Re: [dns-privacy] I-D Action: draft-ietf-dprive-padding-policy-01.txt
Shane Kerr <shane@time-travellers.org> Fri, 07 July 2017 10:05 UTC
Return-Path: <shane@time-travellers.org>
X-Original-To: dns-privacy@ietfa.amsl.com
Delivered-To: dns-privacy@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 43EF8129B6A for <dns-privacy@ietfa.amsl.com>; Fri, 7 Jul 2017 03:05:10 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 1.434
X-Spam-Level: *
X-Spam-Status: No, score=1.434 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_SBL_CSS=3.335, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RWfaldwRZaxb for <dns-privacy@ietfa.amsl.com>; Fri, 7 Jul 2017 03:05:09 -0700 (PDT)
Received: from time-travellers.nl.eu.org (c.time-travellers.nl.eu.org [IPv6:2a02:2770::21a:4aff:fea3:eeaa]) (using TLSv1.2 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 406F1129AD3 for <dns-privacy@ietf.org>; Fri, 7 Jul 2017 03:05:09 -0700 (PDT)
Received: from [2001:470:78c8:2::9] (helo=earth.zonnestelsel.tk) by time-travellers.nl.eu.org with esmtpsa (TLS1.2:RSA_AES_256_CBC_SHA1:256) (Exim 4.80) (envelope-from <shane@time-travellers.org>) id 1dTQ99-0001fC-TL; Fri, 07 Jul 2017 10:05:59 +0000
Date: Fri, 07 Jul 2017 10:05:06 +0000
From: Shane Kerr <shane@time-travellers.org>
To: Paul Hoffman <paul.hoffman@vpnc.org>
Cc: dns-privacy@ietf.org
Message-ID: <20170707100506.42659346@earth.zonnestelsel.tk>
In-Reply-To: <34355F3F-88C0-4D17-B25E-E5B3A864B83A@vpnc.org>
References: <149911712731.22782.2792826496381014188@ietfa.amsl.com> <CAHXf=0pDy9+vp-gfEAfMwb27w8fc8WqSfBL4eC4LZZzLG+XLOw@mail.gmail.com> <34355F3F-88C0-4D17-B25E-E5B3A864B83A@vpnc.org>
X-Mailer: Claws Mail 3.14.1 (GTK+ 2.24.31; x86_64-pc-linux-gnu)
MIME-Version: 1.0
Content-Type: multipart/signed; micalg="pgp-sha256"; boundary="Sig_/=p9esFAE9cfTHO2sOczz=Fs"; protocol="application/pgp-signature"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dns-privacy/x4OMvts5rQkxg900ToBpJWj06fs>
Subject: Re: [dns-privacy] I-D Action: draft-ietf-dprive-padding-policy-01.txt
X-BeenThere: dns-privacy@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: <dns-privacy.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dns-privacy/>
List-Post: <mailto:dns-privacy@ietf.org>
List-Help: <mailto:dns-privacy-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 07 Jul 2017 10:05:10 -0000
Paul, At 2017-07-06 18:09:51 -0700 "Paul Hoffman" <paul.hoffman@vpnc.org> wrote: > On 3 Jul 2017, at 14:29, Alexander Mayrhofer wrote: > > > i've updated the Padding Policy draft - the main change is the > > inclusion of an actual recommendation, essentially a blunt copy of > > Daniel's recommendations from his empirical research work. > > > > I'm looking forward to hearing a discussion around these > > recommendations - I will subsequently update the draft based on the > > outcome of those discussions. > > The new wording seems fine to me. I know we'll get people complaining > about how long the suggested defaults are, but they are just suggested > defaults, not demands. I agree, and let me be the first to complain. ;) As I said in my previous e-mail on this, I think we should minimize the number of packets, so we should pad to a value that fits into something based on the 1500 byte value. The easiest approach is to use 500 bytes (not 468) as the block size. Alternately we could use 486 bytes to account for tunneled traffic. It's not a big concern, but I also don't see any reason not to do this. Cheers, -- Shane
- [dns-privacy] I-D Action: draft-ietf-dprive-paddi… internet-drafts
- Re: [dns-privacy] I-D Action: draft-ietf-dprive-p… Alexander Mayrhofer
- Re: [dns-privacy] I-D Action: draft-ietf-dprive-p… Hugo Connery
- Re: [dns-privacy] I-D Action: draft-ietf-dprive-p… Paul Hoffman
- Re: [dns-privacy] I-D Action: draft-ietf-dprive-p… Shane Kerr
- Re: [dns-privacy] I-D Action: draft-ietf-dprive-p… Shane Kerr
- Re: [dns-privacy] I-D Action: draft-ietf-dprive-p… Tony Finch
- Re: [dns-privacy] I-D Action: draft-ietf-dprive-p… Ilari Liusvaara
- Re: [dns-privacy] I-D Action: draft-ietf-dprive-p… Stephane Bortzmeyer
- Re: [dns-privacy] I-D Action: draft-ietf-dprive-p… Stephane Bortzmeyer