Re: [dns-privacy] I-D Action: draft-ietf-dprive-dnsoquic-07.txt
Alexander Mayrhofer <alex.mayrhofer.ietf@gmail.com> Thu, 09 December 2021 09:26 UTC
Return-Path: <alex.mayrhofer.ietf@gmail.com>
X-Original-To: dns-privacy@ietfa.amsl.com
Delivered-To: dns-privacy@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B3BBF3A0121; Thu, 9 Dec 2021 01:26:09 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.099
X-Spam-Level:
X-Spam-Status: No, score=-2.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id D0ox-C_qosc3; Thu, 9 Dec 2021 01:26:07 -0800 (PST)
Received: from mail-ed1-x52a.google.com (mail-ed1-x52a.google.com [IPv6:2a00:1450:4864:20::52a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 85EF53A0858; Thu, 9 Dec 2021 01:26:07 -0800 (PST)
Received: by mail-ed1-x52a.google.com with SMTP id y13so17252841edd.13; Thu, 09 Dec 2021 01:26:07 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=SJjHbRcW1Q4traysIeMwJf86bU+ElT04E4naEu6SoQs=; b=oZ4jS+simQzJIuxHbXbLrBSpj7ZV1PVWPjlC9bDyFiwfmjUGk2GFMaXJk8gAPQ263a 7TwZbiGTi7u1p+Vj5rlNTvEAegC6Zll9dDwRAUovN4HFP8eLAC4KcndlQ7XIU/Sorkth G/0462L4RYw1V168lATgP03mfqtOXj/b4GfSmweiwbZOcjn3e9unt/sEeXurueHVDHqi TOoIEB6PV/CrbKRygwhwllMoB9rBLymD5CMCf/42//0m3/3KH1KntajpvG7/si1krbuw WmEF4EzGMP/Aeoqg5jeoB7e/wJRPDav6RakwCdzS9UHZ13OgR835a/VUy9yYPMVL6Spd HUeg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=SJjHbRcW1Q4traysIeMwJf86bU+ElT04E4naEu6SoQs=; b=pzataV482LAqi3dX2AhzIK3XKB+/ItpDgq830QiNQAqCuL8akqV5MzAFyCnUWp1cQ2 XKMLFleYTl1uH/f8MjGZxbHJe8mDXAaraeggSSO1p7SKjW2RuZeKnCuvZbjxoRcsZ1jx BoPfqSfCrhJM14wKX94dg1ptWNZGqywV1e20Mhmgcz0wXpC/1EZX37hFjfNuNZULUoi9 pRQMxBn18cZVTwbmnsHcss7jMzfNQkPkBwbvB06mc20VRpiTxXUQqIl6KkI9sy1YKUei 5knnvPebP0JQkp011Q63SVyF0/9QtYxXqfEzIjMMDyXESt80nR0bsZds8btXux6zk+j9 P4+g==
X-Gm-Message-State: AOAM532ODp8Uo53GcHHGyVssCiIDSogeRs22VL5rrfAPsMDvlO05bT6S Q8JeWttItL04nnhwQypz0K9HHxzGAVzgXguG7uwXyylEh6c=
X-Google-Smtp-Source: ABdhPJw0+rnvpjlTfDnrFvRCxrfIpdsShZXGhSEYNjN9/G5a8495oHbfjlqFEKuZdnItc8Plx8rx1sVFWpvszRcDcTQ=
X-Received: by 2002:a17:907:60c8:: with SMTP id hv8mr14377229ejc.163.1639041963589; Thu, 09 Dec 2021 01:26:03 -0800 (PST)
MIME-Version: 1.0
References: <163837452936.12358.1396647661232168093@ietfa.amsl.com>
In-Reply-To: <163837452936.12358.1396647661232168093@ietfa.amsl.com>
From: Alexander Mayrhofer <alex.mayrhofer.ietf@gmail.com>
Date: Thu, 09 Dec 2021 10:25:52 +0100
Message-ID: <CAHXf=0qQk2zK9_wihfXcnScU9D7oCO5g_quCitGceRszt9HrMQ@mail.gmail.com>
To: DNS Privacy Working Group <dns-privacy@ietf.org>
Cc: i-d-announce@ietf.org
Content-Type: text/plain; charset="UTF-8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dns-privacy/h9WoHZD5S6PKa-q2I-m0HO-w3Jw>
Subject: Re: [dns-privacy] I-D Action: draft-ietf-dprive-dnsoquic-07.txt
X-BeenThere: dns-privacy@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Addition of privacy to the DNS protocol <dns-privacy.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dns-privacy/>
List-Post: <mailto:dns-privacy@ietf.org>
List-Help: <mailto:dns-privacy-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 09 Dec 2021 09:26:10 -0000
Sara, Allison, Christian,
I read through the latest revision of DoQ, and i'm afraid i do have a
comment regarding the padding section. More specifically, i think the
second "option" of section 6.4 should refer to the base specification
of EDNS0-Padding, rather than the Padding policies RFC. It currently
reads as:
* if padding at the QUIC level is not available or not used, DNS
over QUIC MUST ensure that all DNS queries and responses are
padded to a small set of fixed sizes, using the EDNS padding
extension as specified in "Padding Policies for Extension
Mechanisms for DNS (EDNS(0))" [RFC8467].
And i do believe that - as the sentence stands - the reference should
be RFC 7830. Note that RFC 8467 is Experimental (and was by intent, as
the privacy properties of Padding would probably shift with more
operational expertise). So, i feel REQUIRING that padding is used
makes more sense than REQUIRING the use of the experimental padding
sizes in RFC8467.
I think the sentence should read "padded to a small set of fixed
sizes, using the EDNS Padding Extension as specified in [RFC7830]."
I like the "aligned with..." text in the previous bullet point, which
could also be used here, indicating that the MUST is for the the
padding, and not necessarily for that revision of the padding policy.
It's not a showstopper, though. What do you think?
best,
Alex
- [dns-privacy] I-D Action: draft-ietf-dprive-dnsoq… internet-drafts
- Re: [dns-privacy] I-D Action: draft-ietf-dprive-d… Sara Dickinson
- Re: [dns-privacy] I-D Action: draft-ietf-dprive-d… Brian Haberman
- Re: [dns-privacy] I-D Action: draft-ietf-dprive-d… Brian Haberman
- Re: [dns-privacy] I-D Action: draft-ietf-dprive-d… Vladimír Čunát
- Re: [dns-privacy] I-D Action: draft-ietf-dprive-d… Alexander Mayrhofer
- Re: [dns-privacy] I-D Action: draft-ietf-dprive-d… Sara Dickinson