[dns-privacy] ADoX experiments (was: Re: Intermediate proposal (what I was saying at the mic))

Stephen Farrell <stephen.farrell@cs.tcd.ie> Mon, 02 August 2021 13:22 UTC

Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: dns-privacy@ietfa.amsl.com
Delivered-To: dns-privacy@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 10EA13A1DAB for <dns-privacy@ietfa.amsl.com>; Mon, 2 Aug 2021 06:22:56 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, MSGID_FROM_MTA_HEADER=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=cs.tcd.ie
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id XuAqAzFSXCCe for <dns-privacy@ietfa.amsl.com>; Mon, 2 Aug 2021 06:22:51 -0700 (PDT)
Received: from EUR05-AM6-obe.outbound.protection.outlook.com (mail-am6eur05on2108.outbound.protection.outlook.com [40.107.22.108]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BECC03A1DA7 for <dns-privacy@ietf.org>; Mon, 2 Aug 2021 06:22:50 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=U7VjOFizHLXzab3XT+s7upal7lsTzpQ0H2aNIGy3DOndqn9TJ/3b11gYzZkxCrSyITfbWr3m7nppyHYfcogIkJSpEI62FZdGwKJWl84G/0rhWJ7w4YF4t5UOqOqG9o9M5+HigEdoguxozk2RehGIXxFSin9bkpeqeYKk1KA/6TymSaly1eD0cbb3dfuvj4XD3DzhRz4Gg4MOgm5b/ghK7dWpKzGbJikgbxGtuoEuPoc62xwMc6rm4ujNjDJhmc3MdH0G+4Bybzqxho8v0QGWs5/7dRiJXa03RBje+n1WhOzp7sQ8cfUnfTwl9yghyw7OLFt5L+SSeO7QEODUzB1Kag==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=/nGfF4oIqCjOVRKbiimHQa7lpFWqfYs9jwqXdzQu3Bk=; b=JfEMakD8Da3IQbj6SoDKvE3YFYD68CBqhxmOBurZl0sDztgT1+5WZd2Yk3d5r+WqnYXJYoxZGtTjvuQEieqgQGmInI7GQCFjScQK7pzSg/TcfEakToa092uDvRcAAQ6S6qRUvK9He/w3sOPhkg9/jxO15YHMBYWO+C5fmkssRcSAYJXnFPO1GpoSfDPQqm1SK7bHMcvpAwVJHZVPjQgTbknf2R+y1fiVnm4tf9RAnOigL37idHdD+mx6E+uQ/DEIRVWvNmLdrHxTDioicRkturI9rHrc4pF3J8ySJrd+KkoqBjxr5CVxJsbPyK+sufrYindSh1mMlwkjajFGRlzs4g==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cs.tcd.ie; dmarc=pass action=none header.from=cs.tcd.ie; dkim=pass header.d=cs.tcd.ie; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cs.tcd.ie; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=/nGfF4oIqCjOVRKbiimHQa7lpFWqfYs9jwqXdzQu3Bk=; b=p/HNQwaxzKnn82Ai2l25B0eKnWateE8UMxXCxzUggiRJ3ZsAqw0D7Z9tx96XEDypUcSw7OrjXxDaHsheE+1kZ1+GEUiogRbmvO98bm2GvwPHhc1DbdYLT50PrD3gp5L6HgJ15SnnyrTBPqFKjB7y7TLcpip1WH+QpCpqDqbXxnkyBJNJey3AiRKYCrlJzbnW6WZXS9LgYs2IMkRyM66sK0tNZIAJcXE5MA5a2aJMJKTXy2f1ZVRtRCEBBTBmb8NhPQ8XYvqa0G9cPa+JKY0tbeVgLQa92M7XEHasMf18adVCZAKicTvjLb4oYWWqT2DtEkLmMSWj+mFzjyL5o/MrFQ==
Authentication-Results: ietf.org; dkim=none (message not signed) header.d=none;ietf.org; dmarc=none action=none header.from=cs.tcd.ie;
Received: from DB7PR02MB5113.eurprd02.prod.outlook.com (2603:10a6:10:77::15) by DB9PR02MB6746.eurprd02.prod.outlook.com (2603:10a6:10:215::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4373.18; Mon, 2 Aug 2021 13:22:47 +0000
Received: from DB7PR02MB5113.eurprd02.prod.outlook.com ([fe80::4198:a9d1:7246:8272]) by DB7PR02MB5113.eurprd02.prod.outlook.com ([fe80::4198:a9d1:7246:8272%3]) with mapi id 15.20.4373.026; Mon, 2 Aug 2021 13:22:47 +0000
To: Martin Thomson <mt@lowentropy.net>, dns-privacy@ietf.org
References: <CABcZeBNRZsyjd-M_hKOwxdqY=Y7oZs5-d4waqPHb9gO-GJNV+Q@mail.gmail.com> <8b2ac283-614e-40d2-b6bf-5e67d5324aaa@www.fastmail.com>
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Message-ID: <9f184e77-056a-3a49-8832-249d36bbab82@cs.tcd.ie>
Date: Mon, 02 Aug 2021 14:22:45 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.11.0
In-Reply-To: <8b2ac283-614e-40d2-b6bf-5e67d5324aaa@www.fastmail.com>
Content-Type: multipart/signed; micalg="pgp-sha256"; protocol="application/pgp-signature"; boundary="nF7ZRjFpbJHXqUmFFKssAhfqjhKPjWfxl"
X-ClientProxiedBy: DB6PR07CA0080.eurprd07.prod.outlook.com (2603:10a6:6:2b::18) To DB7PR02MB5113.eurprd02.prod.outlook.com (2603:10a6:10:77::15)
MIME-Version: 1.0
X-MS-Exchange-MessageSentRepresentingType: 1
Received: from [10.244.2.119] (95.45.153.252) by DB6PR07CA0080.eurprd07.prod.outlook.com (2603:10a6:6:2b::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4394.9 via Frontend Transport; Mon, 2 Aug 2021 13:22:46 +0000
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id: 8fe78072-5be8-422a-224e-08d955b89e73
X-MS-TrafficTypeDiagnostic: DB9PR02MB6746:
X-MS-Exchange-SharedMailbox-RoutingAgent-Processed: True
X-Microsoft-Antispam-PRVS: <DB9PR02MB6746A32A39F44D8D6D14AF18A8EF9@DB9PR02MB6746.eurprd02.prod.outlook.com>
X-TCD-Routed-via-EOP: Routed via EOP
X-TCD-ROUTED: Passed-Transport-Routing-Rules
X-MS-Oob-TLC-OOBClassifiers: OLM:2449;
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: 13421IKBUiKzt3a6ZC1NrTw2X0gjBj3ca3+gCrRAWYUDLsV1gr5FN2fPl4HlPEUDGCrHEyLz334sxHoJn+xZdBkKDW1BBdYwGyhj0jAkV93aVH454Q2HxihRjlsB4Di8YBhVDPPxVRGztIihVvGoY0RYzlH/IipurIjmj5rGVL37jljyJ2htwObmmOhZl46JPYR9eqCZodw8hqAC1fBvm9Ph8kbbHTU7fmD7iQ1383XGcbFJ/0BVOmaRISbp+M6phHf+iLi03Cy3BmtwMfgAr2NlFlSPhxh3ZCfItPq9YhbtiVh+SKmkQ8XR/RWkTmEIAgsjruQ7EPhmBy61UMo84dI4xZr9q/aiPlvEQPTvozEXBU5gnzohkrHSxzE7iiebMfNkZLrx4yjVt+E112qt+M4t0AuLCropkbQtz1BJTrSNQSa4oAUqvsdJlqqIWkvwGTMjBwkd71oMrnXSftHpyUxJGF2K6feSnRa1lBQ7Rf8MTSb0wcgNrAPnFxuWEQtrXEkmpCUMc/1Fr9BDjGHvfkR64d9CRgjspWmlBkoKH02hAJx5ddLu/L2GCCXcVK165dleDdrs8P5wv3FbAsY0be2VrTmyD4XXcaOUk6aA6BBK76mhkvFi4kZny2WkilLrNMvQpzsmZ+BYwdfzgk280s+nsE5c0j4HD+a8iLaQ8ldZnTMkoSLJMpfWMJc1DDcg3LikJ5RqJaYCzPH4ChEbOp00e3IKm+c09YVHol8wAEQ=
X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:DB7PR02MB5113.eurprd02.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(39860400002)(346002)(376002)(136003)(366004)(396003)(38100700002)(44832011)(478600001)(6486002)(31696002)(956004)(2906002)(2616005)(31686004)(786003)(316002)(86362001)(66616009)(186003)(8676002)(66476007)(66556008)(21480400003)(66946007)(8936002)(36756003)(26005)(235185007)(83380400001)(53546011)(33964004)(16576012)(5660300002)(45980500001)(43740500002); DIR:OUT; SFP:1102;
X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1
X-MS-Exchange-AntiSpam-MessageData-0: sCnuode09QGPCEKuN9IXfGMVT5tOAzoA/F4rzFlQpp9EEWHJyQJZcKF286SNCFIvMwFxDuRutdaemHNA4Cx3x7vZkPpFohI+KWpAkwOX+XJpr4aQfxJMrRBuupd0qxCzPuHwYo/T9daTlk2vZP6k36AzpNm2b2+6zmNplhocRcOcs0Y0+FdxClg0jPC4FFafYoJzaKq80KRSP6WAhnnw45XztuUXKu8MvFxVzUR/JpOxVpjRSVU0owd/VqdGU//68q8iz3Fyn/K2JbzKHnb9arOQGloROxpRd4vG02FiQWMcFzF8qkkYvqtnvBHc1nxKMzzS6oIX8zQ17U37E9FY+Om2/t+DO5D55fEp93e7S+ihnN+bKFPIAb+HIV/7fB30KEQK7lBd6SzrpdE8tSkSJsO4pkrprPYYlAHyoINrnPumbHBe9s3H0f3whCPMcW0h8BJ/j2vEx/dv995nmTnJyGzIKyOdxIL0NZEt+fV1ORX8r3CccMjNfz1rdzx0gJ1Du8eUaMaMGsFNxUMpLlluoampAkiuCI/zT2lo/ocIFGG5DqV/QxkXT90k+YuHb3xpevMU9MDCQNMMdZLgexYnMv52Rwha4d62kT9q1ptwrSJGemsxFUv0Cv6pJ2o7YNCHrw16DGVhYKojjKg46LE3r69ylwM5YcABI4TPbKD2G4MVOaBJgEpWvbGQVZu98buhgaJiC2ROC/68XiRRPVb53ugaoam2EXpqrPmRvDqR9ia8Dbb/IlkauLggSybTvexLIDSUIFjYIcn1syrhsAS/lTsPlarqiABTlJlT/CJqP/qjOexYHrepvOfq1KW8C0+jjtVHlloQQTF6KfwHeA1xV6iRynRBy0zc6Sa25YyyR5TrNPt1uh01JeCJ1WgO6HV66QmV88Q2YYuSupD4ZiomLURzUXXktmOn0ghJdJ1IsumZvOJitdjdT/rW73U3LFio2wbu/XZzBsPsejfR1qPw1KiQ4MVfOS5gT1Qgjd/c+6aDJMezu4s+EC4zYryhjvYfdnnpUXKoGHii2lSIgAtBTnxZEbxzP7rYloGCAsDuocaxYpG5F6LhpUefEGFDLyn0hzbFyD1mfOklFGmkU5twfBmvlk6Su4Qy9MZ9pxKFnPs7H0Uo9H72IVp7il8C1Ld3xxzeTQdSGsdRyz5niJZ1XxzzPQZUljiTUPbTFIpy3LS+yHU9fvbuWAJs4+SMrve8PbdohH5AETJD36cDK0lK9PxzuAWp/8kfqOgkDK876LcciuMrugPLkPJHsGrHpAXkLWd4GRy4o/2WRko2rZN7cqaJvSK4U6qVn4ResweAyGLSbOzs7Fhrfl3m+xA/vV8n
X-OriginatorOrg: cs.tcd.ie
X-MS-Exchange-CrossTenant-Network-Message-Id: 8fe78072-5be8-422a-224e-08d955b89e73
X-MS-Exchange-CrossTenant-AuthSource: DB7PR02MB5113.eurprd02.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 02 Aug 2021 13:22:47.1374 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: d595be8d-b306-45f4-8064-9e5b82fbe52b
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: L2iPLIJVFVlXkcI124jO9UPT5bTbv85bw+iT/UbQWxyWIGmWihSplKGWQcBSHwDc
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DB9PR02MB6746
Archived-At: <https://mailarchive.ietf.org/arch/msg/dns-privacy/eY3FeTDIZRmB5kz5yY3QrUR-PSI>
Subject: [dns-privacy] ADoX experiments (was: Re: Intermediate proposal (what I was saying at the mic))
X-BeenThere: dns-privacy@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Addition of privacy to the DNS protocol <dns-privacy.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dns-privacy/>
List-Post: <mailto:dns-privacy@ietf.org>
List-Help: <mailto:dns-privacy-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 02 Aug 2021 13:22:56 -0000

Hiya,

On 02/08/2021 05:21, Martin Thomson wrote:
> If we decided on a single answer for the first and in the negative
> for the second, would that make authentication viable? 

IMO we ought not just "decide" on most of the tricky ADoX
issues but we should rather document the options sufficient
to allow people to do experiments and then wait and see how
those experiments go. I'd say a stable I-D is probably
enough documentation to allow for experiments and I'd hope
such experiments could be done in 6-12 months. I'd expect
we might still be left with a few tricky issues, but that
a number of those (where we might make wrong choices now)
would be resolved once people try 'em out.

So my suggestion is to review the I-Ds we have with a view
to figuring out what's missing that's needed to allow such
experiments, fix that and then "park" those I-Ds 'till we
get results. That could be similar to how drafts are declared
to be "interop drafts" in other WGs or could be a WGLC-like
process.

If we decided to try go that way, I'd be happy to try help
get some such experiment going.

Cheers,
S.