Re: [dns-privacy] Early port allocation request for dns-over-TLS
Colm MacCárthaigh <colm@allcosts.net> Tue, 11 August 2015 17:41 UTC
Return-Path: <colm@allcosts.net>
X-Original-To: dns-privacy@ietfa.amsl.com
Delivered-To: dns-privacy@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AAB521ACE22 for <dns-privacy@ietfa.amsl.com>; Tue, 11 Aug 2015 10:41:43 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.677
X-Spam-Level:
X-Spam-Status: No, score=-1.677 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, MIME_8BIT_HEADER=0.3, RCVD_IN_DNSWL_LOW=-0.7] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id VKo2h7AEcbii for <dns-privacy@ietfa.amsl.com>; Tue, 11 Aug 2015 10:41:42 -0700 (PDT)
Received: from mail-ob0-f180.google.com (mail-ob0-f180.google.com [209.85.214.180]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2E1931A21B2 for <dns-privacy@ietf.org>; Tue, 11 Aug 2015 10:41:42 -0700 (PDT)
Received: by obbfr1 with SMTP id fr1so117079838obb.1 for <dns-privacy@ietf.org>; Tue, 11 Aug 2015 10:41:41 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc:content-type; bh=Y9BfRpnBD+ZrdDjThwQE/yUnJxdDRiTzb1A/XrcpI1w=; b=hJOM4vO1xTF4ffMdECaj9ke/m6lTKFXQHLQeZWwTiCZROS+oPu+u1Ud4mvcXFzx4pS W6CzJHOb3vXZVFSKEgRuP+lk24BzjSRprYL9Sdt9bESiROB2WHk10ynW2GwVPhbL7097 FmCCYbeTnlsODe1zm4qgfWquh6CysoUzLv5RNAtR4KecoVFUbwTDBKBSzWMSLjcG8yuk rv6PMJSHSk7LfVZQxAJGZMv3MJ4QAyl16DNWBs3xK8TbHSrFegneL0bebotx5h24SYGG 2SllqmsUswRnDzcFqD3wIDyRbvHT6jsw7uesTpg0zbnwnXJ/3Ufyro1jXf95ImYQoQW4 X2/A==
X-Gm-Message-State: ALoCoQn7xukfFfsbvxdtzlxrcyPfVzdSxAH0yJcZkk7uDPiI9ueg8RYTj45KLplpnYJ0t7y/8G/i
MIME-Version: 1.0
X-Received: by 10.60.144.196 with SMTP id so4mr8706019oeb.66.1439314901554; Tue, 11 Aug 2015 10:41:41 -0700 (PDT)
Received: by 10.76.166.225 with HTTP; Tue, 11 Aug 2015 10:41:41 -0700 (PDT)
In-Reply-To: <5C507EBB-574D-4815-A3C8-6555C683D46D@vpnc.org>
References: <CAHw9_iJ8QPyHqg2emJm4RfSnsiUcHFY7tGS3K9nL5HJYTyww_Q@mail.gmail.com> <CAAF6GDe0M_HE0bgATaF992VoQeF4j4xFmpLCqdFuFzEfuq8CEA@mail.gmail.com> <5C507EBB-574D-4815-A3C8-6555C683D46D@vpnc.org>
Date: Tue, 11 Aug 2015 10:41:41 -0700
Message-ID: <CAAF6GDeZScX6T4xUMFM9c6uzG28CodAtaw6iW=udXn89jaK8jw@mail.gmail.com>
From: Colm MacCárthaigh <colm@allcosts.net>
To: Paul Hoffman <paul.hoffman@vpnc.org>
Content-Type: multipart/alternative; boundary="047d7b4143ee6d782a051d0c9d81"
Archived-At: <http://mailarchive.ietf.org/arch/msg/dns-privacy/qcXuXZh0ec_0HmVkp8HYEGSIgig>
Cc: "dns-privacy@ietf.org" <dns-privacy@ietf.org>
Subject: Re: [dns-privacy] Early port allocation request for dns-over-TLS
X-BeenThere: dns-privacy@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: <dns-privacy.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dns-privacy/>
List-Post: <mailto:dns-privacy@ietf.org>
List-Help: <mailto:dns-privacy-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 11 Aug 2015 17:41:43 -0000
Thanks for the references. I haven't been keeping up with this WG, so apologies for coming to them both anew. I don't have any violent feedback, but I'd be disappointed to see a system port allocated for these proposals right now. System ports are scarce and precious and it would be better to be responsible and to have some real-world deployments and traction before allocating one. I have a now-defunct non-system UDP and TCP port (4166) assigned to me, which people are welcome to re-use for experimentation. (I've never figured out how to return that port, maybe this is an out). Some of my reasoning: * The documents describe using a dedicated port and re-using port 53. If re-using port 53 turns out to be more popular, the dedicated port seems like a waste. * I wonder if the goals of DNS privacy are actually enhanced by encouraging as much "overloading" of port 53 as possible. By having different traffic types share that port, it may discourage or penalize, fingerprinting more generally. * I've implemented TLS and DNS a few times each, and without meaning to be inflammatory; they don't seem like a good match for each other to me. I'm pretty skeptical about adoption. * That aside, both documents are poorly specified. Why the note about disabling compression, but no consideration of regular size-based side-channel leaks? why is one kind of compression ok, but not the other? how should TLS authentication be handled? is it intended to use PKI? or PSK or some alternative? if it's PKI, how are the circular dependencies on DNS resolved? what happens when a query crosses the boundary between two or more TLS sessions and auth contexts? for the SPKI scheme, what happens when you need to change the signature format or algorithm? for the DTLS cases - how do you reason about replay attacks and DNS server behavior; for example, if I as a MITM replay a DTLS DNS query can I observe the rotation of a multi-RR RRSET to derive what the q-tuple was? I probably can, right? Which seems like a privacy leak. The docs say that a single DTLS session can be used for multiple queries, do we rely purely on queryid + q-tuple to disambiguate them or do we also look at the DTLS record numbers? are there MITM attacks where the extremely small query-id space can be abused to derive the plaintext? e.g. if I replay responses from elsewhere in the stream, with 2^16 responses then I can produce arbitrary matches - could that leak data or allow me to poison caches? should there therefore be a limit on the number of responses per PRF stream? can an attacker do interesting things if they can engineer a DNS response to be split across DTLS records at interesting boundaries? On Mon, Aug 10, 2015 at 5:32 PM, Paul Hoffman <paul.hoffman@vpnc.org> wrote: > On 10 Aug 2015, at 16:35, Colm MacCárthaigh wrote: > > > Quick question: What document is "the document"? > > Two: draft-ietf-dprive-dnsodtls and draft-ietf-dprive-start-tls-for-dns. > > --Paul Hoffman > -- Colm
- [dns-privacy] Early port allocation request for d… Warren Kumari
- Re: [dns-privacy] Early port allocation request f… Stephane Bortzmeyer
- Re: [dns-privacy] Early port allocation request f… Warren Kumari
- Re: [dns-privacy] Early port allocation request f… Colm MacCárthaigh
- Re: [dns-privacy] Early port allocation request f… Paul Hoffman
- Re: [dns-privacy] Early port allocation request f… Colm MacCárthaigh
- Re: [dns-privacy] Early port allocation request f… Joe Touch
- Re: [dns-privacy] Early port allocation request f… Joe Touch
- Re: [dns-privacy] Early port allocation request f… Joe Touch
- Re: [dns-privacy] Early port allocation request f… Paul Wouters
- Re: [dns-privacy] Early port allocation request f… Joe Touch
- Re: [dns-privacy] Early port allocation request f… Warren Kumari
- Re: [dns-privacy] Early port allocation request f… Wessels, Duane
- Re: [dns-privacy] Early port allocation request f… Mark Andrews
- Re: [dns-privacy] Early port allocation request f… Joe Touch
- Re: [dns-privacy] Early port allocation request f… Mankin, Allison