Re: [dns-privacy] I-D Action: draft-ietf-dprive-start-tls-for-dns-01.txt
Ilari Liusvaara <ilari.liusvaara@elisanet.fi> Wed, 15 July 2015 17:06 UTC
Return-Path: <ilari.liusvaara@elisanet.fi>
X-Original-To: dns-privacy@ietfa.amsl.com
Delivered-To: dns-privacy@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A94B21B31C1 for <dns-privacy@ietfa.amsl.com>; Wed, 15 Jul 2015 10:06:36 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LdNMGeD6zEIr for <dns-privacy@ietfa.amsl.com>; Wed, 15 Jul 2015 10:06:34 -0700 (PDT)
Received: from emh04.mail.saunalahti.fi (emh04.mail.saunalahti.fi [62.142.5.110]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 41B201B2AEA for <dns-privacy@ietf.org>; Wed, 15 Jul 2015 10:06:34 -0700 (PDT)
Received: from LK-Perkele-VII (a91-155-194-207.elisa-laajakaista.fi [91.155.194.207]) by emh04.mail.saunalahti.fi (Postfix) with ESMTP id 1BE861A2743; Wed, 15 Jul 2015 20:06:31 +0300 (EEST)
Date: Wed, 15 Jul 2015 20:06:31 +0300
From: Ilari Liusvaara <ilari.liusvaara@elisanet.fi>
To: Shumon Huque <shuque@gmail.com>
Message-ID: <20150715170631.GA15966@LK-Perkele-VII>
References: <20150706064629.8366.63395.idtracker@ietfa.amsl.com> <62820C17-CEEC-4898-9FFA-3694619C84A8@verisign.com> <20150714094348.GA30458@LK-Perkele-VII> <CAHPuVdUTBALrWpH3hG_FNAVaxXZh=vfazXd0z4f8uF0kbYD=tg@mail.gmail.com> <20150715160136.GA14912@LK-Perkele-VII> <CAHPuVdWbxDzOcC91zngzvO=gbcXUe_UnjrfexuUjmnDKZoNx8g@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Disposition: inline
In-Reply-To: <CAHPuVdWbxDzOcC91zngzvO=gbcXUe_UnjrfexuUjmnDKZoNx8g@mail.gmail.com>
User-Agent: Mutt/1.5.23 (2014-03-12)
Sender: Ilari Liusvaara <ilari.liusvaara@elisanet.fi>
Archived-At: <http://mailarchive.ietf.org/arch/msg/dns-privacy/r5iyIe1scHImt8vrLm3Pdd2FyB0>
Cc: "dns-privacy@ietf.org" <dns-privacy@ietf.org>, "Wessels, Duane" <dwessels@verisign.com>
Subject: Re: [dns-privacy] I-D Action: draft-ietf-dprive-start-tls-for-dns-01.txt
X-BeenThere: dns-privacy@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: <dns-privacy.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dns-privacy/>
List-Post: <mailto:dns-privacy@ietf.org>
List-Help: <mailto:dns-privacy-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 15 Jul 2015 17:06:36 -0000
On Wed, Jul 15, 2015 at 12:53:46PM -0400, Shumon Huque wrote: > On Wed, Jul 15, 2015 at 12:01 PM, Ilari Liusvaara < > ilari.liusvaara@elisanet.fi> wrote: > > > On Wed, Jul 15, 2015 at 11:36:04AM -0400, Shumon Huque wrote: > > > On Tue, Jul 14, 2015 at 5:43 AM, Ilari Liusvaara < > > > ilari.liusvaara@elisanet.fi> wrote: > > > > The various security issues include POODLE TLS against some endpoints, > > LUCKY13 (various endpoints try to mitigate, but maybe not fully), > > length-recovery attacks via truncated_hmac and probably some other > > subtle attacks. > > > > Thanks for the elaboration. So if we follow the recommendations in the TLS > BCP (to summarize, TLS 1.2 only with AEAD ciphersuites), we are safe from a > bunch of these: POODLE, LUCKY13 (both padding oracle attacks), right? Is > there a pointer to the length recovery attack (and do we really care about > that for DNS privacy)? Yeah. As for pointer for length recovery, it is in one of the references of TLS BCP. The impact is seemingly to allow attacker to tell the amount of padding inserted at TLS level. > > TLS 1.3 will remove stream and block type ciphers (as well as > > RSA key exchange). > > > > That's great. There is one other feature in TLS 1.3 that will be beneficial > for DNS over TLS implementations for performance/latency reasons: the > planned 0-RTT mode for resumed sessions with previously seen resolvers > (most clients will take to the same resolvers), which will frequently cut > out 1RTT. Actually 0RTT is allowed even if performing full handshake (if the server has valid key on file, this also allows for skipping certificate auth). -Ilari
- [dns-privacy] I-D Action: draft-ietf-dprive-start… internet-drafts
- Re: [dns-privacy] I-D Action: draft-ietf-dprive-s… Wessels, Duane
- Re: [dns-privacy] I-D Action: draft-ietf-dprive-s… Ilari Liusvaara
- Re: [dns-privacy] I-D Action: draft-ietf-dprive-s… Shumon Huque
- Re: [dns-privacy] I-D Action: draft-ietf-dprive-s… Ilari Liusvaara
- Re: [dns-privacy] I-D Action: draft-ietf-dprive-s… Shumon Huque
- Re: [dns-privacy] I-D Action: draft-ietf-dprive-s… Ilari Liusvaara