[dns-privacy] review of dprive-unilateral-probing
Alexander Mayrhofer <alexander.mayrhofer@nic.at> Wed, 06 April 2022 15:52 UTC
Return-Path: <alexander.mayrhofer@nic.at>
X-Original-To: dns-privacy@ietfa.amsl.com
Delivered-To: dns-privacy@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7F05C3A19F3 for <dns-privacy@ietfa.amsl.com>; Wed, 6 Apr 2022 08:52:13 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.107
X-Spam-Level:
X-Spam-Status: No, score=-2.107 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=nic.at
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id P3LR9-u8FvAm for <dns-privacy@ietfa.amsl.com>; Wed, 6 Apr 2022 08:52:08 -0700 (PDT)
Received: from mail.sbg.nic.at (mail.sbg.nic.at [83.136.33.227]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6FFFA3A19DD for <dns-privacy@ietf.org>; Wed, 6 Apr 2022 08:52:08 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nic.at; s=it2019; h=From:From:To:CC:Subject:Date:Message-Id:Content-Type:Received:Received:Received; bh=9SRQBTv8GDUH0M6b0ZIm8WPjC5lxUdRn/Cy3UdO4lCk=; b=Gh5aqh9bcBfStZwXnrL/czXApn98lKS1D3dQigimqrV5HBAUE2eY3G8ETgG3ZxDi1DXsMBZkgdOEJZ8UHjplzZRffvFl6e4ybdI/JtN+2nGDRWSUn4ddgseza3fAMSEA4SbX6pHbI3VaB/KSo3smQPuiPWV+QNKuCSSPyHmGqFytkYeouDSe0NVb4kS8G7cnU/9/SiZHkxaPp13+iZPqCa3XWMrZYCk63WARIhdawRlOpSTP2xX98cvDdVhh4LKFKa00IeB3lYRFg6zpZfKe8ZikBuXiGI3VJoN5dihLGPQcOS/OA9ML6t6GmUvsOQZMiZ5UZ143GNCQ9ZIt9uwvtg==;
Received: from nics-exch3.sbg.nic.at ([10.17.175.2]) by mail.sbg.nic.at over TLS secured channel (TLSv1.2:ECDHE-RSA-AES128-GCM-SHA256:128) with XWall v3.56 ; Wed, 6 Apr 2022 17:52:01 +0200
Received: from nics-exch3.sbg.nic.at (10.17.175.2) by nics-exch3.sbg.nic.at (10.17.175.2) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.12; Wed, 6 Apr 2022 17:52:00 +0200
Received: from nics-exch3.sbg.nic.at ([fe80::3079:e311:a6d4:792b]) by nics-exch3.sbg.nic.at ([fe80::3079:e311:a6d4:792b%2]) with mapi id 15.01.2375.012; Wed, 6 Apr 2022 17:52:00 +0200
Thread-Topic: review of dprive-unilateral-probing
Thread-Index: AdhJx0vWEAgptssiRjGAALD0SVQhuQ==
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.11.83.53]
From: Alexander Mayrhofer <alexander.mayrhofer@nic.at>
To: "dns-privacy@ietf.org" <dns-privacy@ietf.org>
Date: Wed, 06 Apr 2022 17:52:00 +0200
X-Assembled-By: XWall v3.56
Message-ID: <e9762b975b124de58cf176a87b290949@nic.at>
X-XWALL-BCKS: auto
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/dns-privacy/wavJvxZcm7SD_JROd35AI4pxvI0>
Subject: [dns-privacy] review of dprive-unilateral-probing
X-BeenThere: dns-privacy@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Addition of privacy to the DNS protocol <dns-privacy.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dns-privacy/>
List-Post: <mailto:dns-privacy@ietf.org>
List-Help: <mailto:dns-privacy-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 06 Apr 2022 15:52:14 -0000
Hello dkg, all, as requested by the WG chairs, I've reviewed draft-ietf-dprive-unilateral-probing. Here are my comments: - I think the "DNS camel" comment in the introduction would be hard to understand for any uninitiated person. While it fits the text perfectly now, I think it should be reworded (or a reference should be added) once we move towards publication. - In minimizing negative impacts, the third bullet should probable be "the potential for amplification attacks.. ", and the second "excessive use of computational..." (NIT). I think many implementors are concerned about excessive requirements to keep state, but I guess that's covered by the mem/CPU bullet, even on intermediaries (Firewalls, etc.) - I agree to the prococol choices considerations. Towards publication, we should shorten the paragraph about the DoH path problem. - As noted in the WG discussion, the X.509 certificate with common names of all the names an authoritative server is known under could be problematic, because customers are usually "creating" their own nameserver names without necessarily informing the op of the nameserver. Side note - this might be an interesting research topic - to look at the names requested in SNI to the DoT port of such servers ... (once we have deployment!) - I guess implementors have more to say about the client-side probing strategy proposed, but it does look very reasonable to me. Maybe we can get feedback from early implementations on optimizing the resource-use of state information required. - The ALPNs under section 4.2 should be quoted. - The description of the connection state (4.3, first section, and the state mangling in 4.5.*) is very close to implementation specifications - do we really need that great detail for the protocol to be interopable? Given the connection to the requirements in 4.5.1, I do admit it's tricky. Maybe we should move that to an Appendix? Section 4.3.1, though, is more like an abstract requirement, and should be kept in. Maybe re-order? I agree on the 4.4. "per IP address" recommendation. It might even be worse for v4/v6 deployments. - in 4.5.3, regarding the FIXME, I think the client SHOULD keep using the existing connection for the non-preferred transport, but MAY re-probe for the preferred transport, and upgrade to that if probing succeeds - (maybe pretty complicated to implement, though?) - All the "identifier" strings in the draft should be quoted. (such as "early", "unsent", etc..) - maybe personal preference, but I find it clearer. Latest, the RFC editors will comment on that anyways. - For the Padding - as with DoQ I would recommend that the server SHOULD use padding according to RFC 7830, and may (lowercase) use the experimental policies set in RFC 8467. However, the individual transports may override this - DoQ eg. recommends QUIC-based padding over EDNS level padding. To sum it up - my comments are minor tweaks. It's a structurally good protocol and draft, thanks for the work! Best, Alex
- [dns-privacy] review of dprive-unilateral-probing Alexander Mayrhofer
- Re: [dns-privacy] review of dprive-unilateral-pro… Daniel Kahn Gillmor