Re: [dns-privacy] Intermediate proposal (what I was saying at the mic)
Eric Rescorla <ekr@rtfm.com> Thu, 29 July 2021 20:23 UTC
Return-Path: <ekr@rtfm.com>
X-Original-To: dns-privacy@ietfa.amsl.com
Delivered-To: dns-privacy@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4AFFC3A0920 for <dns-privacy@ietfa.amsl.com>; Thu, 29 Jul 2021 13:23:52 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.896
X-Spam-Level:
X-Spam-Status: No, score=-1.896 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=rtfm-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bpB1hNYtfZY8 for <dns-privacy@ietfa.amsl.com>; Thu, 29 Jul 2021 13:23:47 -0700 (PDT)
Received: from mail-il1-x136.google.com (mail-il1-x136.google.com [IPv6:2607:f8b0:4864:20::136]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 929F93A091E for <dprive@ietf.org>; Thu, 29 Jul 2021 13:23:47 -0700 (PDT)
Received: by mail-il1-x136.google.com with SMTP id a14so7196567ila.1 for <dprive@ietf.org>; Thu, 29 Jul 2021 13:23:47 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rtfm-com.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=ZjpkkwdshDYUTT+itl++9pYKMEw+FrjHfZKv7wThpAo=; b=n+ynHtOap4fgG7zd8VljJhFQChCviXWzXtVmoXiIWly9du6MyBQuQmKXiodFurZoCO 4Y1S46VnoAMf5a8zqvEwMPd48tCifuBRJvOUikbcXFLH8vixuR2xi4ELmQocNKNuUnSI +bv8P48nClfKxNQYf9Peua84+bFCK4rCZNIlW6CgUMLzuh1YWporeqx8WZvAaLoN67sh +vKngTmAobMlT02Rkn3oe8JB9DYYpxWF/fV5r6i4bQJdEZExcXL2aeDPQ7PQtX9T7VPW OwTzoMp09yUHk2HtxcvV2GIWv1j2PwvMWTB8p+ZWbwZlsMtDyVRvwjZfKGxmXuSO8WXp i50g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=ZjpkkwdshDYUTT+itl++9pYKMEw+FrjHfZKv7wThpAo=; b=W+0xkdLcP2Wbpwdtk4JFespZdxsjHEmxR+QSC4Z9XKbaN8aXjbgUfsT8VvxSwnQPD8 b5xTAaBVVL8RERlyDZlyWgjo1HGj0/M93EoCbCU3aMQUK4B5edYlBPK5Fy8OdxBZm0ZY 7lk1mP1o3S7J/nIeIGs4aGTszZC/jA6U1ymZA1pHVuzP4aCKBAKHv/eSXZ8m9VWVZcq6 aX3nu5nqKRfwfYUsCLBqg7mv7/KGOY8u+qnsk0zNGEOPNxxYFrVZdCwGKAzUwaDd/ixN 2XuHEXRrYcoLzzk10OWWtbWEK9sD7tIMbXUfRlFkyFZtm4KOpCAAGjJhQZPFpwUR7O/o /9SQ==
X-Gm-Message-State: AOAM530tmd7UZc4DRu6Dehqu+hcxsCV9Vug7INYp9S6ryIvrYrtbcmpf o0cfaka8yBQiqol9kUkHTUDVzVm0tl2g6nhlWtgKwhxBtjz1YQ==
X-Google-Smtp-Source: ABdhPJxa7NY/dL+brLQnMoUeT9kmuJt8usoQTrWwKb4IB2wh9x9E9QlyJUVR7TW2xTp/KNfCGuPPzTz6DJ23pSCMIGs=
X-Received: by 2002:a92:d848:: with SMTP id h8mr4954147ilq.282.1627590225985; Thu, 29 Jul 2021 13:23:45 -0700 (PDT)
MIME-Version: 1.0
References: <CABcZeBNRZsyjd-M_hKOwxdqY=Y7oZs5-d4waqPHb9gO-GJNV+Q@mail.gmail.com> <bab022b2-7c3c-a5e-5a68-deb3d2dbcea6@nohats.ca>
In-Reply-To: <bab022b2-7c3c-a5e-5a68-deb3d2dbcea6@nohats.ca>
From: Eric Rescorla <ekr@rtfm.com>
Date: Thu, 29 Jul 2021 13:23:09 -0700
Message-ID: <CABcZeBPDf6Buha+54S29np3Su=_wUq6Av-oaiWWduRkTAZLNLw@mail.gmail.com>
To: Paul Wouters <paul@nohats.ca>
Cc: dprive@ietf.org
Content-Type: multipart/alternative; boundary="000000000000429b3005c848e143"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dns-privacy/njbvzpyddf3-3wcS1k2cP9MpWz0>
Subject: Re: [dns-privacy] Intermediate proposal (what I was saying at the mic)
X-BeenThere: dns-privacy@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Addition of privacy to the DNS protocol <dns-privacy.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dns-privacy/>
List-Post: <mailto:dns-privacy@ietf.org>
List-Help: <mailto:dns-privacy-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 29 Jul 2021 20:23:52 -0000
On Thu, Jul 29, 2021 at 1:19 PM Paul Wouters <paul@nohats.ca> wrote: > On Thu, 29 Jul 2021, Eric Rescorla wrote: > > > - Recursives can attempt to connect to any authoritative by probing > > with DoT/DoQ [0]. In this case, they should cleanly fall back to > > Do53 on connect failure and not validate the credential (whether > > WebPKI or DANE) This allows authoritatives to just turn on TLS > > without risk. > > I agree. > > And importantly, they can turn on _credentialed_ TLS without risk. If > you would allow to continue "unauthenticated", then the DNS operator still > has a future hard decision to make when to insist on authenticated. They > again have to make a risky decision. The fact that "unauthenticated" > works as standalone or fallback is no guarantee whatsoever that adding > credentials to that setup won't cause complete failure. > > > - The SVCB record is used to signal that the authoritative expects to > > do TLS and indicates the type of credential (WebPKI, DANE, etc.) > > that the authoritative intends to present. The recursive should > > insist on TLS in this case and hard fail if it cannot negotiate. > > Yes, I tried to do exactly this with TLSA records <grumbles about history> > And this is what TLSA for SMTP actually does. > > > > If there is an overlap between the credentials the recursive > > supports and the ones the authoritative advertises, then the > > recursive should validate the credential and fail if it cannot. If > > there is no overlap, it should not validate the credential. > > If there is no overlap, why even try the transport? Just do port 53. > The usual 7258 reasons, namely that forcing an active attack is good. Don't give the user/OS a false sense of privacy if you can't even detect > a MITM. > Can you expand on how someone is getting a false sense of security here? I mean, we're talking about the recursive, right? So generally, the client won't know what's happening at all. > > - (Optional) We should invent some way for the server to say in > > SVCB that it doesn't have any valid credential (e.g., a reserved > > credential type). This would be a signal you wanted unauthenticated. > > Now you are advertising which DNS servers can easilly be MITMed. An > attacker can live query the DNS to see if it should commence attacking. > How is this different from seeing who supports TLS but has an invalid cert? Anyway, I'm not going to fight about this piece. -Ekr > Paul >
- [dns-privacy] Intermediate proposal (what I was s… Eric Rescorla
- Re: [dns-privacy] Intermediate proposal (what I w… Paul Wouters
- Re: [dns-privacy] Intermediate proposal (what I w… Eric Rescorla
- Re: [dns-privacy] [Ext] Intermediate proposal (wh… Paul Hoffman
- Re: [dns-privacy] [Ext] Intermediate proposal (wh… Robert Evans
- Re: [dns-privacy] [Ext] Intermediate proposal (wh… Paul Hoffman
- Re: [dns-privacy] Intermediate proposal (what I w… Martin Thomson
- Re: [dns-privacy] Intermediate proposal (what I w… Christian Huitema
- Re: [dns-privacy] Intermediate proposal (what I w… Eric Rescorla
- [dns-privacy] ADoX experiments (was: Re: Intermed… Stephen Farrell
- Re: [dns-privacy] Intermediate proposal (what I w… Ben Schwartz
- Re: [dns-privacy] [Ext] Intermediate proposal (wh… Paul Hoffman
- Re: [dns-privacy] [Ext] Intermediate proposal (wh… Ben Schwartz
- Re: [dns-privacy] [Ext] Intermediate proposal (wh… Paul Hoffman
- Re: [dns-privacy] [Ext] Intermediate proposal (wh… Ben Schwartz
- Re: [dns-privacy] [Ext] Intermediate proposal (wh… libor.peltan
- Re: [dns-privacy] [Ext] Intermediate proposal (wh… Brian Dickson
- Re: [dns-privacy] ADoX experiments (was: Re: Inte… Brian Haberman
- Re: [dns-privacy] ADoX experiments (was: Re: Inte… Stephen Farrell
- [dns-privacy] scope of authoritative signalling [… Daniel Kahn Gillmor
- Re: [dns-privacy] scope of authoritative signalli… Brian Dickson
- Re: [dns-privacy] scope of authoritative signalli… Peter van Dijk
- Re: [dns-privacy] ADoX experiments (was: Re: Inte… Brian Haberman
- Re: [dns-privacy] ADoX experiments (was: Re: Inte… Bill Woodcock
- Re: [dns-privacy] ADoX experiments (was: Re: Inte… Bill Woodcock
- Re: [dns-privacy] ADoX experiments (was: Re: Inte… Christian Huitema
- Re: [dns-privacy] ADoX experiments (was: Re: Inte… Bill Woodcock