Re: [DNSOP] private-use in-meeting chat comments

Tony Finch <dot@dotat.at> Fri, 20 November 2020 00:10 UTC

Return-Path: <dot@dotat.at>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BF2273A0E52; Thu, 19 Nov 2020 16:10:16 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.896
X-Spam-Level:
X-Spam-Status: No, score=-1.896 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id t1wuGy9noGz4; Thu, 19 Nov 2020 16:10:15 -0800 (PST)
Received: from ppsw-40.csi.cam.ac.uk (ppsw-40.csi.cam.ac.uk [131.111.8.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 45CB43A0E4B; Thu, 19 Nov 2020 16:10:15 -0800 (PST)
X-Cam-AntiVirus: no malware found
X-Cam-ScannerInfo: http://help.uis.cam.ac.uk/email-scanner-virus
Received: from grey.csi.cam.ac.uk ([131.111.57.57]:46226) by ppsw-40.csi.cam.ac.uk (ppsw.cam.ac.uk [131.111.8.138]:25) with esmtps (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) id 1kfu0D-000WzX-m4 (Exim 4.92.3) (return-path <dot@dotat.at>); Fri, 20 Nov 2020 00:10:13 +0000
Date: Fri, 20 Nov 2020 00:10:13 +0000
From: Tony Finch <dot@dotat.at>
To: Eric Orth <ericorth=40google.com@dmarc.ietf.org>
cc: "dnsop@ietf.org WG" <dnsop@ietf.org>, Brian Dickson <brian.peter.dickson@gmail.com>
In-Reply-To: <CAMOjQcEO=qQhk8y4u7e7oVRfqH_YiaDg9=oZVxD4vkrNR1SKnQ@mail.gmail.com>
Message-ID: <alpine.DEB.2.20.2011200001260.26481@grey.csi.cam.ac.uk>
References: <CAH1iCirk5X9xOFmABQU9X9G92eQrePPuOwgXVHd4zza4kK9SwA@mail.gmail.com> <alpine.DEB.2.20.2011172127200.9850@grey.csi.cam.ac.uk> <CAMOjQcEO=qQhk8y4u7e7oVRfqH_YiaDg9=oZVxD4vkrNR1SKnQ@mail.gmail.com>
User-Agent: Alpine 2.20 (DEB 67 2015-01-07)
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/zAUEtaZ6iY2e7Yed9IDSI1KZqKs>
Subject: Re: [DNSOP] private-use in-meeting chat comments
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 20 Nov 2020 00:10:17 -0000

Eric Orth <ericorth=40google.com@dmarc.ietf.org> wrote:
> On Tue, Nov 17, 2020 at 4:46 PM Tony Finch <dot@dotat.at> wrote:
> >
> > There's also a privacy leak: if you assign a unique subdomain then when a
> > device roams and leaks queries for the private domain, the device can be
> > tracked and correlated with other devices that use the same private
> > domain.
> >
>
> What if, in whatever hypothetical solution is using this, it is reasonable
> for devices to always regenerate the names they are using on changing
> networks? At least in such hypothetical cases, it seems the privacy danger
> would be significantly mitigated, right? (Maybe we're getting too far into
> unknown hypotheticals without finding actual usecases or implementors that
> want this.)

Ah, oops, I need to clarify: the private domain might be a per-CPE domain
or an enterprise internal domain; the device is someone's phone or laptop
which roams between multiple networks. The private domain is handed to the
roaming device, and the device doesn't know (isn't told, and can't be told
with current protocols) that the domain name is supposed to be private to
the network. So the device is likely to keep asking about names of
services in the private domain regardless of the network it is connected
to, and thereby leak private information.

Tony.
-- 
f.anthony.n.finch  <dot@dotat.at>  http://dotat.at/
Southeast Iceland: Southeasterly 6 to gale 8, decreasing 4 or 5, then becoming
cyclonic 7 to severe gale 9, occasionally storm 10 later in south. Rough or
very rough, becoming high or very high later in south. Rain, squally showers
later. Moderate or good, becoming moderate or poor.