IETF Logo Mail Archive

Re: [dns-privacy] [Ext] Secdir early review of draft-ietf-dprive-unilateral-probing-07

"Salz, Rich" <rsalz@akamai.com> Sat, 24 June 2023 13:53 UTC

Return-Path: <rsalz@akamai.com>
X-Original-To: dns-privacy@ietfa.amsl.com
Delivered-To: dns-privacy@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8ED47C14CEFF; Sat, 24 Jun 2023 06:53:46 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.096
X-Spam-Level:
X-Spam-Status: No, score=-7.096 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=akamai.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id yFsxUUV7RX-S; Sat, 24 Jun 2023 06:53:42 -0700 (PDT)
Received: from mx0a-00190b01.pphosted.com (mx0a-00190b01.pphosted.com [IPv6:2620:100:9001:583::1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DFA44C14CE33; Sat, 24 Jun 2023 06:53:42 -0700 (PDT)
Received: from pps.filterd (m0122333.ppops.net [127.0.0.1]) by mx0a-00190b01.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 35O44wVQ005809; Sat, 24 Jun 2023 14:53:20 +0100
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=akamai.com; h=from : to : cc : subject : date : message-id : references : in-reply-to : content-type : content-id : content-transfer-encoding : mime-version; s=jan2016.eng; bh=mpexjQVDJqEzaFBAMdHKuu0Wkbxt+c7+a5ngXcMISv4=; b=h9fSKOEtJvTLPSEZXdroeTjpGGIpw/wDa5PGbVxD/5NB4+A92ur/tODztqHnoIm9wBec qCBe2QO8wCPdFGyHbdAn5G3vXbOXb/yjrX5YDoIaXwXlvVDsgbrEK2f2lGYevwrcqBaG tluZwNr3QPTG8dByD9p5KSw0/n2tuQnnhQBWT12qKCD/Qdb7I4o0z4VXJb4wvDLJtBFU a6j9/z5ZL5OcQfihHOMtOjhDSNOsVZ/kmbWzNz64waHFi/4Z/tF/8/UWBNuqvHXNPrfp SebRfGpiGtbjEyRD+bTk0z52vwBZHN4xF4Dua7YzInwVcvL+cZv6vAfPPqrWiKrSyb2p nA==
Received: from prod-mail-ppoint5 (prod-mail-ppoint5.akamai.com [184.51.33.60] (may be forged)) by mx0a-00190b01.pphosted.com (PPS) with ESMTPS id 3rdqr8dfsb-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Sat, 24 Jun 2023 14:53:20 +0100
Received: from pps.filterd (prod-mail-ppoint5.akamai.com [127.0.0.1]) by prod-mail-ppoint5.akamai.com (8.17.1.19/8.17.1.19) with ESMTP id 35OA7vSK017887; Sat, 24 Jun 2023 06:53:18 -0700
Received: from email.msg.corp.akamai.com ([172.27.91.22]) by prod-mail-ppoint5.akamai.com (PPS) with ESMTPS id 3rdxf8gge7-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Sat, 24 Jun 2023 06:53:18 -0700
Received: from usma1ex-dag4mb7.msg.corp.akamai.com (172.27.91.26) by usma1ex-dag4mb3.msg.corp.akamai.com (172.27.91.22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1258.12; Sat, 24 Jun 2023 09:53:18 -0400
Received: from usma1ex-dag4mb7.msg.corp.akamai.com ([172.27.91.26]) by usma1ex-dag4mb7.msg.corp.akamai.com ([172.27.91.26]) with mapi id 15.02.1258.012; Sat, 24 Jun 2023 09:53:18 -0400
From: "Salz, Rich" <rsalz@akamai.com>
To: Paul Hoffman <paul.hoffman@icann.org>
CC: secdir <secdir@ietf.org>, "dns-privacy@ietf.org" <dns-privacy@ietf.org>, "draft-ietf-dprive-unilateral-probing.all@ietf.org" <draft-ietf-dprive-unilateral-probing.all@ietf.org>
Thread-Topic: [Ext] Secdir early review of draft-ietf-dprive-unilateral-probing-07
Thread-Index: AQHZpjXrcNdKpVFmdE6OkziffRo+I6+Z+giA
Date: Sat, 24 Jun 2023 13:53:18 +0000
Message-ID: <3ABCDB29-4F2E-4F9D-AF4D-2B32E0D7E69D@akamai.com>
References: <168634204133.61641.15990253589636399258@ietfa.amsl.com> <02EF3E5D-DF77-430F-B85D-8BA52387951B@icann.org>
In-Reply-To: <02EF3E5D-DF77-430F-B85D-8BA52387951B@icann.org>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/16.73.23052000
x-originating-ip: [172.27.164.43]
Content-Type: text/plain; charset="utf-8"
Content-ID: <818AE2858DAB5F4F9E296792BD7A4199@akamai.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.254,Aquarius:18.0.957,Hydra:6.0.591,FMLib:17.11.176.26 definitions=2023-06-24_09,2023-06-22_02,2023-05-22_02
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 adultscore=0 bulkscore=0 malwarescore=0 suspectscore=0 phishscore=0 spamscore=0 mlxlogscore=999 mlxscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2305260000 definitions=main-2306240130
X-Proofpoint-ORIG-GUID: yGqLf77uEmWhUwEgReqr0ebQJPOA8TNL
X-Proofpoint-GUID: yGqLf77uEmWhUwEgReqr0ebQJPOA8TNL
X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.254,Aquarius:18.0.957,Hydra:6.0.591,FMLib:17.11.176.26 definitions=2023-06-24_10,2023-06-22_02,2023-05-22_02
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 impostorscore=0 adultscore=0 phishscore=0 spamscore=0 suspectscore=0 malwarescore=0 mlxlogscore=999 mlxscore=0 bulkscore=0 priorityscore=1501 lowpriorityscore=0 clxscore=1015 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2305260000 definitions=main-2306240130
Archived-At: <https://mailarchive.ietf.org/arch/msg/dns-privacy/xO9J3IyTd1QH14X2BoeTL12JRe0>
Subject: Re: [dns-privacy] [Ext] Secdir early review of draft-ietf-dprive-unilateral-probing-07
X-BeenThere: dns-privacy@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Addition of privacy to the DNS protocol <dns-privacy.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dns-privacy/>
List-Post: <mailto:dns-privacy@ietf.org>
List-Help: <mailto:dns-privacy-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 24 Jun 2023 13:53:46 -0000

I'm fine with all those decisions.

On 6/23/23, 8:50 PM, "Paul Hoffman" <paul.hoffman@icann.org <mailto:paul.hoffman@icann.org>> wrote:


Belated thanks for this review. I've accepted many of the nits without note, but some notes below.


--Paul Hoffman


On Jun 9, 2023, at 1:20 PM, Rich Salz via Datatracker <noreply@ietf.org <mailto:noreply@ietf.org>> wrote:
> 
> Reviewer: Rich Salz
> Review result: Has Nits
> 
> Sec 2.2 Is the main point of the first paragraph to say that DoQ and DoT
> don't address this type of deployment but leave it open for future docs? If
> so, maybe that's worth stating directly.


That idea was contentious in the WG because others tried to write those "future docs" but got nowhere. I'd rather not poke at them. The possibility of future docs is touched on in the abstract and the security considerations.


> Sec 3 I think the ALPN the client "should" use (lowercase) is better than "may
> use"


This would lead to later reviews if we meant to capitalize the "should". :-)


> Appendix A, is that to be removed when published? Should A and B explicitly
> say they are not normative?


The intended status of the document is now "experimental". Thus, Appendix A will remain in the document, and everything is not normative.

v2.23.0 | Report a Bug | By Email