Re: [dns-privacy] Presenting draft-dkgjsal-dprive-unilateral-probing
Joey Salazar <joeygsal@gmail.com> Thu, 18 November 2021 19:51 UTC
Return-Path: <joeygsal@gmail.com>
X-Original-To: dns-privacy@ietfa.amsl.com
Delivered-To: dns-privacy@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 95D0E3A0A0B for <dns-privacy@ietfa.amsl.com>; Thu, 18 Nov 2021 11:51:07 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jeFBB9kTgc8u for <dns-privacy@ietfa.amsl.com>; Thu, 18 Nov 2021 11:51:02 -0800 (PST)
Received: from mail-ua1-x92f.google.com (mail-ua1-x92f.google.com [IPv6:2607:f8b0:4864:20::92f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BD86D3A0A07 for <dns-privacy@ietf.org>; Thu, 18 Nov 2021 11:51:02 -0800 (PST)
Received: by mail-ua1-x92f.google.com with SMTP id b17so16384417uas.0 for <dns-privacy@ietf.org>; Thu, 18 Nov 2021 11:51:02 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=FCVQfTQMMdXJ7CJ2xOukU2uwVynKLuU8F0RPlsgev74=; b=CDw8O4xWCJRq1ZEphO/1aHfvJpSCMBP188bEL/mJ/h6BqacAIyHeMLZdh+MZEnIWt2 YCqCrgAbyZ/iaYmiih/4gVbn17cPlmHTMkMNU6j/Lkx5spaZ9qtMlOm0AleozxisCgrA GqIN8LjG0O4z2v79RFGfc6UDfX5Y1jCdkyJtcK9RoaYiZvySb4fC+rdEudFXoSVsRgcZ CWvVsIyV6LvEk9dYHHHnkZ5wwWRhsu1yL+v8Nl3zV7GWiF+yFKke8q8C8VN+7+0SwLZu I5w3JqlgSkO1diY+kH5tsvOkoFD8Apc/qUcygyBC6EBa+IayHKXpuGaCwC7Q1ZONx1QS eySg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=FCVQfTQMMdXJ7CJ2xOukU2uwVynKLuU8F0RPlsgev74=; b=OrG29E9R4a0/QM1QOHqiJyh+0R19/LHG8jQm3oZRieqIYPE6S9cLwiullDqbQHgn/a gvmlDduaMynzTltYvhIxLbG8gF9B7L0DB720ggNKI1QdT4ITr209456Ce/K9e+RvWjNq K7kQ2L0hY/ljoyf4t1jg708ASdrfo+C4O0gDC9DHv8HDiFsgN9It61fkrStVazO0VtVx tTg8a0J7YvoYO85bva/+pKMk6/lDza3x+pyu0W4M9TFZ/1k+Eguj50wVRIdLVFyPiy0W uUvrge80MENzYhw9euAc4Kurow7Tg9J2YjqwWzbq0LNkAQELfoAbrUtVow16R6rJTLgH TYbg==
X-Gm-Message-State: AOAM532h0TdVd52FYQZ3fHtfyhklhECvI122x5tvZrK7jhFKb7yXuoLD MRdgxC5T3Slk6/ZdtCKCuVruwz5Y0OPMZHRdgS+SNSpFx8E=
X-Google-Smtp-Source: ABdhPJxzQSoEChLy+cZ2NAw6314CGouo8WZkqlkLpJ1h7fCE7XmrZyk5U800Od7h2op4YX4LfPmBWk5tH/1Q7ChSQUw=
X-Received: by 2002:a05:6102:905:: with SMTP id x5mr84455918vsh.58.1637265061103; Thu, 18 Nov 2021 11:51:01 -0800 (PST)
MIME-Version: 1.0
References: <CAEhLraigpHAzit_EHwOSE7uS12Q4EngGpTsYgm_JVbZmVR82pg@mail.gmail.com>
In-Reply-To: <CAEhLraigpHAzit_EHwOSE7uS12Q4EngGpTsYgm_JVbZmVR82pg@mail.gmail.com>
From: Joey Salazar <joeygsal@gmail.com>
Date: Thu, 18 Nov 2021 20:53:07 +0100
Message-ID: <CAEhLrahFtgOtMFmdtGy29dW1Mc9+qtLbXEk5aLL3BTinz4H_5Q@mail.gmail.com>
To: dns-privacy@ietf.org
Cc: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Content-Type: multipart/alternative; boundary="0000000000005ecbe705d1157a11"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dns-privacy/rLgjbMZstb3JUUKnrcbbJzRy68E>
Subject: Re: [dns-privacy] Presenting draft-dkgjsal-dprive-unilateral-probing
X-BeenThere: dns-privacy@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Addition of privacy to the DNS protocol <dns-privacy.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dns-privacy/>
List-Post: <mailto:dns-privacy@ietf.org>
List-Help: <mailto:dns-privacy-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 18 Nov 2021 19:51:08 -0000
Hi dprive, We've uploaded version -00 to the datatracker [1]. Thanks in particular to Paul Hoffman, Kris Shrishak, Ralf Weber, Christian Huitema, and Jim Reid for the feedback received so far, it has been very encouraging. We will update the draft to -01 soon with edits from that feedback and from the dprive meeting last week, and we'd like to renew our invitation to the group for critique, support, and edits; although discussion in this mailing list is preferred, we also welcome issues and MRs in the GitLab repo [2], which we will then relay to the mailing list. Very looking forward to further discussion, -- dkg and jsal [1] https://datatracker.ietf.org/doc/draft-dkgjsal-dprive-unilateral-probing/ [2] https://gitlab.com/dkg/dprive-unilateral-probing On Fri, Nov 5, 2021 at 4:54 PM Joey Salazar <joeygsal@gmail.com> wrote: > Hi dprive, > > dkg and I have been working on a draft [1] on unilateral, opportunistic > DNS probing for encrypted connections between recursive resolvers and > authoritative servers. We welcome the groups' feedback on the early work we > have so far. > > [1] https://dkg.gitlab.io/dprive-unilateral-probing/ > > The draft's main difference from draft-ietf-dprive-unauth-to-authoritative > is that we currently focus on probing instead of signaling; we're trying to > define *how* to probe for encrypted transports in a way that is the most > efficient (that is, that introduces the smallest costs to the participants > in the ecosystem), without introducing any new protocol elements. > > From drafting this proposal, we believe that signaling seems necessary for > strong (authenticated) encryption, but we don't think that there is any > reason to delay deployment of protection against passive observers while > the WG hashes out the details of the signal. We also think this proposal > highlights some of the most relevant factors potentially needed in the > signal. > > We will present the work at the upcoming DPRIVE meeting at IETF 112 > (Thursday Session I, 12:00-14:00 UTC). > > All your comments, critiques, and suggestions very much welcome, > -- > dkg and Joey > >
- [dns-privacy] Presenting draft-dkgjsal-dprive-uni… Joey Salazar
- Re: [dns-privacy] Presenting draft-dkgjsal-dprive… Joey Salazar