Re: [dns-privacy] New draft on encrypting the stub-to-resolver link: draft-hoffman-dns-tls-stub-00.txt
John Heidemann <johnh@isi.edu> Sat, 30 August 2014 04:58 UTC
Return-Path: <johnh@isi.edu>
X-Original-To: dns-privacy@ietfa.amsl.com
Delivered-To: dns-privacy@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8F0431A8748 for <dns-privacy@ietfa.amsl.com>; Fri, 29 Aug 2014 21:58:48 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.468
X-Spam-Level:
X-Spam-Status: No, score=-3.468 tagged_above=-999 required=5 tests=[BAYES_05=-0.5, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-0.668] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id emknYF7KYu2Q for <dns-privacy@ietfa.amsl.com>; Fri, 29 Aug 2014 21:58:45 -0700 (PDT)
Received: from boreas.isi.edu (boreas.isi.edu [128.9.160.161]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 222A81A8747 for <dns-privacy@ietf.org>; Fri, 29 Aug 2014 21:58:44 -0700 (PDT)
Received: from dash.isi.edu (vir.isi.edu [128.9.160.91]) by boreas.isi.edu (8.13.8/8.13.8) with ESMTP id s7U4utXi013870; Fri, 29 Aug 2014 21:56:55 -0700 (PDT)
Received: from dash.isi.edu (localhost.isi.edu [127.0.0.1]) by dash.isi.edu (Postfix) with ESMTP id 50BFEE0162; Fri, 29 Aug 2014 21:56:55 -0700 (PDT)
From: John Heidemann <johnh@isi.edu>
To: Wes Hardaker <wjhns1@hardakers.net>
In-reply-to: <0l61hdogv2.fsf@wjh.hardakers.net>
References: <20140818175701.12317.96810.idtracker@ietfa.amsl.com> <FF99C324-2959-48EB-A187-18007F7AA364@vpnc.org> <814D0BFB77D95844A01CA29B44CBF8A7A27F3E@lhreml513-mbb.china.huawei.com> <alpine.LFD.2.10.1408191033210.19423@bofh.nohats.ca> <814D0BFB77D95844A01CA29B44CBF8A7A27FBE@lhreml513-mbb.china.huawei.com> <alpine.LFD.2.10.1408191159190.19423@bofh.nohats.ca> <814D0BFB77D95844A01CA29B44CBF8A7A280CF@lhreml513-mbb.china.huawei.com> <86mwb0e5pd.fsf@strotmann.de> <0l61hdogv2.fsf@wjh.hardakers.net>
X-url: http://www.isi.edu/~johnh/
MIME-Version: 1.0 (generated by SEMI 1.14.7 - "Harue")
Content-Type: text/plain; charset="US-ASCII"
Date: Fri, 29 Aug 2014 21:56:55 -0700
Message-ID: <16946.1409374615@dash.isi.edu>
X-ISI-4-43-8-MailScanner: Found to be clean
X-MailScanner-From: johnh@isi.edu
Archived-At: http://mailarchive.ietf.org/arch/msg/dns-privacy/qDBKhKsjkdP0lyvZQSIw5wT9rC8
Cc: Carsten Strotmann <cas@strotmann.de>, Hosnieh Rafiee <hosnieh.rafiee@huawei.com>, "dns-privacy@ietf.org" <dns-privacy@ietf.org>, Paul Wouters <paul@nohats.ca>
Subject: Re: [dns-privacy] New draft on encrypting the stub-to-resolver link: draft-hoffman-dns-tls-stub-00.txt
X-BeenThere: dns-privacy@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: <dns-privacy.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dns-privacy/>
List-Post: <mailto:dns-privacy@ietf.org>
List-Help: <mailto:dns-privacy-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 30 Aug 2014 04:58:49 -0000
On Wed, 27 Aug 2014 12:46:41 -0700, Wes Hardaker wrote: >Carsten Strotmann <cas@strotmann.de> writes: > >>> Ok then I am an attacker, since you cannot authenticate me, I sign the >>> data myself. This has data integrity. But it is the modified data and >>> not what you expected to receive... >> >> How can you sign DNSSEC data without being in the posession of the >> private signing key(s) all the way to the root? >> >> DNSSEC adds data integrity, and with one or more trust-anchors in the >> resolver the client is able to validate the data, no matter which way >> the data took. > >So, there is some confusion here I think so we need to be clear about a >few things. We're talking about privacy, and in this context >stub-to-resolver entirely. There are two forms of >integrity/authentication going on and they need to be clearly separated >but I keep seeing them being thrown together. > >DNSSEC absolutely helps you ensure that the end data you got is "good" >from the notion of the publisher. > >But it doesn't help you to identify the public key of the resolver >you're using to query for those results. So it doesn't help you ensure >you're encrypting your packets to the right destination. And DNSSEC may >ensure you have the right data, but it doesn't help you determine if you >really did get it in a way that no one else but you, the coffee shop >owner, and the final destination could see. And this is the important >bit: in the context of the discussion, we are only talking about >verifying the public key of the resolver in order to implement privacy; >Clearly DNSSEC has solved authenticating the data itself and that's not >in question. I think most people understand this difference (I hope). > > >But here's the thing that is keeping me awake at nights in this topic: >we keep saying that "un-authenticated encryption is better than no >encryption". And I do generally think this is true. At least you're >only transmitting your data to one potentially bad person (the one >you've done a key negotiation with) rather than letting anyone with 100 >feet view the data. > >But then, stepping back, you have to ask yourself: what's the likely >threat model of everyone in 100 feet trying to attack you? If we really >... > >But what's the solution? How do we authenticate that resolver? PKIX >won't help us, as there is no name. DNSSEC won't help us, as half the >time you're behind a nat so the reverse tree can't be used [ipv6 >actually might help here]. Leap of faith is probably better than >nothing if you frequent that coffee shop. I don't think secure dhcp has >gotten that far, but I'm admittedly out of touch. > >We simply keep moving this chicken/egg problem of secure bootstrapping >from one protocol to the next. It's like one egg that keeps changing >chickens. I want to take a step back to consider a different case. The complaint here is that it is tough to authenticate some arbitrary resolver handed to you from DHCP because of person-in-the-middle. Yes, that's a hard problem. "Doctor, it hurts when I do this." "Don't *do* that." If you aren't willing to trust a resolver from DHCP, one could use a public DNS resolver, acquire its certificate out-of-band, and check it. I.e., do certificate pinning on the TLS certificate you plan to use for DNS. I'm told there are IP addresses of a public resolver spraypainted on walls in Turkey you could try. (If that or some other provider supported TLS for DNS.) -John
- [dns-privacy] New draft on encrypting the stub-to… Paul Hoffman
- Re: [dns-privacy] New draft on encrypting the stu… Hosnieh Rafiee
- Re: [dns-privacy] New draft on encrypting the stu… Paul Wouters
- Re: [dns-privacy] New draft on encrypting the stu… Paul Hoffman
- Re: [dns-privacy] New draft on encrypting the stu… Hosnieh Rafiee
- Re: [dns-privacy] New draft on encrypting the stu… Joe Abley
- Re: [dns-privacy] New draft on encrypting the stu… Paul Wouters
- Re: [dns-privacy] New draft on encrypting the stu… Hosnieh Rafiee
- Re: [dns-privacy] [SPAM] Re: New draft on encrypt… Hosnieh Rafiee
- Re: [dns-privacy] New draft on encrypting the stu… Carsten Strotmann
- Re: [dns-privacy] New draft on encrypting the stu… 神明達哉
- Re: [dns-privacy] New draft on encrypting the stu… Paul Hoffman
- Re: [dns-privacy] New draft on encrypting the stu… Jacob Appelbaum
- Re: [dns-privacy] New draft on encrypting the stu… Paul Hoffman
- Re: [dns-privacy] New draft on encrypting the stu… Paul Wouters
- Re: [dns-privacy] New draft on encrypting the stu… Jacob Appelbaum
- Re: [dns-privacy] New draft on encrypting the stu… Jacob Appelbaum
- Re: [dns-privacy] New draft on encrypting the stu… Paul Wouters
- Re: [dns-privacy] [SPAM] Re: New draft on encrypt… Hosnieh Rafiee
- Re: [dns-privacy] New draft on encrypting the stu… Paul Hoffman
- Re: [dns-privacy] [SPAM] Re: New draft on encrypt… Carsten Strotmann
- Re: [dns-privacy] [SPAM] Re: New draft on encrypt… Hosnieh Rafiee
- Re: [dns-privacy] New draft on encrypting the stu… Jacob Appelbaum
- Re: [dns-privacy] [SPAM] Re: New draft on encrypt… Andrew Sullivan
- Re: [dns-privacy] New draft on encrypting the stu… Paul Hoffman
- Re: [dns-privacy] [SPAM] Re: New draft on encrypt… Hosnieh Rafiee
- Re: [dns-privacy] New draft on encrypting the stu… Jacob Appelbaum
- Re: [dns-privacy] New draft on encrypting the stu… Stephane Bortzmeyer
- Re: [dns-privacy] New draft on encrypting the stu… 神明達哉
- Re: [dns-privacy] [SPAM] Re: New draft on encrypt… Andrew Sullivan
- Re: [dns-privacy] [SPAM] Re: New draft on encrypt… Hosnieh Rafiee
- Re: [dns-privacy] New draft on encrypting the stu… Hosnieh Rafiee
- Re: [dns-privacy] [SPAM] Re: New draft on encrypt… Andrew Sullivan
- Re: [dns-privacy] [SPAM] Re: New draft on encrypt… Jacob Appelbaum
- Re: [dns-privacy] [SPAM] Re: New draft on encrypt… Paul Wouters
- Re: [dns-privacy] [SPAM] Re: New draft on encrypt… Jacob Appelbaum
- Re: [dns-privacy] New draft on encrypting the stu… Paul Hoffman
- Re: [dns-privacy] New draft on encrypting the stu… Paul Hoffman
- [dns-privacy] draft-hoffman-dns-tls-stub-01 posted Paul Hoffman
- Re: [dns-privacy] [SPAM] Re: New draft on encrypt… Hosnieh Rafiee
- Re: [dns-privacy] New draft on encrypting the stu… David Ulevitch
- Re: [dns-privacy] [SPAM] Re: New draft on encrypt… Andrew Sullivan
- Re: [dns-privacy] [SPAM] Re: New draft on encrypt… Hosnieh Rafiee
- Re: [dns-privacy] [SPAM] Re: New draft on encrypt… Hosnieh Rafiee
- Re: [dns-privacy] [SPAM] Re: New draft on encrypt… Andrew Sullivan
- Re: [dns-privacy] [SPAM] Re: New draft on encrypt… Hosnieh Rafiee
- Re: [dns-privacy] New draft on encrypting the stu… Wes Hardaker
- [dns-privacy] Authenticating the resolver Paul Hoffman
- Re: [dns-privacy] New draft on encrypting the stu… Mark Andrews
- Re: [dns-privacy] New draft on encrypting the stu… Wes Hardaker
- Re: [dns-privacy] Authenticating the resolver Wes Hardaker
- Re: [dns-privacy] Authenticating the resolver Paul Hoffman
- Re: [dns-privacy] New draft on encrypting the stu… John Heidemann
- Re: [dns-privacy] New draft on encrypting the stu… Phillip Hallam-Baker