IETF Logo Mail Archive

[DNSOP] DNS privacy and AS 112: the case of home.arpa

Stephane Bortzmeyer <bortzmeyer@nic.fr> Mon, 11 December 2017 09:01 UTC

Return-Path: <bortzmeyer@nic.fr>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EB44D1200F3 for <dnsop@ietfa.amsl.com>; Mon, 11 Dec 2017 01:01:01 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.9
X-Spam-Level:
X-Spam-Status: No, score=-6.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rYuo9TuU36oX for <dnsop@ietfa.amsl.com>; Mon, 11 Dec 2017 01:00:54 -0800 (PST)
Received: from mx4.nic.fr (mx4.nic.fr [IPv6:2001:67c:2218:2::4:12]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3106A1287A0 for <dnsop@ietf.org>; Mon, 11 Dec 2017 01:00:54 -0800 (PST)
Received: from mx4.nic.fr (localhost [127.0.0.1]) by mx4.nic.fr (Postfix) with SMTP id 1543B2816FD for <dnsop@ietf.org>; Mon, 11 Dec 2017 10:00:52 +0100 (CET)
Received: by mx4.nic.fr (Postfix, from userid 500) id 1043C28171A; Mon, 11 Dec 2017 10:00:52 +0100 (CET)
Received: from relay01.prive.nic.fr (relay01.prive.nic.fr [IPv6:2001:67c:2218:15::11]) by mx4.nic.fr (Postfix) with ESMTP id D59DC2816FD for <dnsop@ietf.org>; Mon, 11 Dec 2017 10:00:51 +0100 (CET)
Received: from b12.nic.fr (b12.tech.ipv6.nic.fr [IPv6:2001:67c:1348:7::86:133]) by relay01.prive.nic.fr (Postfix) with ESMTP id D28F76427BE0 for <dnsop@ietf.org>; Mon, 11 Dec 2017 10:00:51 +0100 (CET)
Received: by b12.nic.fr (Postfix, from userid 1000) id C4DC640044; Mon, 11 Dec 2017 10:00:51 +0100 (CET)
Date: Mon, 11 Dec 2017 10:00:51 +0100
From: Stephane Bortzmeyer <bortzmeyer@nic.fr>
To: dnsop@ietf.org
Message-ID: <20171211090051.qjoruin7nkdjsnvd@nic.fr>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
X-Operating-System: Debian GNU/Linux 9.2
X-Kernel: Linux 4.9.0-3-amd64 x86_64
X-Charlie: Je suis Charlie
Organization: NIC France
X-URL: http://www.nic.fr/
User-Agent: NeoMutt/20170113 (1.7.2)
X-Bogosity: No, tests=bogofilter, spamicity=0.000019, version=1.2.2
X-PMX-Version: 6.0.0.2142326, Antispam-Engine: 2.7.2.2107409, Antispam-Data: 2017.12.11.85116
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/ehV3rwKvmSOBpBrL29JdIsmwICo>
Subject: [DNSOP] DNS privacy and AS 112: the case of home.arpa
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 11 Dec 2017 09:01:02 -0000

During the discussions about draft-bortzmeyer-dname-root or about
draft-wkumari-dnsop-internal, there have been many remarks about the
risk for privacy if we delegate things to AS 112: unlike the root (or
.arpa), AS 112 is managed by many different people we don't know and
cannot know. So, leaked requests are more at risk of surveillance with
AS 112.

But I notice that draft-ietf-homenet-dot, currently in the RFC Editor
queue, delegates home.arpa to AS 112, in its section 7 (unless I'm
wrong, it will be the first delegation to the new AS 112, the one with
DNAME, described in RFC 7535).

Does it mean the privacy problem is solved? Or simply overlooked? Can
we delegate RFC 6761 special-use domains such as .internal to AS 112?

v2.23.0 | Report a Bug | By Email