IETF Logo Mail Archive

Re: [DNSOP] DNS privacy draft

Stephane Bortzmeyer <bortzmeyer@nic.fr> Tue, 03 December 2013 22:23 UTC

Return-Path: <bortzmeyer@nic.fr>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 392A91AE181 for <dnsop@ietfa.amsl.com>; Tue, 3 Dec 2013 14:23:11 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id JvuWM-uxXfvg for <dnsop@ietfa.amsl.com>; Tue, 3 Dec 2013 14:23:09 -0800 (PST)
Received: from mail.bortzmeyer.org (aetius.bortzmeyer.org [217.70.190.232]) by ietfa.amsl.com (Postfix) with ESMTP id C399A1ADDA0 for <dnsop@ietf.org>; Tue, 3 Dec 2013 14:23:09 -0800 (PST)
Received: by mail.bortzmeyer.org (Postfix, from userid 10) id CA15539B56; Tue, 3 Dec 2013 22:23:06 +0000 (UTC)
Received: by mail.sources.org (Postfix, from userid 1000) id 64002CB388; Tue, 3 Dec 2013 23:20:16 +0100 (CET)
Date: Tue, 03 Dec 2013 23:20:16 +0100
From: Stephane Bortzmeyer <bortzmeyer@nic.fr>
To: Warren Kumari <warren@kumari.net>
Message-ID: <20131203222016.GE5689@sources.org>
References: <1ACF9F7F-8D5B-4671-8DD4-213A984CBB3F@vpnc.org> <20131127153627.GA30675@nic.fr> <F033D08E-E08F-41FB-B6B1-C3B0F3417C94@vpnc.org> <20131201200931.GA31672@sources.org> <837E4222-85CD-47E3-B44F-5735F3D109EF@vpnc.org> <AC03AF8C-1921-404F-B90B-43B7B6EF14CA@nominum.com> <AD690D03-DE67-4B30-B0BB-93EA072EF1B8@vpnc.org> <3984C2A6-D6A6-4EFB-A484-67F6D92A1646@ucd.ie> <20131202075750.GA28341@nic.fr> <B05D353D-BB98-4CC4-9FF8-CEBDA459E200@kumari.net>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <B05D353D-BB98-4CC4-9FF8-CEBDA459E200@kumari.net>
X-Transport: UUCP rules
X-Operating-System: Debian GNU/Linux 7.2
User-Agent: Mutt/1.5.21 (2010-09-15)
Cc: dnsop WG <dnsop@ietf.org>
Subject: Re: [DNSOP] DNS privacy draft
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 03 Dec 2013 22:23:11 -0000

On Mon, Dec 02, 2013 at 01:13:26PM -0500,
 Warren Kumari <warren@kumari.net> wrote 
 a message of 35 lines which said:

> > OK. And do note "chaff" may be a by-product of
> > draft-wkumari-dnsop-hammer.
> 
> Um, please explain.
> 
> Hammer (and the various similar, actually implemented things) simply
> trigger lookups a few seconds before the TTL would naturally expire
> *in response to an incoming query*.

OK, I was too fast, sorry. Hammer itself does not scramble the stream
of requests. So, I withdraw the reference to Hammer.

Still, sending gratuitous queries, without an incoming query and
without waiting for the expiration, may be a good strategy for a
resolver to make traffic analysis more difficult for the eavesdropper
(or for the authoritative name servers).

v2.23.0 | Report a Bug | By Email