Re: [dns-privacy] NS names, was re-evaluation of the draft, was Re: [Fwd: New Version Notification for draft-vandijk-dprive-ds-dot-signal-and-pin-00.txt]
Christian Huitema <huitema@huitema.net> Wed, 10 June 2020 03:43 UTC
Return-Path: <huitema@huitema.net>
X-Original-To: dns-privacy@ietfa.amsl.com
Delivered-To: dns-privacy@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 825443A0E17 for <dns-privacy@ietfa.amsl.com>; Tue, 9 Jun 2020 20:43:56 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.898
X-Spam-Level:
X-Spam-Status: No, score=-1.898 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7YHViSILjdXP for <dns-privacy@ietfa.amsl.com>; Tue, 9 Jun 2020 20:43:54 -0700 (PDT)
Received: from mx43-out1.antispamcloud.com (mx43-out1.antispamcloud.com [138.201.61.189]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 54F713A0E16 for <dns-privacy@ietf.org>; Tue, 9 Jun 2020 20:43:54 -0700 (PDT)
Received: from xse339.mail2web.com ([66.113.197.85] helo=xse.mail2web.com) by mx169.antispamcloud.com with esmtp (Exim 4.92) (envelope-from <huitema@huitema.net>) id 1jireW-0016Px-HG for dns-privacy@ietf.org; Wed, 10 Jun 2020 05:43:51 +0200
Received: from xsmtp22.mail2web.com (unknown [10.100.68.61]) by xse.mail2web.com (Postfix) with ESMTPS id 49hXsG2zmpzLmg for <dns-privacy@ietf.org>; Tue, 9 Jun 2020 20:43:46 -0700 (PDT)
Received: from [10.5.2.31] (helo=xmail09.myhosting.com) by xsmtp22.mail2web.com with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:256) (Exim 4.92) (envelope-from <huitema@huitema.net>) id 1jireU-0001z9-8t for dns-privacy@ietf.org; Tue, 09 Jun 2020 20:43:46 -0700
Received: (qmail 25570 invoked from network); 10 Jun 2020 03:43:45 -0000
Received: from unknown (HELO [192.168.1.107]) (Authenticated-user:_huitema@huitema.net@[172.58.43.64]) (envelope-sender <huitema@huitema.net>) by xmail09.myhosting.com (qmail-ldap-1.03) with ESMTPA for <dns-privacy@ietf.org>; 10 Jun 2020 03:43:45 -0000
To: Shumon Huque <shuque@gmail.com>, John Levine <johnl@taugh.com>
Cc: dns-privacy@ietf.org
References: <CAHPuVdUoZVecj5Jfd6NxyJ-cRhTJTS1N8vcC5pC3uWQECLOCnQ@mail.gmail.com> <20200609183122.203851A5666F@ary.qy> <CAHPuVdVwxSG3pXNECy-2CUtR-bMG4DyQ5cYQPcnf9xNjzVGc4Q@mail.gmail.com>
From: Christian Huitema <huitema@huitema.net>
Autocrypt: addr=huitema@huitema.net; prefer-encrypt=mutual; keydata= mDMEXtavGxYJKwYBBAHaRw8BAQdA1ou9A5MHTP9N3jfsWzlDZ+jPnQkusmc7sfLmWVz1Rmu0 J0NocmlzdGlhbiBIdWl0ZW1hIDxodWl0ZW1hQGh1aXRlbWEubmV0PoiWBBMWCAA+FiEEw3G4 Nwi4QEpAAXUUELAmqKBYtJQFAl7WrxsCGwMFCQlmAYAFCwkIBwIGFQoJCAsCBBYCAwECHgEC F4AACgkQELAmqKBYtJQbMwD/ebj/qnSbthC/5kD5DxZ/Ip0CGJw5QBz/+fJp3R8iAlsBAMjK r2tmyWyJz0CUkVG24WaR5EAJDvgwDv8h22U6QVkAuDgEXtavGxIKKwYBBAGXVQEFAQEHQJoM 6MUAIqpoqdCIiACiEynZf7nlJg2Eu0pXIhbUGONdAwEIB4h+BBgWCAAmFiEEw3G4Nwi4QEpA AXUUELAmqKBYtJQFAl7WrxsCGwwFCQlmAYAACgkQELAmqKBYtJRm2wD7BzeK5gEXSmBcBf0j BYdSaJcXNzx4yPLbP4GnUMAyl2cBAJzcsR4RkwO4dCRqM9CHpVJCwHtbUDJaa55//E0kp+gH
Message-ID: <b10fb7a1-08f9-9cff-f29d-3a43eec6772f@huitema.net>
Date: Tue, 09 Jun 2020 20:43:44 -0700
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:68.0) Gecko/20100101 Thunderbird/68.8.1
MIME-Version: 1.0
In-Reply-To: <CAHPuVdVwxSG3pXNECy-2CUtR-bMG4DyQ5cYQPcnf9xNjzVGc4Q@mail.gmail.com>
Content-Type: multipart/alternative; boundary="------------CE2D41D721C1A7E4265016E4"
Content-Language: en-US
X-Originating-IP: 66.113.197.85
X-Spampanel-Domain: xsmtpout.mail2web.com
X-Spampanel-Username: 66.113.197.0/24
Authentication-Results: antispamcloud.com; auth=pass smtp.auth=66.113.197.0/24@xsmtpout.mail2web.com
X-Spampanel-Outgoing-Class: unsure
X-Spampanel-Outgoing-Evidence: Combined (0.15)
X-Recommended-Action: accept
X-Filter-ID: Mvzo4OR0dZXEDF/gcnlw0fwuhl+SFh+udCLiTeLN1rOpSDasLI4SayDByyq9LIhVUZbR67CQ7/vm /hHDJU4RXkTNWdUk1Ol2OGx3IfrIJKywOmJyM1qr8uRnWBrbSAGDwPzgJ2Ucltmld9WkfaJBY9Xt FNSzkMWnDricnMrpFJo7jrsrcRCqwlxKt1+/JTf4QVFPFt+4EqMnp4CTDhVg0lKlzDUUdXZXKiJE 9FAeBYpBbCpe79Kozx0nomzoHNuEUE6zyPc6aUCdl00F/tjba+42Vki7412dpbhrD2d47zbC3VvU djSCswikK/licfX+oIF6uBSWByrPG2Vxuo/vVPllrFEbCkMryfcYCsgMUJObfBQoU3roWy2GH1DY sAiH3gousbgNfxi2R3uFLvZP/HBXvrLBlKCVRjjdPbjQ4HnBNho1Lszw5OO01yYoll8q2UgzFF+j HNSbIoW1Q++Wvj3dKxLhoxcmaInYbR5vlqFg3eKzPG9E5MikC2dVXWcpK172i/E5sOgbaCtBiSIx 1XwCY8vmv+JqOVJamBHfOGVwjn7Xut/lXagsodd5qqODTFiwcpU4fyz75jxpU98RPGiH1Wgh6RAe nBR+licROGb39x3Pp0qQsqDkbqmcZOiQ00yoa+Dg6Nzs0x/RbDKRZylKfkk1Bjpj1vOdQDSBul8r cuyeNztZhTczEttfN8GcQie12lTu81QucaD9n7tPrXuXCC1A5Cukky0WFo38JXT3Y80OmAux3oN1 3+ztUzneJY/SUg2OMuRb1WRtnhDS2L83o7TP54FLJfg9sR3SxHJY01FK36PnKBWhoKPQEFA61okn CR9uq20ItWEyC7AwtYW+axx2DzNv8BNlsyaVn+X+DBOgCUAeAqysZMkjto44z1caQoi44Wcfj1z/ J5tTt7j1ptfltBQnq8NvNwuG6kuhBG0YWFj/7xYZzwR7/PiKfowXlsolACJrkW/vjDp2NmSdEOMf tBjsWb6BDQzjSsG66974nkMwEqjhfSKHlA2Q3p5onVdn12r9xqR15ROHBesyXD9BkbKX7eGI2jGt /RQxL7hrJSk60SF3F6RYOYr2
X-Report-Abuse-To: spam@quarantine11.antispamcloud.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/dns-privacy/xw2ogqbuZchnvAE0mNzcaKALClk>
Subject: Re: [dns-privacy] NS names, was re-evaluation of the draft, was Re: [Fwd: New Version Notification for draft-vandijk-dprive-ds-dot-signal-and-pin-00.txt]
X-BeenThere: dns-privacy@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <dns-privacy.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dns-privacy/>
List-Post: <mailto:dns-privacy@ietf.org>
List-Help: <mailto:dns-privacy-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 10 Jun 2020 03:43:57 -0000
On 6/9/2020 12:21 PM, Shumon Huque wrote: > On Tue, Jun 9, 2020 at 2:31 PM John Levine <johnl@taugh.com > <mailto:johnl@taugh.com>> wrote: > > In article > <CAHPuVdUoZVecj5Jfd6NxyJ-cRhTJTS1N8vcC5pC3uWQECLOCnQ@mail.gmail.com > <mailto:CAHPuVdUoZVecj5Jfd6NxyJ-cRhTJTS1N8vcC5pC3uWQECLOCnQ@mail.gmail.com>> > you write: > >Well, the client could just use the zone name as the SNI, no? You > can assign > >certificates with the same name but different keys to each of the > >nameservers. > > That sounds quite painful for servers that serve hundreds or > thousands of zones. > > > That's a good point John. It might pose an impediment for them. Anyway, > I'm not suggesting we adopt my idea yet. I'm just trying to talk > through the > possibilities and pros & cons first. > > I am assuming these would be self-signed certs. If you want them > signed there's an additional bootstrap problem since the CA everyone > uses, Let's Encrypt, needs working DNS to sign a cert. > > > My assumption is that most would be self signed, or self-issued by the > domain (DANE-TA). I did mention the possibility of supporting the > PKIX modes earlier too, but now that I think about it, there are > additional issues there. An org may be willing to handout public CA > issued certs for their main domain name to outsourced nameserver > operators. So to be acceptable, this would need to have more > compartmentalized security properties, such as the use of things > like SRVName SAN or similar application specific certificate identities, > which rules out public CAs, since none of them support those. There are two tests that matter: first, verify that the NS record is genuine and that the designated server is indeed the server chosen by the target domain; two, verify that the TLS connection terminates at the specified server. It is tempting to take a shortcut and merely verify that the TLS connection terminates at a server authorized by the target domain, but I don't think that's a good idea. John pointed out a management issue: the server would have to manage a large set of certificates, one for each domain it serves. But on top of the management issue, there are also performance issues and privacy issues. TLS authenticates the server during the connection handshake. That means one authentication per connection. In the case of a resolver accessing several domains served by the same big server, that means establishing separate TLS connections for each target domain, instead of establishing just one connection. That will clearly impact performances, but there is also a privacy aspect. In the absence of SNI encryption, the SNI can be observed. If the SNI just carries the name of the name server, no big deal. But if it carries the name of the target domain, the exchange reveals that this particular resolver queried that particular domain. Mix that with observation of the traffic to the recursive resolver, and you have an interesting privacy leak. In fact, even if SNI encryption is used, you still have a privacy leak. Third parties can observe that a request to the recursive resolver triggered a new connection to the authoritative server, and can infer that the query was for a rarely used domain served by that server. Not quite as bad as leaking the actual name of the target domain, but still a piece of information that can be used for further inferences. It seems prudent to require that a single connection between a recursive resolver and an authoritative server can be used for requests to all domains served by that authoritative server. That's better for both performance and privacy. -- Christian Huitema -- Christian Huitema
- [dns-privacy] [Fwd: New Version Notification for … Peter van Dijk
- Re: [dns-privacy] [Fwd: New Version Notification … Mikael Abrahamsson
- Re: [dns-privacy] [Fwd: New Version Notification … Jeremy Harris
- Re: [dns-privacy] [Fwd: New Version Notification … Paul Wouters
- Re: [dns-privacy] [Fwd: New Version Notification … Peter van Dijk
- Re: [dns-privacy] [Fwd: New Version Notification … Peter van Dijk
- Re: [dns-privacy] [Fwd: New Version Notification … Petr Špaček
- Re: [dns-privacy] [Fwd: New Version Notification … Peter van Dijk
- Re: [dns-privacy] [Fwd: New Version Notification … Paul Wouters
- Re: [dns-privacy] [Fwd: New Version Notification … Christian Huitema
- Re: [dns-privacy] [Fwd: New Version Notification … Peter van Dijk
- Re: [dns-privacy] [Fwd: New Version Notification … Paul Wouters
- Re: [dns-privacy] [Fwd: New Version Notification … Peter van Dijk
- Re: [dns-privacy] [Fwd: New Version Notification … Ondřej Surý
- Re: [dns-privacy] [Fwd: New Version Notification … Peter van Dijk
- Re: [dns-privacy] [Fwd: New Version Notification … Paul Wouters
- Re: [dns-privacy] [Fwd: New Version Notification … Peter van Dijk
- Re: [dns-privacy] [Fwd: New Version Notification … Peter van Dijk
- Re: [dns-privacy] [Fwd: New Version Notification … Ben Schwartz
- Re: [dns-privacy] [Fwd: New Version Notification … Petr Špaček
- Re: [dns-privacy] [Fwd: New Version Notification … Peter van Dijk
- Re: [dns-privacy] [Fwd: New Version Notification … Ben Schwartz
- Re: [dns-privacy] [Fwd: New Version Notification … Tony Finch
- Re: [dns-privacy] [Fwd: New Version Notification … Paul Wouters
- Re: [dns-privacy] [Fwd: New Version Notification … Ben Schwartz
- Re: [dns-privacy] [Fwd: New Version Notification … Paul Wouters
- Re: [dns-privacy] [Fwd: New Version Notification … Paul Wouters
- Re: [dns-privacy] [Fwd: New Version Notification … Stephen Farrell
- Re: [dns-privacy] [Fwd: New Version Notification … Petr Špaček
- Re: [dns-privacy] [Fwd: New Version Notification … Paul Wouters
- Re: [dns-privacy] [Fwd: New Version Notification … Shumon Huque
- Re: [dns-privacy] [Fwd: New Version Notification … Eric Rescorla
- Re: [dns-privacy] [Fwd: New Version Notification … Paul Wouters
- Re: [dns-privacy] [Fwd: New Version Notification … Eric Rescorla
- Re: [dns-privacy] [Fwd: New Version Notification … Ben Schwartz
- Re: [dns-privacy] [Fwd: New Version Notification … Paul Wouters
- Re: [dns-privacy] [Fwd: New Version Notification … Petr Špaček
- Re: [dns-privacy] [Fwd: New Version Notification … Peter van Dijk
- Re: [dns-privacy] [Fwd: New Version Notification … Peter van Dijk
- Re: [dns-privacy] [Fwd: New Version Notification … Peter van Dijk
- Re: [dns-privacy] [Fwd: New Version Notification … Tony Finch
- Re: [dns-privacy] [Fwd: New Version Notification … Paul Wouters
- Re: [dns-privacy] [Fwd: New Version Notification … Paul Wouters
- Re: [dns-privacy] [Fwd: New Version Notification … Peter van Dijk
- Re: [dns-privacy] [Fwd: New Version Notification … Paul Wouters
- Re: [dns-privacy] [Fwd: New Version Notification … Peter van Dijk
- Re: [dns-privacy] [Fwd: New Version Notification … Peter van Dijk
- Re: [dns-privacy] [Fwd: New Version Notification … Peter van Dijk
- Re: [dns-privacy] [Fwd: New Version Notification … Paul Wouters
- Re: [dns-privacy] [Fwd: New Version Notification … Paul Wouters
- Re: [dns-privacy] [Fwd: New Version Notification … Christian Huitema
- Re: [dns-privacy] [Fwd: New Version Notification … Peter van Dijk
- [dns-privacy] re-evaluation of the draft, was Re:… Paul Wouters
- Re: [dns-privacy] re-evaluation of the draft, was… Robin Geuze
- Re: [dns-privacy] re-evaluation of the draft, was… Shumon Huque
- Re: [dns-privacy] re-evaluation of the draft, was… Peter van Dijk
- Re: [dns-privacy] re-evaluation of the draft, was… Shumon Huque
- Re: [dns-privacy] NS names, was re-evaluation of … John Levine
- Re: [dns-privacy] NS names, was re-evaluation of … Shumon Huque
- Re: [dns-privacy] re-evaluation of the draft, was… Paul Wouters
- Re: [dns-privacy] NS names, was re-evaluation of … Christian Huitema
- Re: [dns-privacy] re-evaluation of the draft, was… Peter van Dijk
- Re: [dns-privacy] NS names, was re-evaluation of … Shumon Huque
- Re: [dns-privacy] NS names, was re-evaluation of … Paul Wouters
- Re: [dns-privacy] NS names, was re-evaluation of … Shumon Huque
- Re: [dns-privacy] NS names, was re-evaluation of … Bill Woodcock
- Re: [dns-privacy] NS names, was re-evaluation of … Shumon Huque
- Re: [dns-privacy] NS names, was re-evaluation of … Bill Woodcock
- Re: [dns-privacy] NS names, was re-evaluation of … John R Levine
- Re: [dns-privacy] NS names, was re-evaluation of … Brian Dickson
- Re: [dns-privacy] bootstrapping NS names, was re-… John Levine
- Re: [dns-privacy] bootstrapping NS names, was re-… Brian Dickson
- Re: [dns-privacy] bootstrapping NS names, was re-… John R Levine