Re: [dns-privacy] Last Call: <draft-ietf-dprive-rfc7626-bis-03.txt> (DNS Privacy Considerations) to Informational RFC

Sara Dickinson <sara@sinodun.com> Fri, 24 January 2020 14:45 UTC

Return-Path: <sara@sinodun.com>
X-Original-To: dns-privacy@ietfa.amsl.com
Delivered-To: dns-privacy@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C50C212008D; Fri, 24 Jan 2020 06:45:35 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.001
X-Spam-Level:
X-Spam-Status: No, score=-2.001 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=sinodun.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id skiMvRFf63M7; Fri, 24 Jan 2020 06:45:31 -0800 (PST)
Received: from balrog.mythic-beasts.com (balrog.mythic-beasts.com [IPv6:2a00:1098:0:82:1000:0:2:1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 479FA12006E; Fri, 24 Jan 2020 06:45:31 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sinodun.com ; s=mythic-beasts-k1; h=To:Date:From:Subject; bh=VhG5jNXF1EhcApOc6/D2mZL5M3cFT1nhzVTMK5ZJubI=; b=ktRkn5y7OPTYL9aJOc8EEEvIsW KjKBJuCHZVy7xJtp2p9WTTtxN3J4WE5FHOPdLVgNnUgMccxon6BeBUWuxGlBDnsk5/UnONDCOa1RT fKHidCkIeAjvee6mMF8jrAx1CVZc99EhYoM8tx2h7TOqpZgNfH5EwvniUDCdSPh+8AmPWXBa8dkme qmGR8OSRB6Ab91cU1FTBJK648QxM2Xw1uXcxjqPbqW14rl6/l5eg4UaPjHwI/AqI1QuYK7LWKh6ja tIu7CgaapFTPjoe2O5lCnguVbKP+InbVONvXi/RGQUHrLBuV+j4cjbBX7pWOF2+wjJTQK1dRxNAJi TkcmWtfg==;
Received: from [2a02:8010:6126:0:3906:dc5c:c2bd:8c46] (port=55528) by balrog.mythic-beasts.com with esmtpsa (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92.3) (envelope-from <sara@sinodun.com>) id 1iv0D6-0000Pb-T8; Fri, 24 Jan 2020 14:45:29 +0000
Content-Type: text/plain; charset=utf-8
Mime-Version: 1.0 (Mac OS X Mail 12.4 \(3445.104.11\))
From: Sara Dickinson <sara@sinodun.com>
In-Reply-To: <6.2.5.6.2.20200123054531.0be20578@elandnews.com>
Date: Fri, 24 Jan 2020 14:44:51 +0000
Cc: DNS Privacy Working Group <dns-privacy@ietf.org>, Brian Haberman <brian@innovationslab.net>, draft-ietf-dprive-rfc7626-bis@ietf.org, dprive-chairs@ietf.org
Content-Transfer-Encoding: quoted-printable
Message-Id: <4FEA964A-E161-4669-AA14-99EAE4A40DA5@sinodun.com>
References: <157412591286.14148.8912544206473080519.idtracker@ietfa.amsl.com> <6.2.5.6.2.20200101181705.081679d0@elandnews.com> <5C842DC4-0D89-4348-B810-9441F381B588@sinodun.com> <6.2.5.6.2.20200123054531.0be20578@elandnews.com>
To: S Moonesamy <sm+ietf@elandsys.com>
X-Mailer: Apple Mail (2.3445.104.11)
X-BlackCat-Spam-Score: 4
Archived-At: <https://mailarchive.ietf.org/arch/msg/dns-privacy/vDkOrnQYLP3x07u2_yYpM1FnHkA>
Subject: Re: [dns-privacy] Last Call: <draft-ietf-dprive-rfc7626-bis-03.txt> (DNS Privacy Considerations) to Informational RFC
X-BeenThere: dns-privacy@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <dns-privacy.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dns-privacy/>
List-Post: <mailto:dns-privacy@ietf.org>
List-Help: <mailto:dns-privacy-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 24 Jan 2020 14:45:36 -0000


> On 23 Jan 2020, at 14:11, S Moonesamy <sm+ietf@elandsys.com> wrote:
> 
> Dear Sara,
> At 05:15 AM 23-01-2020, Sara Dickinson wrote:
>> > Section 3.2 discusses what a user does and use a DNS query related to email as an example.  Is the MUA expected to validated the MX RR or is it the role of the MSA?
>> 
>> I think questions of validation are out of scope for this draft.
> 
> Apologies for not explaining this correctly.  The draft is described as a document about the use of DNS.  Section 3.2 has the following: "It gives information about what the user does ("What are the MX records of example.net?" means he probably wants to send email to someone at example.net ..."  My question was about that DNS query.  Could you or the WG Chairs please explain why the question which I asked is out of scope for this draft?

Thanks to Brian for his explanation on this point which I agree with.

> 
>> Looking back, this text was introduced into the original I-D before RFC7624 was published and wasn't updated. Suggest:
>> 
>> OLD: The IAB privacy and security program also have a work in progress [RFC7624] that considers such inference-based attacks in a more general framework.
>> 
>> OLD: The IAB privacy and security program has also produced [RFC7624] that considers such inference-based attacks in a more general framework."
> 
> I gather that you meant "NEW" for the second part.  I am okay with that text.

Yes :-)

> 
>> The text says "to our knowledge"; no DPRIVE or IETF review comment to date (or errata to RFC7626) has contradicted this statement so I think it is a fair representation of the community knowledge on this matter. If you are aware of such a law please suggest text.
> 
> I asked whether there was a study.  According to the above, it is what the DPRIVE Working Group believes even though there wasn't any study.  I would like to thank you for the response as it addresses my question.

Ah, you were asking if there was a specific citation that could be included… No, not to my knowledge. 

Thanks for your response.

Sara.