[dns-privacy] "A Study of Privacy and Anonymity in the DNS"
Stephane Bortzmeyer <bortzmeyer@nic.fr> Fri, 02 September 2016 07:47 UTC
Return-Path: <bortzmeyer@nic.fr>
X-Original-To: dns-privacy@ietfa.amsl.com
Delivered-To: dns-privacy@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 46D6512D091 for <dns-privacy@ietfa.amsl.com>; Fri, 2 Sep 2016 00:47:43 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.048
X-Spam-Level:
X-Spam-Status: No, score=-6.048 tagged_above=-999 required=5 tests=[BAYES_05=-0.5, RCVD_IN_DNSWL_HI=-5, RP_MATCHES_RCVD=-0.548] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id exNofVhwwqIV for <dns-privacy@ietfa.amsl.com>; Fri, 2 Sep 2016 00:47:41 -0700 (PDT)
Received: from mx4.nic.fr (mx4.nic.fr [IPv6:2001:67c:2218:2::4:12]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 637C112D090 for <dns-privacy@ietf.org>; Fri, 2 Sep 2016 00:47:41 -0700 (PDT)
Received: from mx4.nic.fr (localhost [127.0.0.1]) by mx4.nic.fr (Postfix) with SMTP id 2D5B12806AA for <dns-privacy@ietf.org>; Fri, 2 Sep 2016 09:47:39 +0200 (CEST)
Received: from relay2.nic.fr (relay2.nic.fr [192.134.4.163]) by mx4.nic.fr (Postfix) with ESMTP id 2948D2800ED for <dns-privacy@ietf.org>; Fri, 2 Sep 2016 09:47:39 +0200 (CEST)
Received: from b12.nic.fr (b12.tech.ipv6.nic.fr [IPv6:2001:67c:1348:7::86:133]) by relay2.nic.fr (Postfix) with ESMTP id 2763FB38024 for <dns-privacy@ietf.org>; Fri, 2 Sep 2016 09:47:09 +0200 (CEST)
Received: by b12.nic.fr (Postfix, from userid 1000) id 217C3403C7; Fri, 2 Sep 2016 09:47:09 +0200 (CEST)
Date: Fri, 02 Sep 2016 09:47:09 +0200
From: Stephane Bortzmeyer <bortzmeyer@nic.fr>
To: dns-privacy@ietf.org
Message-ID: <20160902074709.vykgp2v4xg5tvqal@nic.fr>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
X-Operating-System: Debian GNU/Linux stretch/sid
X-Kernel: Linux 4.6.0-1-amd64 x86_64
X-Charlie: Je suis Charlie
Organization: NIC France
X-URL: http://www.nic.fr/
User-Agent: Mutt/1.6.2-neo (2016-07-23)
Archived-At: <https://mailarchive.ietf.org/arch/msg/dns-privacy/hCg4cMuTcMQJZvbWufPDQr_KrE0>
Subject: [dns-privacy] "A Study of Privacy and Anonymity in the DNS"
X-BeenThere: dns-privacy@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: <dns-privacy.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dns-privacy/>
List-Post: <mailto:dns-privacy@ietf.org>
List-Help: <mailto:dns-privacy-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 02 Sep 2016 07:47:43 -0000
At the next OARC workshop: https://indico.dns-oarc.net/event/25/session/5/contribution/26 A Study of Privacy and Anonymity in the DNS Speakers Christopher WOOD Primary authors Christopher WOOD (UCI) Co-authors Prof. Gene TSUDIK (UCI) Cesar GHALI (Google) Content The need for a private Domain Name System (DNS) has become increasingly important in recent years. There are several different proposals to address this growing problem, including DNS-over-TLS and DNSCurve. The former enables clients to create ephemeral sessions with either their resolver or authoritative (stub) servers in which queries can be issued. The latter uses per-query encryption to protect queries between clients and servers. Encryption is core mechanism used to enable client privacy in both of these solutions. However, in a recent study, Shulman showed that encryption alone is insufficient to protect the privacy of queries. Information leaked in DNS side channels, such query timing, frequency, and resolution ``chains,'' may reveal the contents of a query. Moreover, by observing the trust properties of DNS servers and their responses, an adversary may also learn the specific record within a domain that was requested. [...]
- [dns-privacy] "A Study of Privacy and Anonymity i… Stephane Bortzmeyer