IETF Logo Mail Archive

[DNSOP] Re: An Interplanetary DNS Model

Lorenzo Breda <lorenzo@lbreda.com> Wed, 24 July 2024 18:43 UTC

Return-Path: <lorenzo@lbreda.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A87DEC15108B; Wed, 24 Jul 2024 11:43:01 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.006
X-Spam-Level:
X-Spam-Status: No, score=-2.006 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, MIME_HEADER_CTYPE_ONLY=0.1, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=lbreda.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5dZVV-OIjcpW; Wed, 24 Jul 2024 11:42:57 -0700 (PDT)
Received: from mail.lbreda.com (lbreda.com [146.59.198.160]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 86E62C14F699; Wed, 24 Jul 2024 11:42:57 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=lbreda.com; s=mail2019; t=1721846575; bh=PnACXKevGNpUhO7VYiVL9m3EseVqEZZS/GY/L8/NR+I=; h=References:In-Reply-To:From:Date:Subject:To:Cc:From; b=iRfkRss/xqs04zrK7ARQdkKTT692PXLMDqhBMrFc5Ytz//2UAFDfEYZTNcvf+A+D7 NjpsgXA9nh8aYAFVNEoYcS8P+c3G7UmxfSd3sd8R5PLHnJCs0M9SqdPbyXeB7ycr61 MHUelTYV0RE++fPnPxTjFhqlO02zqm/QoPJ2XNQOp6sRwMX5qTB6ti8do2LTn6Fa0k O8bMgOecTk0fP0p5wnajdK5Fq6PHhgn5Tz+pZR8NWuEehVskWEC03QZ5Wuj3401DHX qWnWgIXfS13AX2BWvRqlmCXZ3OxWOuAwjPcLIAAyLG4gmAmyipHS9dPR4TV/atV7D/ tU0vP+GO+BhHA==
Received: by mail-lf1-f50.google.com with SMTP id 2adb3069b0e04-52f04b4abdcso16839e87.2; Wed, 24 Jul 2024 11:42:55 -0700 (PDT)
X-Forwarded-Encrypted: i=1; AJvYcCWq4T3t0zE/IOR/U/htOPGxGfo5mHCtOlZyKRuIztc5M9JcWdj5TgvsWhfBYejlyCmiumOK/XH7gXBtvHBWcg==
X-Gm-Message-State: AOJu0YwLdjH3i0EETYSAwtm9dyV9rh6HjAQywBtofO7Y7OT3hBk5c84p kSsbLtriEO9ZmiYlAwI+r/wFU5L/gKxtG1WDqOtxUmYkcQfcYQB9IjE6RgmJitx7hmzf7ENdonu PlIKWa6mbMfLGlU+FssPnDROeDGk=
X-Google-Smtp-Source: AGHT+IE8xnVG1sHV0lFmps1XBeQtBlWyLbyI5+Q4JAelx4Opz277e6wQbmU03ExCMimaSo1bHoqMFtraTU3tp/mMgeg=
X-Received: by 2002:a05:6512:1395:b0:52c:e393:6634 with SMTP id 2adb3069b0e04-52fd3f2cdabmr440997e87.33.1721846572900; Wed, 24 Jul 2024 11:42:52 -0700 (PDT)
References: <65daf988-f696-4f35-5a72-5b11ef4893b8@spacelypackets.com> <CAEhHO_MaUFraCuur2uYEBrRcdKUty3ZwoPsFeP3V1iXf5vQxxA@mail.gmail.com> <b098f7cb-e42b-c7e4-56b8-dcb9125c17e9@spacelypackets.com> <CAEhHO_P4VmCC0VfxHRPdnvUzzwamMThbcuQAp1N98yWTCd-Bsg@mail.gmail.com> <0685c4ca-0b10-d7a8-ccd4-507dc6755d1a@spacelypackets.com>
In-Reply-To: <0685c4ca-0b10-d7a8-ccd4-507dc6755d1a@spacelypackets.com>
From: Lorenzo Breda <lorenzo@lbreda.com>
Date: Wed, 24 Jul 2024 20:42:40 +0200
X-Gmail-Original-Message-ID: <CAEhHO_PbrkKqaJsBD+Fih+i1rY5YN+9=Y-fNUpOp2PfXL+hAuA@mail.gmail.com>
Message-ID: <CAEhHO_PbrkKqaJsBD+Fih+i1rY5YN+9=Y-fNUpOp2PfXL+hAuA@mail.gmail.com>
To: Scott Johnson <scott@spacelypackets.com>
Content-Type: multipart/alternative; boundary="00000000000055f4cd061e02a5cb"
Message-ID-Hash: OKBX6UNNH2A5OSTX3Z5I2BBW54UIGLJI
X-Message-ID-Hash: OKBX6UNNH2A5OSTX3Z5I2BBW54UIGLJI
X-MailFrom: lorenzo@lbreda.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-dnsop.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: dtn@ietf.org, dnsop@ietf.org
X-Mailman-Version: 3.3.9rc4
Precedence: list
Subject: [DNSOP] Re: An Interplanetary DNS Model
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/Cfwc8fv1ss2IzyA4c9mKbd-Dupo>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Owner: <mailto:dnsop-owner@ietf.org>
List-Post: <mailto:dnsop@ietf.org>
List-Subscribe: <mailto:dnsop-join@ietf.org>
List-Unsubscribe: <mailto:dnsop-leave@ietf.org>

Il giorno mer 24 lug 2024 alle ore 09:02 Scott Johnson <
scott@spacelypackets.com> ha scritto:

> Hi Lorenzo,
>
> [omissis]
>
> Pardon the background tangent;
>

It was pretty interesting.


> I will now address your point regarding
> valid URIs in one network becoming invalid URIs in another, and how this
> can be addressed.  As noted above, there are two places, BP network
> ingress and egress, in which there is a break in segmented
> (HTTPS/IP<-BPSEC/BP->HTTPS/IP) protection.  It is at this place where
> tampering could take place.  I don't see this as a bug, but a feature.
> This is the place where we take the IP payload, turn it into a BP payload,
> and extract data from the application headers to be placed in a BP
> extension block, which is used to construct the remote request. This can
> also be the place where .earth can be appended to any url in the body of
> an email or web page, etc destined for somewhere other than Earth.  Don't
> get me wrong;  I am no fan of deep packet inspection, or breaking privacy
> or integrity.  This model is designed to ensure cryptographic protection
> throughout the "on-wire" delivery, but operational constraints dictate
> that this happens in a segmented fashion.
>

Deep packet inspection is a technical issue, rather than a "merely"
governance one. The inspection/correction system would need to have a
pretty good knowledge about the structure of the transmission, it would be
break signatures (eg on API payloads and on emails, which both are useful
applications on the system you described - emails are unexpectedly
surviving any evolution of the Internet) and it wouldn't work on
transmissions which are encrypted on a message level (encrypted documents,
emails).

Why are you against leaving the current TLDs implicitly on Earth by default?

-- 
Lorenzo Breda

v2.39.1 | Report a Bug | By Email | System Status