IETF Logo Mail Archive

Re: [dns-privacy] I-D Action: draft-ietf-dprive-padding-policy-01.txt

Shane Kerr <shane@time-travellers.org> Fri, 07 July 2017 10:05 UTC

Return-Path: <shane@time-travellers.org>
X-Original-To: dns-privacy@ietfa.amsl.com
Delivered-To: dns-privacy@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 43EF8129B6A for <dns-privacy@ietfa.amsl.com>; Fri, 7 Jul 2017 03:05:10 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 1.434
X-Spam-Level: *
X-Spam-Status: No, score=1.434 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_SBL_CSS=3.335, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RWfaldwRZaxb for <dns-privacy@ietfa.amsl.com>; Fri, 7 Jul 2017 03:05:09 -0700 (PDT)
Received: from time-travellers.nl.eu.org (c.time-travellers.nl.eu.org [IPv6:2a02:2770::21a:4aff:fea3:eeaa]) (using TLSv1.2 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 406F1129AD3 for <dns-privacy@ietf.org>; Fri, 7 Jul 2017 03:05:09 -0700 (PDT)
Received: from [2001:470:78c8:2::9] (helo=earth.zonnestelsel.tk) by time-travellers.nl.eu.org with esmtpsa (TLS1.2:RSA_AES_256_CBC_SHA1:256) (Exim 4.80) (envelope-from <shane@time-travellers.org>) id 1dTQ99-0001fC-TL; Fri, 07 Jul 2017 10:05:59 +0000
Date: Fri, 07 Jul 2017 10:05:06 +0000
From: Shane Kerr <shane@time-travellers.org>
To: Paul Hoffman <paul.hoffman@vpnc.org>
Cc: dns-privacy@ietf.org
Message-ID: <20170707100506.42659346@earth.zonnestelsel.tk>
In-Reply-To: <34355F3F-88C0-4D17-B25E-E5B3A864B83A@vpnc.org>
References: <149911712731.22782.2792826496381014188@ietfa.amsl.com> <CAHXf=0pDy9+vp-gfEAfMwb27w8fc8WqSfBL4eC4LZZzLG+XLOw@mail.gmail.com> <34355F3F-88C0-4D17-B25E-E5B3A864B83A@vpnc.org>
X-Mailer: Claws Mail 3.14.1 (GTK+ 2.24.31; x86_64-pc-linux-gnu)
MIME-Version: 1.0
Content-Type: multipart/signed; micalg="pgp-sha256"; boundary="Sig_/=p9esFAE9cfTHO2sOczz=Fs"; protocol="application/pgp-signature"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dns-privacy/x4OMvts5rQkxg900ToBpJWj06fs>
Subject: Re: [dns-privacy] I-D Action: draft-ietf-dprive-padding-policy-01.txt
X-BeenThere: dns-privacy@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: <dns-privacy.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dns-privacy/>
List-Post: <mailto:dns-privacy@ietf.org>
List-Help: <mailto:dns-privacy-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 07 Jul 2017 10:05:10 -0000

Paul,

At 2017-07-06 18:09:51 -0700
"Paul Hoffman" <paul.hoffman@vpnc.org> wrote:

> On 3 Jul 2017, at 14:29, Alexander Mayrhofer wrote:
> 
> > i've updated the Padding Policy draft - the main change is the
> > inclusion of an actual recommendation, essentially a blunt copy of
> > Daniel's recommendations from his empirical research work.
> >
> > I'm looking forward to hearing a discussion around these
> > recommendations - I will subsequently update the draft based on the
> > outcome of those discussions.  
> 
> The new wording seems fine to me. I know we'll get people complaining 
> about how long the suggested defaults are, but they are just suggested 
> defaults, not demands.

I agree, and let me be the first to complain. ;)

As I said in my previous e-mail on this, I think we should minimize the
number of packets, so we should pad to a value that fits into something
based on the 1500 byte value.

The easiest approach is to use 500 bytes (not 468) as the block size.
Alternately we could use 486 bytes to account for tunneled traffic.
It's not a big concern, but I also don't see any reason not to do this.

Cheers,

--
Shane

v2.23.0 | Report a Bug | By Email