Re: [dns-privacy] New draft on encrypting the stub-to-resolver link: draft-hoffman-dns-tls-stub-00.txt
Mark Andrews <marka@isc.org> Thu, 28 August 2014 02:26 UTC
Return-Path: <marka@isc.org>
X-Original-To: dns-privacy@ietfa.amsl.com
Delivered-To: dns-privacy@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 56A671A01F2 for <dns-privacy@ietfa.amsl.com>; Wed, 27 Aug 2014 19:26:10 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.569
X-Spam-Level:
X-Spam-Status: No, score=-2.569 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RP_MATCHES_RCVD=-0.668, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id c6VeE5jiO7md for <dns-privacy@ietfa.amsl.com>; Wed, 27 Aug 2014 19:26:08 -0700 (PDT)
Received: from mx.ams1.isc.org (mx.ams1.isc.org [IPv6:2001:500:60::65]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 476621A015F for <dns-privacy@ietf.org>; Wed, 27 Aug 2014 19:26:08 -0700 (PDT)
Received: from zmx1.isc.org (zmx1.isc.org [149.20.0.20]) by mx.ams1.isc.org (Postfix) with ESMTP id C90B51FCB72; Thu, 28 Aug 2014 02:26:04 +0000 (UTC)
Received: from zmx1.isc.org (localhost [127.0.0.1]) by zmx1.isc.org (Postfix) with ESMTP id 7F15716006A; Thu, 28 Aug 2014 02:28:42 +0000 (UTC)
Received: from rock.dv.isc.org (c211-30-183-50.carlnfd1.nsw.optusnet.com.au [211.30.183.50]) by zmx1.isc.org (Postfix) with ESMTPSA id 296E316005D; Thu, 28 Aug 2014 02:28:42 +0000 (UTC)
Received: from rock.dv.isc.org (localhost [IPv6:::1]) by rock.dv.isc.org (Postfix) with ESMTP id E63EE1DA773E; Thu, 28 Aug 2014 12:26:01 +1000 (EST)
To: Wes Hardaker <wjhns1@hardakers.net>
From: Mark Andrews <marka@isc.org>
References: <20140818175701.12317.96810.idtracker@ietfa.amsl.com> <FF99C324-2959-48EB-A187-18007F7AA364@vpnc.org> <814D0BFB77D95844A01CA29B44CBF8A7A27F3E@lhreml513-mbb.china.huawei.com> <alpine.LFD.2.10.1408191033210.19423@bofh.nohats.ca> <814D0BFB77D95844A01CA29B44CBF8A7A27FBE@lhreml513-mbb.china.huawei.com> <alpine.LFD.2.10.1408191159190.19423@bofh.nohats.ca> <814D0BFB77D95844A01CA29B44CBF8A7A280CF@lhreml513-mbb.china.huawei.com> <86mwb0e5pd.fsf@strotmann.de> <0l61hdogv2.fsf@wjh.hardakers.net>
In-reply-to: Your message of "Wed, 27 Aug 2014 12:46:41 -0700." <0l61hdogv2.fsf@wjh.hardakers.net>
Date: Thu, 28 Aug 2014 12:26:01 +1000
Message-Id: <20140828022601.E63EE1DA773E@rock.dv.isc.org>
Archived-At: http://mailarchive.ietf.org/arch/msg/dns-privacy/o0w6SlGTxmj8cC5ZsgauVjvsmxc
Cc: Carsten Strotmann <cas@strotmann.de>, Hosnieh Rafiee <hosnieh.rafiee@huawei.com>, "dns-privacy@ietf.org" <dns-privacy@ietf.org>, Paul Wouters <paul@nohats.ca>
Subject: Re: [dns-privacy] New draft on encrypting the stub-to-resolver link: draft-hoffman-dns-tls-stub-00.txt
X-BeenThere: dns-privacy@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: <dns-privacy.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dns-privacy/>
List-Post: <mailto:dns-privacy@ietf.org>
List-Help: <mailto:dns-privacy-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 28 Aug 2014 02:26:10 -0000
In message <0l61hdogv2.fsf@wjh.hardakers.net>, Wes Hardaker writes: > Carsten Strotmann <cas@strotmann.de> writes: > > >> Ok then I am an attacker, since you cannot authenticate me, I sign the > >> data myself. This has data integrity. But it is the modified data and > >> not what you expected to receive... > > > > How can you sign DNSSEC data without being in the posession of the > > private signing key(s) all the way to the root? > > > > DNSSEC adds data integrity, and with one or more trust-anchors in the > > resolver the client is able to validate the data, no matter which way > > the data took. > > So, there is some confusion here I think so we need to be clear about a > few things. We're talking about privacy, and in this context > stub-to-resolver entirely. There are two forms of > integrity/authentication going on and they need to be clearly separated > but I keep seeing them being thrown together. > > DNSSEC absolutely helps you ensure that the end data you got is "good" > from the notion of the publisher. > > But it doesn't help you to identify the public key of the resolver > you're using to query for those results. So it doesn't help you ensure > you're encrypting your packets to the right destination. And DNSSEC may > ensure you have the right data, but it doesn't help you determine if you > really did get it in a way that no one else but you, the coffee shop > owner, and the final destination could see. And this is the important > bit: in the context of the discussion, we are only talking about > verifying the public key of the resolver in order to implement privacy; > Clearly DNSSEC has solved authenticating the data itself and that's not > in question. I think most people understand this difference (I hope). Actually DNSSEC could give you the key of the resolver securely provided it has a public address. Publish a KEY record signed in the DNS under in-addr.arpa or ip6.arpa. If need to we define flag bits to say it is for this purpose. For private addresses you need to have a trust anchor for the private part of the reverse tree or use leap of faith. This also works for any authoritative server. Alternatively we could allocate a new type to hold the key material. You can't hide that you are talking to a resolver so there is no need to encrypt the lookups for the KEY, DNSKEY, DS lookups required to validate the KEY. > But here's the thing that is keeping me awake at nights in this topic: > we keep saying that "un-authenticated encryption is better than no > encryption". And I do generally think this is true. At least you're > only transmitting your data to one potentially bad person (the one > you've done a key negotiation with) rather than letting anyone with 100 > feet view the data. > > But then, stepping back, you have to ask yourself: what's the likely > threat model of everyone in 100 feet trying to attack you? If we really > are worried about protecting people at starbucks, what's the likelyhood > of 2 people in starbucks trying to sniff your private dns lookups at the > same time? Probably super-duper low. So, are we really protecting you > at all if the one bad person in the coffee shop is able to convince you > it's the local resolver? IE, if we blindly assume that whatever key we > get is ok then we're buying ourselves very minimal protection against > the few opponents within spitting distance of a wireless box. Likely > there will be just one, and it'll likely succeed in defeating your > encryption. > > Now, in larger venues where are there are potentially lots and lots of > people that are targeting an environment for sniffing, say at an IETF > convention where we're very good at overwhelming infrastructure, then > the likelyhood of having multiple malicious eves goes way up and maybe > we've achieved a bit of protection by transmitting our dns request data > to just one advocacy instead of them all. > > > But what's the solution? How do we authenticate that resolver? PKIX > won't help us, as there is no name. DNSSEC won't help us, as half the > time you're behind a nat so the reverse tree can't be used [ipv6 > actually might help here]. Leap of faith is probably better than > nothing if you frequent that coffee shop. I don't think secure dhcp has > gotten that far, but I'm admittedly out of touch. > > We simply keep moving this chicken/egg problem of secure bootstrapping > from one protocol to the next. It's like one egg that keeps changing > chickens. > > -- > Wes Hardaker > Parsons > > _______________________________________________ > dns-privacy mailing list > dns-privacy@ietf.org > https://www.ietf.org/mailman/listinfo/dns-privacy -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: marka@isc.org
- [dns-privacy] New draft on encrypting the stub-to… Paul Hoffman
- Re: [dns-privacy] New draft on encrypting the stu… Hosnieh Rafiee
- Re: [dns-privacy] New draft on encrypting the stu… Paul Wouters
- Re: [dns-privacy] New draft on encrypting the stu… Paul Hoffman
- Re: [dns-privacy] New draft on encrypting the stu… Hosnieh Rafiee
- Re: [dns-privacy] New draft on encrypting the stu… Joe Abley
- Re: [dns-privacy] New draft on encrypting the stu… Paul Wouters
- Re: [dns-privacy] New draft on encrypting the stu… Hosnieh Rafiee
- Re: [dns-privacy] [SPAM] Re: New draft on encrypt… Hosnieh Rafiee
- Re: [dns-privacy] New draft on encrypting the stu… Carsten Strotmann
- Re: [dns-privacy] New draft on encrypting the stu… 神明達哉
- Re: [dns-privacy] New draft on encrypting the stu… Paul Hoffman
- Re: [dns-privacy] New draft on encrypting the stu… Jacob Appelbaum
- Re: [dns-privacy] New draft on encrypting the stu… Paul Hoffman
- Re: [dns-privacy] New draft on encrypting the stu… Paul Wouters
- Re: [dns-privacy] New draft on encrypting the stu… Jacob Appelbaum
- Re: [dns-privacy] New draft on encrypting the stu… Jacob Appelbaum
- Re: [dns-privacy] New draft on encrypting the stu… Paul Wouters
- Re: [dns-privacy] [SPAM] Re: New draft on encrypt… Hosnieh Rafiee
- Re: [dns-privacy] New draft on encrypting the stu… Paul Hoffman
- Re: [dns-privacy] [SPAM] Re: New draft on encrypt… Carsten Strotmann
- Re: [dns-privacy] [SPAM] Re: New draft on encrypt… Hosnieh Rafiee
- Re: [dns-privacy] New draft on encrypting the stu… Jacob Appelbaum
- Re: [dns-privacy] [SPAM] Re: New draft on encrypt… Andrew Sullivan
- Re: [dns-privacy] New draft on encrypting the stu… Paul Hoffman
- Re: [dns-privacy] [SPAM] Re: New draft on encrypt… Hosnieh Rafiee
- Re: [dns-privacy] New draft on encrypting the stu… Jacob Appelbaum
- Re: [dns-privacy] New draft on encrypting the stu… Stephane Bortzmeyer
- Re: [dns-privacy] New draft on encrypting the stu… 神明達哉
- Re: [dns-privacy] [SPAM] Re: New draft on encrypt… Andrew Sullivan
- Re: [dns-privacy] [SPAM] Re: New draft on encrypt… Hosnieh Rafiee
- Re: [dns-privacy] New draft on encrypting the stu… Hosnieh Rafiee
- Re: [dns-privacy] [SPAM] Re: New draft on encrypt… Andrew Sullivan
- Re: [dns-privacy] [SPAM] Re: New draft on encrypt… Jacob Appelbaum
- Re: [dns-privacy] [SPAM] Re: New draft on encrypt… Paul Wouters
- Re: [dns-privacy] [SPAM] Re: New draft on encrypt… Jacob Appelbaum
- Re: [dns-privacy] New draft on encrypting the stu… Paul Hoffman
- Re: [dns-privacy] New draft on encrypting the stu… Paul Hoffman
- [dns-privacy] draft-hoffman-dns-tls-stub-01 posted Paul Hoffman
- Re: [dns-privacy] [SPAM] Re: New draft on encrypt… Hosnieh Rafiee
- Re: [dns-privacy] New draft on encrypting the stu… David Ulevitch
- Re: [dns-privacy] [SPAM] Re: New draft on encrypt… Andrew Sullivan
- Re: [dns-privacy] [SPAM] Re: New draft on encrypt… Hosnieh Rafiee
- Re: [dns-privacy] [SPAM] Re: New draft on encrypt… Hosnieh Rafiee
- Re: [dns-privacy] [SPAM] Re: New draft on encrypt… Andrew Sullivan
- Re: [dns-privacy] [SPAM] Re: New draft on encrypt… Hosnieh Rafiee
- Re: [dns-privacy] New draft on encrypting the stu… Wes Hardaker
- [dns-privacy] Authenticating the resolver Paul Hoffman
- Re: [dns-privacy] New draft on encrypting the stu… Mark Andrews
- Re: [dns-privacy] New draft on encrypting the stu… Wes Hardaker
- Re: [dns-privacy] Authenticating the resolver Wes Hardaker
- Re: [dns-privacy] Authenticating the resolver Paul Hoffman
- Re: [dns-privacy] New draft on encrypting the stu… John Heidemann
- Re: [dns-privacy] New draft on encrypting the stu… Phillip Hallam-Baker