Re: [dns-privacy] [SPAM] Re: New draft on encrypting the stub-to-resolver link: draft-hoffman-dns-tls-stub-00.txt
"Hosnieh Rafiee" <ietf@rozanak.com> Wed, 20 August 2014 20:18 UTC
Return-Path: <ietf@rozanak.com>
X-Original-To: dns-privacy@ietfa.amsl.com
Delivered-To: dns-privacy@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5CA161A0894 for <dns-privacy@ietfa.amsl.com>; Wed, 20 Aug 2014 13:18:35 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.568
X-Spam-Level:
X-Spam-Status: No, score=-2.568 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RP_MATCHES_RCVD=-0.668] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id sULIV0XrJ8zf for <dns-privacy@ietfa.amsl.com>; Wed, 20 Aug 2014 13:18:33 -0700 (PDT)
Received: from mail.rozanak.com (mail.rozanak.com [IPv6:2a01:238:42ad:1500:aa19:4238:e48f:61cf]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 396D61A0701 for <dns-privacy@ietf.org>; Wed, 20 Aug 2014 13:18:33 -0700 (PDT)
Received: from localhost (unknown [127.0.0.1]) by mail.rozanak.com (Postfix) with ESMTP id A47485660140; Wed, 20 Aug 2014 20:18:30 +0000 (UTC)
X-Virus-Scanned: amavisd-new at rozanak.com
Received: from mail.rozanak.com ([127.0.0.1]) by localhost (mail.iknowlaws.de [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MQMkIq--W8ss; Wed, 20 Aug 2014 22:18:00 +0200 (CEST)
Received: from kopoli (p5DCC776E.dip0.t-ipconnect.de [93.204.119.110]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) by mail.rozanak.com (Postfix) with ESMTPSA id 91C22566013B; Wed, 20 Aug 2014 22:18:00 +0200 (CEST)
From: Hosnieh Rafiee <ietf@rozanak.com>
To: Andrew Sullivan <ajs@crankycanuck.ca>
References: <00ba01cfbbf9$d561f010$8025d030$@rozanak.com> <20140820143453.GD1065@mx1.yitter.info> <814D0BFB77D95844A01CA29B44CBF8A7A28554@lhreml513-mbb.china.huawei.com> <20140820152343.GH1065@mx1.yitter.info> <814D0BFB77D95844A01CA29B44CBF8A7A285FA@lhreml513-mbb.china.huawei.com> <20140820155522.GJ1065@mx1.yitter.info>
In-Reply-To: <20140820155522.GJ1065@mx1.yitter.info>
Date: Wed, 20 Aug 2014 22:17:57 +0200
Message-ID: <006201cfbcb3$d64e0940$82ea1bc0$@rozanak.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Outlook 14.0
Thread-Index: AQKUPlzldp8EhTskZiJwFszuzAaxyAJcgbntAd3fAtYBfgMRSgJ6DAKrAnqN6C+Z+3GvoA==
Content-Language: en-us
Archived-At: http://mailarchive.ietf.org/arch/msg/dns-privacy/cBCn53a4jGi8PviQIYNGHr3EhA8
Cc: dns-privacy@ietf.org
Subject: Re: [dns-privacy] [SPAM] Re: New draft on encrypting the stub-to-resolver link: draft-hoffman-dns-tls-stub-00.txt
X-BeenThere: dns-privacy@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: <dns-privacy.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dns-privacy/>
List-Post: <mailto:dns-privacy@ietf.org>
List-Help: <mailto:dns-privacy-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 20 Aug 2014 20:18:35 -0000
Andrew, > Let us be concrete. There are four cases: > > 1. A stub that connects to whatever resolver it gets by magic from DHCP. > > 2. A stub that connects to a specific resolver on the same network as itself. > This is like your ISP's resolver, when you specifically configure the resolver. > > 3. A stub that connects to a specific resolver over the public Internet. This is > like using Google's public DNS service. > > 4. A full-service resolver. > In (1), othing can help, because DHCP is kind of trivial to subvert, so you could > be talking to anything. In (2), your arguments sort of work, because the attack > is localized attempting to snarf _particular_ traffic. In > (3), however, your > arguments don't work: the threat is not actually to particular traffic, but to > _all_ traffic; and any attack that would actually depend on spoofing addresses > or the like would be observable by the service provider, which foils the > attack. I am not agree on this point. This point actually flashed a new idea on a possible attack that I haven't thought before.... so now encryption doesn't help user's privacy if this is for item 3. Before going further, I start with a question and some reasons as follows. Question: What is specific about that sort of traffic in item 3 when the observers can easily obtain those domains themselves from those public DNS servers or from some public websites that gathered all domain names (like ALEXA or etc.) What do we want to hide in those traffics? If I get answer to this question, maybe I get convinced that an observer makes sense for this scenario and encryption helps without authentication. reason: there is almost no *actual* valid IPv4 addresses ( all nodes are behind a NAT) and often DNS servers do not support IPv6 addresses. Do you agree? In other words, that traffic does not show any actual person to hide his/her privacy. It is just a general IP addresses that requested a certain website. This is different than the argument of Paul about Wifi (that argument is on point 2 or 1) did I understand you correctly that you agree with my argument about active attack instead of observer? (if not I probably misunderstood you and please correct me) So, in my opinion, the observer is interested only certain data. DNS server only point a person to certain server or website or whatever service available. If the observer sit where the traffic of one of backbone routers passed by and interested on the information comes from a certain network, what he might do is 1-he filters that traffic based on the IP address (this IP address is of course belongs to a certain network) , He even doesn't care whether or the traffic to DNS server is encrypted. He might also not play a role of active attacker -- if you say he will be detected... (of course I doubt, because he might be detected if he does this for a long time)-- 2- He sees that the traffic goes to DNS server but encrypted. His filters show that next traffic goes to certain website... or server...OK!... then what was hidden for him? Isn't it the traffic that we wanted to hide from him by using an encryption mechanism. In other words, isn't it that encrypted traffic that easily observed by this unwanted person? > In (4), of course, we don't have the problem. I include it because the > validating stub in effect ends up having to chase most things itself, so it > devolves to this. > > Your argument works if one is trying to prevent someone getting particular > traffic. If the threat, however, is the general snarfing up of all the traffic > towards a particular resolver with the goal of learning about all of its traffic, > then even if some of it leaks that's not a big deal. In this case, failing to > authenticate the resolver presents no real additional vulnerability. Now I think it works even without that.. if you really like to use only observer in your traffic. Best, Hosnieh
- [dns-privacy] New draft on encrypting the stub-to… Paul Hoffman
- Re: [dns-privacy] New draft on encrypting the stu… Hosnieh Rafiee
- Re: [dns-privacy] New draft on encrypting the stu… Paul Wouters
- Re: [dns-privacy] New draft on encrypting the stu… Paul Hoffman
- Re: [dns-privacy] New draft on encrypting the stu… Hosnieh Rafiee
- Re: [dns-privacy] New draft on encrypting the stu… Joe Abley
- Re: [dns-privacy] New draft on encrypting the stu… Paul Wouters
- Re: [dns-privacy] New draft on encrypting the stu… Hosnieh Rafiee
- Re: [dns-privacy] [SPAM] Re: New draft on encrypt… Hosnieh Rafiee
- Re: [dns-privacy] New draft on encrypting the stu… Carsten Strotmann
- Re: [dns-privacy] New draft on encrypting the stu… 神明達哉
- Re: [dns-privacy] New draft on encrypting the stu… Paul Hoffman
- Re: [dns-privacy] New draft on encrypting the stu… Jacob Appelbaum
- Re: [dns-privacy] New draft on encrypting the stu… Paul Hoffman
- Re: [dns-privacy] New draft on encrypting the stu… Paul Wouters
- Re: [dns-privacy] New draft on encrypting the stu… Jacob Appelbaum
- Re: [dns-privacy] New draft on encrypting the stu… Jacob Appelbaum
- Re: [dns-privacy] New draft on encrypting the stu… Paul Wouters
- Re: [dns-privacy] [SPAM] Re: New draft on encrypt… Hosnieh Rafiee
- Re: [dns-privacy] New draft on encrypting the stu… Paul Hoffman
- Re: [dns-privacy] [SPAM] Re: New draft on encrypt… Carsten Strotmann
- Re: [dns-privacy] [SPAM] Re: New draft on encrypt… Hosnieh Rafiee
- Re: [dns-privacy] New draft on encrypting the stu… Jacob Appelbaum
- Re: [dns-privacy] [SPAM] Re: New draft on encrypt… Andrew Sullivan
- Re: [dns-privacy] New draft on encrypting the stu… Paul Hoffman
- Re: [dns-privacy] [SPAM] Re: New draft on encrypt… Hosnieh Rafiee
- Re: [dns-privacy] New draft on encrypting the stu… Jacob Appelbaum
- Re: [dns-privacy] New draft on encrypting the stu… Stephane Bortzmeyer
- Re: [dns-privacy] New draft on encrypting the stu… 神明達哉
- Re: [dns-privacy] [SPAM] Re: New draft on encrypt… Andrew Sullivan
- Re: [dns-privacy] [SPAM] Re: New draft on encrypt… Hosnieh Rafiee
- Re: [dns-privacy] New draft on encrypting the stu… Hosnieh Rafiee
- Re: [dns-privacy] [SPAM] Re: New draft on encrypt… Andrew Sullivan
- Re: [dns-privacy] [SPAM] Re: New draft on encrypt… Jacob Appelbaum
- Re: [dns-privacy] [SPAM] Re: New draft on encrypt… Paul Wouters
- Re: [dns-privacy] [SPAM] Re: New draft on encrypt… Jacob Appelbaum
- Re: [dns-privacy] New draft on encrypting the stu… Paul Hoffman
- Re: [dns-privacy] New draft on encrypting the stu… Paul Hoffman
- [dns-privacy] draft-hoffman-dns-tls-stub-01 posted Paul Hoffman
- Re: [dns-privacy] [SPAM] Re: New draft on encrypt… Hosnieh Rafiee
- Re: [dns-privacy] New draft on encrypting the stu… David Ulevitch
- Re: [dns-privacy] [SPAM] Re: New draft on encrypt… Andrew Sullivan
- Re: [dns-privacy] [SPAM] Re: New draft on encrypt… Hosnieh Rafiee
- Re: [dns-privacy] [SPAM] Re: New draft on encrypt… Hosnieh Rafiee
- Re: [dns-privacy] [SPAM] Re: New draft on encrypt… Andrew Sullivan
- Re: [dns-privacy] [SPAM] Re: New draft on encrypt… Hosnieh Rafiee
- Re: [dns-privacy] New draft on encrypting the stu… Wes Hardaker
- [dns-privacy] Authenticating the resolver Paul Hoffman
- Re: [dns-privacy] New draft on encrypting the stu… Mark Andrews
- Re: [dns-privacy] New draft on encrypting the stu… Wes Hardaker
- Re: [dns-privacy] Authenticating the resolver Wes Hardaker
- Re: [dns-privacy] Authenticating the resolver Paul Hoffman
- Re: [dns-privacy] New draft on encrypting the stu… John Heidemann
- Re: [dns-privacy] New draft on encrypting the stu… Phillip Hallam-Baker