Re: [dns-privacy] ENDS0 Padding Profile: Rough first draft

Hugo Connery <hmco@env.dtu.dk> Tue, 01 November 2016 11:09 UTC

Return-Path: <hmco@env.dtu.dk>
X-Original-To: dns-privacy@ietfa.amsl.com
Delivered-To: dns-privacy@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8818F1295D5 for <dns-privacy@ietfa.amsl.com>; Tue, 1 Nov 2016 04:09:36 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.117
X-Spam-Level:
X-Spam-Status: No, score=-4.117 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-1.497] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id uudeCJACq0U9 for <dns-privacy@ietfa.amsl.com>; Tue, 1 Nov 2016 04:09:34 -0700 (PDT)
Received: from spamfilter1.dtu.dk (spamfilter1.dtu.dk [130.225.73.112]) (using TLSv1.2 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CB36D1295CB for <dns-privacy@ietf.org>; Tue, 1 Nov 2016 04:09:33 -0700 (PDT)
Received: from ait-pexedg02.win.dtu.dk (ait-pexedg02.win.dtu.dk [192.38.82.192]) by spamfilter1.dtu.dk with ESMTP id uA1B9SsL013890-uA1B9SsN013890 (version=TLSv1.0 cipher=DHE-RSA-AES256-SHA bits=256 verify=CAFAIL); Tue, 1 Nov 2016 12:09:28 +0100
Received: from ait-pex02mbx04.win.dtu.dk (192.38.82.184) by ait-pexedg02.win.dtu.dk (192.38.82.192) with Microsoft SMTP Server (TLS) id 14.3.319.2; Tue, 1 Nov 2016 12:09:26 +0100
Received: from ait-pex01mbx01.win.dtu.dk (192.38.82.181) by ait-pex02mbx04.win.dtu.dk (192.38.82.184) with Microsoft SMTP Server (TLS) id 14.3.319.2; Tue, 1 Nov 2016 12:09:27 +0100
Received: from 0x525.env.dtu.dk (130.225.73.250) by ait-pex01mbx01.win.dtu.dk (192.38.82.181) with Microsoft SMTP Server id 14.3.319.2; Tue, 1 Nov 2016 12:09:27 +0100
Message-ID: <1477998568.4843.13.camel@env.dtu.dk>
From: Hugo Connery <hmco@env.dtu.dk>
To: Alexander Mayrhofer <alex.mayrhofer.ietf@gmail.com>, <dns-privacy@ietf.org>
Date: Tue, 1 Nov 2016 12:09:28 +0100
In-Reply-To: <CAHXf=0p+Afhs27SQraupwyF4DO9on4a3aJKJ_B7Gc+gHzBmqtQ@mail.gmail.com>
References: <CAHXf=0p+Afhs27SQraupwyF4DO9on4a3aJKJ_B7Gc+gHzBmqtQ@mail.gmail.com>
Content-Type: text/plain; charset="UTF-8"
X-Mailer: Evolution 3.18.5.2 (3.18.5.2-1.fc23)
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Originating-IP: [130.225.73.250]
Archived-At: <https://mailarchive.ietf.org/arch/msg/dns-privacy/e8Sb7nD3m-IgJTjUxDO1o2VKs2E>
Subject: Re: [dns-privacy] ENDS0 Padding Profile: Rough first draft
X-BeenThere: dns-privacy@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: <dns-privacy.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dns-privacy/>
List-Post: <mailto:dns-privacy@ietf.org>
List-Help: <mailto:dns-privacy-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 01 Nov 2016 11:09:36 -0000

Hi,

The document looks like a great start.  

You seem to be using 'strategy' (28 times) and 'profile' (8 times)
interchangeably. You may wish to prefer one over the other, or
clearly delineate the difference in meaning.

The list of strategies looks great.  Perhaps you could mention
the "pad the message to the maximum possible message length" 
explicitly as a sub-case of "Block Length Padding".  

I am not recommending it, but it has the maximum "confidentiality"
property (all EDNS messages look identical -- random noise of the same
size). Thus, it probably deserves an explicit mention, in the same
way that "no padding" deserves a mention as it has the minimum
"confidentiality" property.

You spell length as lenght twice in the first paragraph of section 4.5

Regards,  Hugo Connery

On Mon, 2016-10-31 at 22:40 +0100, Alexander Mayrhofer wrote:
> Hi,
> 
> I've posted a first rough cut of a "Padding Profile" draft,
> describing strategies regarding EDNS0 padding size (which we
> specifically did *not* address in RFC 7830):
> 
> https://tools.ietf.org/html/draft-mayrhofer-dprive-padding-profile-00
> 
> It's more like a "strawman proposal" rather than a polished document
> in the current version, but i'm more than happy to talk about it in
> Seoul if we have time. See the full I-D announcement below.
> 
> best,
> Alex
> 
> 
> A New Internet-Draft is available from the on-line Internet-Drafts
> directories.
> 
> 
>         Title           : Padding Profiles for EDNS(0)
>         Author          : Alexander Mayrhofer
> 	Filename        : draft-mayrhofer-dprive-padding-profile-00.txt
> 	Pages           : 6
> 	Date            : 2016-10-31
> 
> Abstract:
>    RFC 7830 specifies the EDNS0 'Padding' option, but does not
> specify
>    the amount of padding to be used in specific applications.  This
> memo
>    lists the possible options ("Padding Profiles"), discusses the
>    implications of each of these options, and provides implementation
>    guidance.
> 
> 
> The IETF datatracker status page for this draft is:
> https://datatracker.ietf.org/doc/draft-mayrhofer-dprive-padding-profi
> le/
> _______________________________________________
> dns-privacy mailing list
> dns-privacy@ietf.org
> https://www.ietf.org/mailman/listinfo/dns-privacy