Re: [DNSOP] some random dnse-triggered thoughts
Jelte Jansen <jelte.jansen@sidn.nl> Wed, 05 March 2014 15:03 UTC
Return-Path: <Jelte.Jansen@sidn.nl>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 763D91A0072 for <dnsop@ietfa.amsl.com>; Wed, 5 Mar 2014 07:03:14 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.153
X-Spam-Level:
X-Spam-Status: No, score=-0.153 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HELO_EQ_NL=0.55, HOST_EQ_NL=1.545, MIME_8BIT_HEADER=0.3, RP_MATCHES_RCVD=-0.547, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id T2dMGtXeOW-1 for <dnsop@ietfa.amsl.com>; Wed, 5 Mar 2014 07:03:13 -0800 (PST)
Received: from arn2-kamx.sidn.nl (kamx.sidn.nl [IPv6:2a00:d78:0:147:94:198:152:69]) by ietfa.amsl.com (Postfix) with ESMTP id 6017A1A019E for <dnsop@ietf.org>; Wed, 5 Mar 2014 07:03:13 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; d=sidn.nl; s=sidn_nl; c=relaxed/relaxed; h=message-id:date:from:user-agent:mime-version:to:cc:subject:references:in-reply-to:x-enigmail-version:content-type:content-transfer-encoding:x-originating-ip; bh=cZy883B5TkOCZmF0iWtjsDN6uhj99QEEghrLoCM9BBA=; b=T6wxMeFypoE7vrbnO1HWp3TAf4UepO8i4/r5qxD3TGFGfWDHi2s9ctCALXJPsi7ahXCXusziBqU0unKuqweWK5uf6CBI5vsL7u/2TRc6Z2aAVIFIYJq+Uebqkm5La+38Bvh2ThZum13hQQXadK2wxi8nx3iDOdmqmN77llnSwzE=
Received: from kahubcasn01.SIDN.local ([192.168.2.73]) by arn2-kamx.sidn.nl with ESMTP id s25F34F5028292-s25F34F7028292 (version=TLSv1.0 cipher=AES128-SHA bits=128 verify=CAFAIL); Wed, 5 Mar 2014 16:03:04 +0100
Received: from [94.198.152.219] (94.198.152.219) by kahubcasn01.SIDN.local (192.168.2.77) with Microsoft SMTP Server (TLS) id 14.3.174.1; Wed, 5 Mar 2014 16:03:01 +0100
Message-ID: <53173CA2.1080507@sidn.nl>
Date: Wed, 05 Mar 2014 15:02:58 +0000
From: Jelte Jansen <jelte.jansen@sidn.nl>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20131103 Icedove/17.0.10
MIME-Version: 1.0
To: João Damas <joao@bondis.org>
References: <B63680DF-C56B-4AEB-9F76-A01FA2625D32@hopcount.ca> <20140305141235.GA17117@laperouse.bortzmeyer.org> <837FE9BE-1EC4-4E2B-97F3-7C123F25BB55@bondis.org>
In-Reply-To: <837FE9BE-1EC4-4E2B-97F3-7C123F25BB55@bondis.org>
X-Enigmail-Version: 1.6
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 8bit
X-Originating-IP: [94.198.152.219]
Archived-At: http://mailarchive.ietf.org/arch/msg/dnsop/audIYzK6otiBvMOuR2-1szz2eCw
Cc: "dnsop@ietf.org WG" <dnsop@ietf.org>, Joe Abley <jabley@hopcount.ca>
Subject: Re: [DNSOP] some random dnse-triggered thoughts
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 05 Mar 2014 15:03:14 -0000
On 03/05/2014 02:40 PM, João Damas wrote: > > perhaps there is a need to separate the problem into tractable > chunks. For the part of the problem about authenticating the > recursive resolver (the fake 8.8.8.8 problem) we probably a > different solution than for the metadata snooping problem (who is > asking for what). Perhaps it might be the case there are already > existing features that can be used to get what we need (e.g. SIG(0) > for the recursive resolver, wild!) and, as Roy Arends was > mentioning over a few drinks, onion-like routing to separate the > who from the what in questions in an effective manner. These could > be even user-triggered on demand for certain traffic types (For > instance as a consequence of turning on private browsing in a > browser), so the overhead penalties are only incurred for the > desired subset of traffic. > +1. I don't want to fight about requirements for 10 years, and it does look like there are different and competing views as to what constitutes confidentiality here. So a split into several problems, which can have shared or separate solutions, seems like a good start. Jelte
- [DNSOP] some random dnse-triggered thoughts Joe Abley
- Re: [DNSOP] some random dnse-triggered thoughts Stephane Bortzmeyer
- Re: [DNSOP] some random dnse-triggered thoughts João Damas
- Re: [DNSOP] some random dnse-triggered thoughts Jelte Jansen
- Re: [DNSOP] some random dnse-triggered thoughts Tim Wicinski