[dns-privacy] Fwd: New Version Notification for draft-ghedini-dprive-early-data-01.txt
Alessandro Ghedini <alessandro@ghedini.me> Sat, 06 July 2019 16:48 UTC
Return-Path: <alessandro@ghedini.me>
X-Original-To: dns-privacy@ietfa.amsl.com
Delivered-To: dns-privacy@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3EE6712025F for <dns-privacy@ietfa.amsl.com>; Sat, 6 Jul 2019 09:48:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ghedini.me
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id L63ENhWuUrEm for <dns-privacy@ietfa.amsl.com>; Sat, 6 Jul 2019 09:48:29 -0700 (PDT)
Received: from blastoise.ghedini.me (blastoise.ghedini.me [IPv6:2001:19f0:6c01:a56:5400:1ff:fe4a:5694]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 670C31201D7 for <dns-privacy@ietf.org>; Sat, 6 Jul 2019 09:48:29 -0700 (PDT)
Received: from localhost (gate.flat11.house [82.69.45.54]) by blastoise.ghedini.me (Postfix) with ESMTPSA id 7FC6ADF501 for <dns-privacy@ietf.org>; Sat, 6 Jul 2019 16:48:26 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ghedini.me; s=mail; t=1562431706; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=pm1W6YMPp9sCXMRXkD2nZVxSJ6EvKw69q0hYa0Hozpc=; b=dtBRfeXrmuwo4XHNSpn+vkL6qiq6Y5Bx46QPQWIliKV052IMuTuWuYA/+PJVMvmj2BEHJt IlV7wPkwholIl8sr65ikmSiy9IzMuWSN6J6+M9L6m4Dx6pW9cvV4Px0vig4WRfOXhNc79R Mk8cy/oUviQBbJjVWmTS8KGgKwyF/Qg=
Date: Sat, 06 Jul 2019 17:48:23 +0100
From: Alessandro Ghedini <alessandro@ghedini.me>
To: dns-privacy@ietf.org
Message-ID: <20190706164823.GA29462@pinky.flat11.house>
References: <156242998138.15238.11931955927978549044.idtracker@ietfa.amsl.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <156242998138.15238.11931955927978549044.idtracker@ietfa.amsl.com>
User-Agent: Mutt/1.10.1 (2018-07-13)
Archived-At: <https://mailarchive.ietf.org/arch/msg/dns-privacy/x_tp0KaHBToKzWpyyn0IFJOpXXo>
Subject: [dns-privacy] Fwd: New Version Notification for draft-ghedini-dprive-early-data-01.txt
X-BeenThere: dns-privacy@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <dns-privacy.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dns-privacy/>
List-Post: <mailto:dns-privacy@ietf.org>
List-Help: <mailto:dns-privacy-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 06 Jul 2019 16:48:46 -0000
Hello, On Sat, Jul 06, 2019 at 09:19:41AM -0700, internet-drafts@ietf.org wrote: > A new version of I-D, draft-ghedini-dprive-early-data-01.txt > has been successfully submitted by Alessandro Ghedini and posted to the > IETF repository. > > Name: draft-ghedini-dprive-early-data > Revision: 01 > Title: Using Early Data in DNS over TLS > Document date: 2019-07-06 > Group: Individual Submission > Pages: 5 > URL: https://www.ietf.org/internet-drafts/draft-ghedini-dprive-early-data-01.txt > Status: https://datatracker.ietf.org/doc/draft-ghedini-dprive-early-data/ > Htmlized: https://tools.ietf.org/html/draft-ghedini-dprive-early-data-01 > Htmlized: https://datatracker.ietf.org/doc/html/draft-ghedini-dprive-early-data > Diff: https://www.ietf.org/rfcdiff?url2=draft-ghedini-dprive-early-data-01 > > Abstract: > This document illustrates the risks of using TLS 1.3 early data with > DNS over TLS, and specifies behaviors that can be adopted by clients > and servers to reduce those risks. I've been looking for information about using TLS 1.3 0-RTT with DoT, but all I could find was a discussion from over a year ago on the mailing list: https://mailarchive.ietf.org/arch/msg/dns-privacy/LKZeOAj7Y4fC-9hRcbX_4KVWu0Y So I wrote this document to try and document potential risks as well as capture requirements for DoT implementations deciding to add support for 0-RTT (RFC8446 in Appendix E.5 says that "Application protocols MUST NOT use 0-RTT data without a profile that defines its use). Most of the wording comes from RFC8470 and some content from the mailing list discussion mentioned above, though there are still some things that need to be filled in or expanded. In this new revision I expanded some of the sections as well as included some editorial fixes. The draft is maintained on GitHub at: https://github.com/ghedo/draft-ghedini-dprive-early-data Would be interested to know what people think about this. Cheers
- [dns-privacy] Fwd: New Version Notification for d… Alessandro Ghedini
- Re: [dns-privacy] Fwd: New Version Notification f… Livingood, Jason
- Re: [dns-privacy] New Version Notification for dr… Tom Pusateri
- Re: [dns-privacy] Fwd: New Version Notification f… Ben Schwartz
- Re: [dns-privacy] New Version Notification for dr… Dan Wing
- Re: [dns-privacy] [EXTERNAL] Re: New Version Noti… Livingood, Jason
- Re: [dns-privacy] New Version Notification for dr… Alessandro Ghedini
- Re: [dns-privacy] Fwd: New Version Notification f… Alessandro Ghedini
- Re: [dns-privacy] Fwd: New Version Notification f… Christian Huitema