Re: [dns-privacy] Scope of Privacy considerations

Robert Edmonds <edmonds@mycre.ws> Mon, 28 November 2016 20:18 UTC

Return-Path: <edmonds@mycre.ws>
X-Original-To: dns-privacy@ietfa.amsl.com
Delivered-To: dns-privacy@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A136112951B for <dns-privacy@ietfa.amsl.com>; Mon, 28 Nov 2016 12:18:34 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.399
X-Spam-Level:
X-Spam-Status: No, score=-3.399 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RP_MATCHES_RCVD=-1.497, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ysn2m7osaAHH for <dns-privacy@ietfa.amsl.com>; Mon, 28 Nov 2016 12:18:33 -0800 (PST)
Received: from mycre.ws (mycre.ws [45.33.102.105]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CDE771293FB for <dns-privacy@ietf.org>; Mon, 28 Nov 2016 12:18:33 -0800 (PST)
Received: by chase.mycre.ws (Postfix, from userid 1000) id 068E712C0EDB; Mon, 28 Nov 2016 15:18:33 -0500 (EST)
Date: Mon, 28 Nov 2016 15:18:33 -0500
From: Robert Edmonds <edmonds@mycre.ws>
To: dns-privacy@ietf.org
Message-ID: <20161128201833.kskgkrvdqflis73m@mycre.ws>
References: <CAAdbxrrft9MUSPzYWSZozxDQVaz-kydoczxD56uEP97Fd0EcEg@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
In-Reply-To: <CAAdbxrrft9MUSPzYWSZozxDQVaz-kydoczxD56uEP97Fd0EcEg@mail.gmail.com>
Archived-At: <https://mailarchive.ietf.org/arch/msg/dns-privacy/mNabyz5LSeBNvju8F4ssfTAt6Zc>
Subject: Re: [dns-privacy] Scope of Privacy considerations
X-BeenThere: dns-privacy@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: <dns-privacy.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dns-privacy/>
List-Post: <mailto:dns-privacy@ietf.org>
List-Help: <mailto:dns-privacy-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 28 Nov 2016 20:18:34 -0000

Tariq Saraj wrote:
> The recursive resolver always resolves query on behalf of stub-resolver,
> thus I am still worried that why the scope of confidentiality for DNS
> messages is still a subject of interest.

In-server threats to privacy are explicitly described in the DNS Privacy
Considerations document (RFC 7626 ยง2.5), and the existence of in-server
threats are not a reason to fail to address on-the-wire threats. The
DPRIVE WG is chartered to address both on-the-wire and in-server
threats:

    The primary focus of this Working Group is to develop mechanisms
    that provide confidentiality between DNS Clients and Iterative
    Resolvers, but it may also later consider mechanisms that provide
    confidentiality between Iterative Resolvers and Authoritative
    Servers, or provide end-to-end confidentiality of DNS transactions.

> As, privacy is mostly an individual specific issue, and the term Personally
> Identifiable Information (PII) is very specific, yet the scope is a subject
> of matter.

The lack of privacy in the DNS protocol is not an individual-specific
issue. It enables the "widespread attack" of "pervasive monitoring",
which the IETF has committed to mitigating (RFC 7258). This is a much
broader issue than the existence or disclosure of personally
identifiable data.

-- 
Robert Edmonds