IETF Logo Mail Archive

Re: [dns-privacy] Stephen Farrell's Discuss on draft-ietf-dprive-dns-over-tls-07: (with DISCUSS and COMMENT)

Stephen Farrell <stephen.farrell@cs.tcd.ie> Wed, 09 March 2016 21:17 UTC

Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: dns-privacy@ietfa.amsl.com
Delivered-To: dns-privacy@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 878A312DA16; Wed, 9 Mar 2016 13:17:28 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.302
X-Spam-Level:
X-Spam-Status: No, score=-4.302 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cs.tcd.ie
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id eQ5lst3UjEyd; Wed, 9 Mar 2016 13:17:25 -0800 (PST)
Received: from mercury.scss.tcd.ie (mercury.scss.tcd.ie [134.226.56.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2FF5612DA14; Wed, 9 Mar 2016 13:17:25 -0800 (PST)
Received: from localhost (localhost [127.0.0.1]) by mercury.scss.tcd.ie (Postfix) with ESMTP id 33BD2BE5B; Wed, 9 Mar 2016 21:17:23 +0000 (GMT)
X-Virus-Scanned: Debian amavisd-new at scss.tcd.ie
Received: from mercury.scss.tcd.ie ([127.0.0.1]) by localhost (mercury.scss.tcd.ie [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id iTkAFNBf_cWe; Wed, 9 Mar 2016 21:17:21 +0000 (GMT)
Received: from [10.87.49.100] (unknown [86.46.19.12]) by mercury.scss.tcd.ie (Postfix) with ESMTPSA id B0202BE54; Wed, 9 Mar 2016 21:17:20 +0000 (GMT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cs.tcd.ie; s=mail; t=1457558241; bh=z6bNXi652iN+OfqP5p3EWkQX1iOFHaV3B70WY8OGp0s=; h=Subject:To:References:Cc:From:Date:In-Reply-To:From; b=J4BrwMpk1amJK66VJ5ym2ljeVKcAbf40Q/kpKCTSI7eOFBHPSjBiSZFHr2eXxwhWZ v5TJXZ1thIf7Mprxu518c9e/alRPwhuXuCcXazaiVpV1GLYyeOe8mEVDcZFQxPq11O TzPXKOmSOHoT7/I0uaIVvYBT8bHoJ9MQXMQIVvWg=
To: "Wessels, Duane" <dwessels@verisign.com>
References: <20160309141923.27481.29744.idtracker@ietfa.amsl.com> <B870977A-D693-491E-B0FF-B97120C98CD8@verisign.com>
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Openpgp: id=D66EA7906F0B897FB2E97D582F3C8736805F8DA2; url=
Message-ID: <56E092D9.6070703@cs.tcd.ie>
Date: Wed, 09 Mar 2016 21:17:13 +0000
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.5.1
MIME-Version: 1.0
In-Reply-To: <B870977A-D693-491E-B0FF-B97120C98CD8@verisign.com>
Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg="sha-256"; boundary="------------ms030908050508070703070400"
Archived-At: <http://mailarchive.ietf.org/arch/msg/dns-privacy/mWAaF-fYv3Al_BwU0qfMq5aIjIs>
Cc: Allison Mankin <allison.mankin@gmail.com>, "draft-ietf-dprive-dns-over-tls@ietf.org" <draft-ietf-dprive-dns-over-tls@ietf.org>, Sara Dickinson <sara@sinodun.com>, The IESG <iesg@ietf.org>, "dprive-chairs@ietf.org" <dprive-chairs@ietf.org>, "dns-privacy@ietf.org" <dns-privacy@ietf.org>
Subject: Re: [dns-privacy] Stephen Farrell's Discuss on draft-ietf-dprive-dns-over-tls-07: (with DISCUSS and COMMENT)
X-BeenThere: dns-privacy@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: <dns-privacy.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dns-privacy/>
List-Post: <mailto:dns-privacy@ietf.org>
List-Help: <mailto:dns-privacy-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 09 Mar 2016 21:17:28 -0000


On 09/03/16 18:43, Wessels, Duane wrote:
> 
>> On Mar 9, 2016, at 6:19 AM, Stephen Farrell <stephen.farrell@cs.tcd.ie> wrote:
>>
>>
> 
> Starting with the easy ones...

Sure they're all easy:-)

All of the stuff below is fine except as noted...

>>
>> - abstract: rfc-ed prefers s/[RFC7258]/(RFC7258)/ in abstracts
> 
> Okay, fixed.
> 
>>
>> - abstract: would RFC7626 be a better thing to point at from here
>> instead of RFC7258?
> 
> Yes I think thats a good change.
> 
> 
>>
>> - intro: maybe "recently adopted" is no longer true, consider
>> rephrasing?
> 
> s/recently/also/
> 
> 
>>
>> - intro: Might be better to refer to RFC7525 as BCP195, so that you
>> don't need to say "or its successors." Same thing in 3.2.
> 
> Ack, done.
> 
>>
>> - 3.1: "purely for encrypted communications" is good - but do we
>> need to say anything about NULL ciphersuites? RFC7525 says you MUST
>> NOT negotiate those, so it's probably ok, unless you want to
>> re-enforce that here.
> 
> My opinion is that we're covered by RFC7525/BCP195, which is referenced
> in the next section under Handshake and Authentication.  If we specifically
> mention NULL encryption, then wouldn't we also need to mention RC4, "not
> less than 112 bits" and any other requirements from RFC7525?
> 
> 
>>
>> - 3.2: "make use of trusted a SPKI Fingerprint pinset" needs to be
>> rephrased.
> 
> Do you say that because SPKI is not spelled out at this point, or
> something else?  We've since expanded SPKI here.

No "trusted a SPKI" seems like Yoda-speak is all:-)

> 
>>
>> - 3.4, 2nd last para: this recommends using tickets (RFC5077), which
>> is fine. RFC7525 (section 3.4) suggests changing tickets at least
>> weekly. Is that suggestion also good here or would it be better to
>> recommend (or suggest) some other ticket lifetime? I'd guess 
>> it's fine but maybe you know better?
> 
> Ticket lifetime hasn't come up before, so I would assume the RFC7525
> recommendation is fine.
> 
> 
>>
>> - 4.1, RFC 7435 is about "opportunistic security" and not about
>> "opportunistic encryption." That followed a long terminology debate,
>> so you might want to s/encryption/security/ there. (But I don't care
>> personally:-)
> 
> I've changed it to opportunistic encryption.

It was that before, though. Maybe you did s/encryption/security/
which'd be fine.

> 
>>
>> - 4.1, last para: OS never provides "guaranteed" privacy. I think
>> what you mean is that while you're always vulnerable to an on-path
>> attacker, if there is no such attacker then you do get privacy (to
>> the recursive) albeit with no guarantee. I think that's subtly
>> different from what's stated.
> 
> Okay if we just change "provides guaranteed privacy" to "provides privacy" ?
> 
> 
>>
>> - 4.2, "The user MUST be alerted" needs a qualification - what if
>> it's my calendar running in the background? I'd prepend a "Where
>> possible,... " at least.
> 
> Agreed.  I've inserted "whenever possible"
> 
>>
>> - Section 7: I'm not clear from the note if you do or don't want
>> this text in the RFC. I'd suggest keeping it. (Except the note.)
> 
> Agreed.  I've removed "prior to publication" from the note.
> 
>>
>> - Section 9, point 4: I think it'd be fair to note that naive
>> padding schemes may not work as well as planned against traffic
>> analysis, and to say that implementations that allow for flexibility
>> there might be good so that we can experiment with ways of
>> mitigating traffic analysis.
> 
> How does this look to you?
> 
>        Since
>        padding of DNS messages is new, implementations might need to
>        support multiple types of padding or other mitigation techniques
>        in response to traffic analysis threats.

I'd suggest instead:

"Since traffic analysis can be based on many kinds of pattern
and many kinds of classifier, simple padding schemes may not
by themselves be sufficient to mitigate the attack. Padding
will however form a part of more complex mitigations for the
traffic analysis attack that are likely to be developed over
time. Implementers who can offer flexibility in terms of how
padding can be used may be in a better position to enable such
mitigations to be deployed in future."

>> - Section 10: This contradicts the front page which has 6 names
>> listed.
>>
> 
> contradiction removed.

Heh - nicely ambiguous:-)

Cheers again,
S.

> 
> DW
> 
> _______________________________________________
> dns-privacy mailing list
> dns-privacy@ietf.org
> https://www.ietf.org/mailman/listinfo/dns-privacy
>

v2.23.0 | Report a Bug | By Email