IETF Logo Mail Archive

Re: [dns-privacy] draft-ietf-dprive-phase2-requirements: The User Perspective and Use Cases

"Hollenbeck, Scott" <shollenbeck@verisign.com> Tue, 23 March 2021 15:26 UTC

Return-Path: <shollenbeck@verisign.com>
X-Original-To: dns-privacy@ietfa.amsl.com
Delivered-To: dns-privacy@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C16BD3A122E for <dns-privacy@ietfa.amsl.com>; Tue, 23 Mar 2021 08:26:47 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.099
X-Spam-Level:
X-Spam-Status: No, score=-2.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=verisign.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id GU05fIX8Rs3D for <dns-privacy@ietfa.amsl.com>; Tue, 23 Mar 2021 08:26:43 -0700 (PDT)
Received: from mail5.verisign.com (mail5.verisign.com [69.58.187.31]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8C8D43A122C for <dns-privacy@ietf.org>; Tue, 23 Mar 2021 08:26:43 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=verisign.com; l=3314; q=dns/txt; s=VRSN; t=1616513204; h=from:to:date:message-id:references:in-reply-to: content-transfer-encoding:mime-version:subject; bh=EqkV54Yt+VpbEln0fhxx+4EcD4KT/Z/3YEsVmr/nRJ8=; b=Q1ebRu/jXnPygOJqnyMqwHABzkkWJ73PaY5JpCAGVEF3k+z2uvfFtCod 45zlfY0/myV0Mc2tFoASsZQnlgr5x5BGs2OD8cZapl79QIjy6wFgJSbat yuLMz+n1UsuHTQuvNxHjXuvRnsD5Wv286rRNrrLCtLjPyBDh7SCpC6ucR DmYliIq0DdLTu9BkHdV3wI5zw2ZMPwplcDNgKYABoF/vD3ombsu7RwpnW q2xx9raO6oFD2kaVNuv3ZFHr6GXCiTwvpDD2pyZkSJaDduHO8fBtEfP23 ZUX+zKo+w2GcCcY+0DnVpPwDFpVgEqGnDNP8KhzwN8cuZtGitTCQxmMKs g==;
IronPort-SDR: 2BZ93aebC+RYibkWtbRJVxDacwE48Jvkin3NbHTIfs6eGqiMgRcP9dw/snBSYvRJhe/Aj1aDnK L1Mc/7ruZBbp40oPbjnk0mLcviVW89rHiNmMPcTfS5mk4YAqTxfYkdCrOoGHywpp2TBM5riHhV 1nbzb+IqaVouucmzBZskptSpdkXxfBadO4FK0AkTQ+rou76P9wVNpWcdtTkVezI450UKU1fFwi aYPY+73q6oX2D8TfdP5pngaQpZ5J0Wk9GTzvk2EGK8rV7Wa+foMkO+g1TSTw/h5RMX2DElYr4W 3cs=
IronPort-HdrOrdr: A9a23:uEI3oakrKmeA7C3tkXYmFkUuUnLpDfK73DAbvn1ZSRFFG/Gwvc aogfgdyFvIkz4XQn4tgpStP6OHTHPa+/dOkOwsFJ2lWxTrv3btEZF64eLZsl/dMgD36+I178 ddWodkDtmYNzZHpOLbxCX9LNo62tmA98mT6tv29HtmQQF0Z6wI1W4QNi+gDkZ0SANabKBJd6 a028wvnVudUEVSQMi9CmIMQuTP4/ba/aiLXTc2Qzoq8hOHgz/tyrLreiLz4j4uFxdC260r/2 SAqRH+/anLiZyG4wXRzHDe9K5bn9bdyt9ObfbmtvQo
X-IronPort-AV: E=Sophos;i="5.81,272,1610427600"; d="scan'208";a="5906989"
Received: from BRN1WNEX02.vcorp.ad.vrsn.com (10.173.153.49) by BRN1WNEX02.vcorp.ad.vrsn.com (10.173.153.49) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2176.2; Tue, 23 Mar 2021 11:26:42 -0400
Received: from BRN1WNEX02.vcorp.ad.vrsn.com ([fe80::7c0a:1cc:5def:9dde]) by BRN1WNEX02.vcorp.ad.vrsn.com ([fe80::7c0a:1cc:5def:9dde%4]) with mapi id 15.01.2176.009; Tue, 23 Mar 2021 11:26:42 -0400
From: "Hollenbeck, Scott" <shollenbeck@verisign.com>
To: "brian@innovationslab.net" <brian@innovationslab.net>, "dns-privacy@ietf.org" <dns-privacy@ietf.org>
Thread-Topic: [EXTERNAL] Re: [dns-privacy] draft-ietf-dprive-phase2-requirements: The User Perspective and Use Cases
Thread-Index: AdccsGYrdqLwH3WvQl6guRcy0JfyLQDX4Q8AAAYO/KA=
Date: Tue, 23 Mar 2021 15:26:42 +0000
Message-ID: <fb3e7c07c76f41c6b1ee8d002cc685d3@verisign.com>
References: <edd165f702ad4a9c87c70fdf28057835@verisign.com> <9e10aec3-0bb3-a1ed-1bad-9da6995e9db9@innovationslab.net>
In-Reply-To: <9e10aec3-0bb3-a1ed-1bad-9da6995e9db9@innovationslab.net>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.170.148.18]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/dns-privacy/tLwfZmTu26-rkdbSkjyE3vMd730>
Subject: Re: [dns-privacy] draft-ietf-dprive-phase2-requirements: The User Perspective and Use Cases
X-BeenThere: dns-privacy@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <dns-privacy.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dns-privacy/>
List-Post: <mailto:dns-privacy@ietf.org>
List-Help: <mailto:dns-privacy-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 23 Mar 2021 15:26:48 -0000

> -----Original Message-----
> From: dns-privacy <dns-privacy-bounces@ietf.org> On Behalf Of Brian
> Haberman
> Sent: Tuesday, March 23, 2021 10:11 AM
> To: dns-privacy@ietf.org
> Subject: [EXTERNAL] Re: [dns-privacy] draft-ietf-dprive-phase2-
> requirements: The User Perspective and Use Cases
> 
> Caution: This email originated from outside the organization. Do not click links
> or open attachments unless you recognize the sender and know the content
> is safe.
> 
> Hi Scott,
>      Thanks for kicking this discussion off. A question (or two) inline for us to
> consider...
> 
> On 3/19/21 7:10 AM, Hollenbeck, Scott wrote:
> > Section 9.1 of draft-ietf-dprive-phase2-requirements currently contains
> this text:
> >
> > "As recursors typically forwards queries received from the user to
> authoritative servers.  This creates a transitive trust between the user and
> the recursor, as well as the authoritative server, since information created by
> the user is exposed to the authoritative server.  However, the user never has
> a chance to identify what data was exposed to which authoritative party (via
> which path).
> >
> > Also, Users would want to be informed about the status of the
> > connections which were made on their behalf, which adds a fourth point
> >
> > Encryption/privacy status signaling
> >
> > *TODO*: Actual requirements - what do users "want"?  Start below:"
> >
> > I'm not sure there's much to be added here since users currently have no
> ability to pick and choose services that a recursive resolver negotiates with an
> authoritative name server. The user can pick a recursive resolver based on
> the set of services it provides, and that's about it. I'd like to suggest that we
> replace the above text with something like the following:
> >
> > "Recursive resolvers typically act as intermediaries.  They forward
> > queries received from users to authoritative servers without any
> configurable and/or measurable interaction between the user and the
> authoritative name servers. As when making requests through other
> intermediaries, users do not necessarily have the ability to identify
> information that is disclosed by the intermediary to other service provider,
> i.e., an authoritative server in this case. As such, users should simply choose a
> recursor that provides a set of services that best meets the user's need for
> information protection, along with other considerations."
> >
> 
> >From the pure user perspective, do they even know that their "DNS
> server" is an intermediary?

[SAH] For most people, probably not.

> What phase 2 requirement can be derived from the above?

[SAH] There isn't one. This text appears in the Appendix, which (I believe) helps set the context for the requirements that appear in the sections that precede it without including additional requirements. If there's an intention to include requirements in Section 9, it might help to call it something other than "Appendix", to move it up higher in the document, and to think about where normative language is needed. My preference is to leave it where it is, use it to provide background information, and not include normative language.

Scott

v2.23.0 | Report a Bug | By Email