[DNSOP] DNS privacy and AS 112: the case of home.arpa
Stephane Bortzmeyer <bortzmeyer@nic.fr> Mon, 11 December 2017 09:01 UTC
Return-Path: <bortzmeyer@nic.fr>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EB44D1200F3 for <dnsop@ietfa.amsl.com>; Mon, 11 Dec 2017 01:01:01 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.9
X-Spam-Level:
X-Spam-Status: No, score=-6.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rYuo9TuU36oX for <dnsop@ietfa.amsl.com>; Mon, 11 Dec 2017 01:00:54 -0800 (PST)
Received: from mx4.nic.fr (mx4.nic.fr [IPv6:2001:67c:2218:2::4:12]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3106A1287A0 for <dnsop@ietf.org>; Mon, 11 Dec 2017 01:00:54 -0800 (PST)
Received: from mx4.nic.fr (localhost [127.0.0.1]) by mx4.nic.fr (Postfix) with SMTP id 1543B2816FD for <dnsop@ietf.org>; Mon, 11 Dec 2017 10:00:52 +0100 (CET)
Received: by mx4.nic.fr (Postfix, from userid 500) id 1043C28171A; Mon, 11 Dec 2017 10:00:52 +0100 (CET)
Received: from relay01.prive.nic.fr (relay01.prive.nic.fr [IPv6:2001:67c:2218:15::11]) by mx4.nic.fr (Postfix) with ESMTP id D59DC2816FD for <dnsop@ietf.org>; Mon, 11 Dec 2017 10:00:51 +0100 (CET)
Received: from b12.nic.fr (b12.tech.ipv6.nic.fr [IPv6:2001:67c:1348:7::86:133]) by relay01.prive.nic.fr (Postfix) with ESMTP id D28F76427BE0 for <dnsop@ietf.org>; Mon, 11 Dec 2017 10:00:51 +0100 (CET)
Received: by b12.nic.fr (Postfix, from userid 1000) id C4DC640044; Mon, 11 Dec 2017 10:00:51 +0100 (CET)
Date: Mon, 11 Dec 2017 10:00:51 +0100
From: Stephane Bortzmeyer <bortzmeyer@nic.fr>
To: dnsop@ietf.org
Message-ID: <20171211090051.qjoruin7nkdjsnvd@nic.fr>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
X-Operating-System: Debian GNU/Linux 9.2
X-Kernel: Linux 4.9.0-3-amd64 x86_64
X-Charlie: Je suis Charlie
Organization: NIC France
X-URL: http://www.nic.fr/
User-Agent: NeoMutt/20170113 (1.7.2)
X-Bogosity: No, tests=bogofilter, spamicity=0.000019, version=1.2.2
X-PMX-Version: 6.0.0.2142326, Antispam-Engine: 2.7.2.2107409, Antispam-Data: 2017.12.11.85116
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/ehV3rwKvmSOBpBrL29JdIsmwICo>
Subject: [DNSOP] DNS privacy and AS 112: the case of home.arpa
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 11 Dec 2017 09:01:02 -0000
During the discussions about draft-bortzmeyer-dname-root or about draft-wkumari-dnsop-internal, there have been many remarks about the risk for privacy if we delegate things to AS 112: unlike the root (or .arpa), AS 112 is managed by many different people we don't know and cannot know. So, leaked requests are more at risk of surveillance with AS 112. But I notice that draft-ietf-homenet-dot, currently in the RFC Editor queue, delegates home.arpa to AS 112, in its section 7 (unless I'm wrong, it will be the first delegation to the new AS 112, the one with DNAME, described in RFC 7535). Does it mean the privacy problem is solved? Or simply overlooked? Can we delegate RFC 6761 special-use domains such as .internal to AS 112?
- [DNSOP] DNS privacy and AS 112: the case of home.… Stephane Bortzmeyer
- Re: [DNSOP] DNS privacy and AS 112: the case of h… Paul Vixie
- Re: [DNSOP] DNS privacy and AS 112: the case of h… Stephane Bortzmeyer
- Re: [DNSOP] DNS privacy and AS 112: the case of h… Paul Vixie
- Re: [DNSOP] DNS privacy and AS 112: the case of h… Joe Abley
- Re: [DNSOP] DNS privacy and AS 112: the case of h… Mark Andrews
- Re: [DNSOP] [Ext] Re: DNS privacy and AS 112: the… Kim Davies
- Re: [DNSOP] [Ext] DNS privacy and AS 112: the cas… Mark Andrews
- Re: [DNSOP] DNS privacy and AS 112: the case of h… Ted Lemon
- Re: [DNSOP] DNS privacy and AS 112: the case of h… Stephane Bortzmeyer
- Re: [DNSOP] DNS privacy and AS 112: the case of h… Joe Abley
- Re: [DNSOP] DNS privacy and AS 112: the case of h… Mark Andrews
- Re: [DNSOP] DNS privacy and AS 112: the case of h… Ted Lemon
- Re: [DNSOP] DNS privacy and AS 112: the case of h… Joe Abley
- Re: [DNSOP] DNS privacy and AS 112: the case of h… Joe Abley
- Re: [DNSOP] DNS privacy and AS 112: the case of h… Mark Andrews
- Re: [DNSOP] DNS privacy and AS 112: the case of h… Joe Abley
- Re: [DNSOP] DNS privacy and AS 112: the case of h… Ted Lemon
- Re: [DNSOP] DNS privacy and AS 112: the case of h… Mark Andrews
- Re: [DNSOP] DNS privacy and AS 112: the case of h… Stephane Bortzmeyer