtUd/ACsXvc2JIaNoi+D+9E6+1aFGfea9/93KvF7cedMGoKGrfRrDrVSDX PBHkxE4G1wjFTEUAXHUMw/jkSnhs4aCJ2UiQCbgaH3GDJOEWy8cstZuHRKqQlmH+ Y0RSeM6IttZWWgeKWqKy4pICVeqmRRRvjSXcGLcjDS5OR0ku45jiYosy2KGR/CjE VOhVyV1DZzvVvxRzu7EGA==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-transfer-encoding :content-type:date:date:feedback-id:feedback-id:from:from :in-reply-to:in-reply-to:message-id:mime-version:references :reply-to:sender:subject:subject:to:to:x-me-proxy:x-me-proxy :x-me-sender:x-me-sender:x-sasl-enc; s=fm1; t=1660140465; x= 1660226865; bh=mqHfnf2hkxRrwYGSqdu5Rj6ckdwHKCOiz/fPEQJTMHQ=; b=a UrD1yrJQFjvelkpLRBHWrViLrIfzWcN7vQSpDZq/Irf+uZnWK2rju56SMHhpQ2Dd x1uejkWqYcyb37/qlqZyMq7UZXTWWteL832dNZBIJHl94VFtnJ7zaV0Xn8IT8i3y CXx0RomWS611i62Ha2kWGiVZEjnV4HRufVNDfGagYiZPxlgke8XZgWh9Lv6fPuZ4 HhGB3cMcJmqYaRTbnckvDG/a5aMQT1xjsUnpao9nUgeWLkOvHntLKKUZHgfRhUG9 tM51ZoOML+bJEHTMVslNtPwSgB2QxYVUrKb7IKmJwdpikUP1HYqR82Z/0QKKv2QG LOsNYQ8l5Y9asUAm9s7tQ==
X-ME-Sender: <xms:sbvzYusbXHzNW3VHvXyLgfIORE_Kx7MRhIje8dDgOtrMhzJDrZLOAw> <xme:sbvzYjch54LQstNvGn8_y-C8lxNJtc2zpRzP9bc2tifCjDaNDbl8I05oaSiKxzfIQ kR98auAFWd627WXWaM>
X-ME-Received: <xmr:sbvzYpzmVKxLD3UQxZKugw1EeUsxBoiNtKymR3aM99mrP-7WkFfLRRJFjQsneeiIWNrm-_vEUrWs-9hj3Wsv4DGwnKHJoazsudg>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvfedrvdegvddgjedtucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucenucfjughrpegtggfuhfgjffevgffkfhfvofesth hqmhdthhdtjeenucfhrhhomhepvehhrhhishhtohhphhgvrhcuhghoohguuceotggrfies hhgvrghpihhnghgsihhtshdrnhgvtheqnecuggftrfgrthhtvghrnhepgeehuddtveekle eijeefgeeutdefheelteelhfdtledvuddtffekueeugeettedtnecuffhomhgrihhnpehg ihhthhhusgdrtghomhdpihgvthhfrdhorhhgnecuvehluhhsthgvrhfuihiivgeptdenuc frrghrrghmpehmrghilhhfrhhomheptggrfieshhgvrghpihhnghgsihhtshdrnhgvth
X-ME-Proxy: <xmx:sbvzYpPECcykCe8Wz54McfCbvv6BI0G4Y4KDezueGtoFO6NC8-cO5w> <xmx:sbvzYu-IjJTZA3eBTkaFbnmaUJNuqFKDF2zluAX1AwEGbMd6h0QySg> <xmx:sbvzYhWkF4KQ6qesruEFr9u_oWhtkDGNTI5WJ53iamYxRxhOG_Ayfg> <xmx:sbvzYjG7BVOSeY1SIv3xkSmHkMiW1QlNaFAm1zIP6IzkVzc7irlApg>
Feedback-ID: i2f494406:Fastmail
Received: by mail.messagingengine.com (Postfix) with ESMTPA; Wed, 10 Aug 2022 10:07:45 -0400 (EDT)
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3696.80.82.1.1\))
From: Christopher Wood <caw@heapingbits.net>
In-Reply-To: <BL0PR01MB4387AFD8D7C2895F2392433EA5659@BL0PR01MB4387.prod.exchangelabs.com>
Date: Wed, 10 Aug 2022 10:07:44 -0400
Cc: "dns-privacy@ietf.org" <dns-privacy@ietf.org>
Content-Transfer-Encoding: quoted-printable
Message-Id: <7894036A-5F08-4D28-961D-A3C98C8A080C@heapingbits.net>
References: <BL0PR01MB438718D20FCC518DFEDA5BF1A5659@BL0PR01MB4387.prod.exchangelabs.com> <BL0PR01MB4387AFD8D7C2895F2392433EA5659@BL0PR01MB4387.prod.exchangelabs.com>
To: Ravi sankar MANTHA <r.mantha=40f5.com@dmarc.ietf.org>
X-Mailer: Apple Mail (2.3696.80.82.1.1)
Archived-At: <https://mailarchive.ietf.org/arch/msg/dns-privacy/U15E2tjkf85nvHV9diwhniCTxFw>
Subject: Re: [dns-privacy] ODoH RFC SetupBaseS clarification
X-BeenThere: dns-privacy@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Addition of privacy to the DNS protocol <dns-privacy.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dns-privacy/>
List-Post: <mailto:dns-privacy@ietf.org>
List-Help: <mailto:dns-privacy-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 10 Aug 2022 14:07:53 -0000
Hi Ravi, Most implementations allow applications to provide a source of randomness (via, e.g., a rand.Reader-like interface) for the purposes of deriving the client’s ephemeral key share. As this is an implementation detail, neither the HPKE nor ODoH RFCs explicitly specify how randomness is provided, so I don’t any change is needed here. If an HPKE implementation is _not_ using randomness for generating an ephemeral key share, then it’s horribly broken. Best, Chris > On Aug 10, 2022, at 5:09 AM, Ravi sankar MANTHA <r.mantha=40f5.com@dmarc.ietf.org> wrote: > > > Hi, > > In Section 6.2 of RFC 9230, its mentioned that SetupBaseS takes only 2 parameters (pkR, "odoh query") > > However, reference implementations are indeed using a randomiser from client side. > > enc, ctxI, err := hpke.SetupBaseS(suite, rand.Reader, pkR, []byte(ODOH_LABEL_QUERY)) > (https://github.com/cloudflare/odoh-go/blob/7c6d9ff448c53e0e546f2afe915ad9608e11f7bd/odoh.go#L471) > > This has an implication on target implementations, > > If Targets assume the randomizer is not present in shared secret derivation, then Context is unique for Target Public Key and they may choose not to store/derive it per message per Public Key. > > If random seed is present, then contexts are unique only per message (DSN Query). > > So, this has an interoperability impact as Encrypt/Decrypt fails for Query Responses if wrong shared key/Context is used on Target side. > > IMHO, we might need to clarify this in RFC either by updating pseudocode for SetupBaseS or add a note that Target should derive shared secret/Context with every oblivious DNS query. Or its implicit somewhere in the RFC ? > > Regards, > > Ravi Mantha > > > > > _______________________________________________ > dns-privacy mailing list > dns-privacy@ietf.org > https://www.ietf.org/mailman/listinfo/dns-privacy
- [dns-privacy] ODoH RFC SetupBaseS clarification Ravi sankar MANTHA
- Re: [dns-privacy] ODoH RFC SetupBaseS clarificati… Christopher Wood
- Re: [dns-privacy] ODoH RFC SetupBaseS clarificati… Ravi sankar MANTHA