IETF Logo Mail Archive

Re: [dnssd] Confirming consensus from DNSSD Privacy discussion in Bangkok

Christopher Wood <christopherwood07@gmail.com> Thu, 28 February 2019 02:04 UTC

Return-Path: <christopherwood07@gmail.com>
X-Original-To: dnssd@ietfa.amsl.com
Delivered-To: dnssd@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 86D3B130EE0 for <dnssd@ietfa.amsl.com>; Wed, 27 Feb 2019 18:04:41 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.748
X-Spam-Level:
X-Spam-Status: No, score=-1.748 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qnjZSp7SNW_o for <dnssd@ietfa.amsl.com>; Wed, 27 Feb 2019 18:04:39 -0800 (PST)
Received: from mail-yw1-xc29.google.com (mail-yw1-xc29.google.com [IPv6:2607:f8b0:4864:20::c29]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2CB6C130ED1 for <dnssd@ietf.org>; Wed, 27 Feb 2019 18:04:39 -0800 (PST)
Received: by mail-yw1-xc29.google.com with SMTP id u200so9839932ywu.10 for <dnssd@ietf.org>; Wed, 27 Feb 2019 18:04:39 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=5N7xhyYfxwr+6BdNs7x3D7mby40K+Cwueq4ielx+eaM=; b=nZPaa2D5YlBKOe5ea7oQZG4pbnLyAeS0OLy7yDjQLGDxg42FHa/0iyCjBciWFBeXAx Gwa+288qOef9n1Z3wsEOIStWrXSrtFM9BoFeFxFU+prnW5y7bMtQuPn3lHrXqapcPXxq ZEnOrHMCaEt+p+HW50pW3D2W8JCi3rWKaOBB9xT45qKCgc2pVkegnoQIQ3E0h6dGz+hD UIxun/Fad7pukCOAo6bgWK53Gx88AAVxoD7IRWR3lH9OQLQzb+b5gxUfTP9In7FpNqye qS6QBHLwiQ00rN3Cis68SQbyHwKnt7OtQTgS2buwShkpM26WEirzKmVgIvoaaqQm1dKz bSIg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=5N7xhyYfxwr+6BdNs7x3D7mby40K+Cwueq4ielx+eaM=; b=GWtAYCS6tGYmjVSUtMvir7Lgq7BTLO8VN+F9VvCbXAgtzS4FarCpBGHOuZiV0JPKYA tGAwahP/g2dY/tElU93rbfUQKe6Nvr7cDxDWb300nqhCyHruLqutggRJW1sWIA2JRM2A Vy3JIRCCHOnz9we5sLhtUagAnBm4Xq0qouQKekniCnk+IelvFBzjSRZksId5+sdkO000 QH79ImUBPyJl8Ldi5tobROy2LMEuZ63NJlnQzFWQCvTwf3enH5SSyHnPsrs+yqL/J83i mkjmINR/PSCYWfx6QUXOHaHHbDPIDHgidKBHurGV9yQFQzMm/YU+Im1uQExF5HechdjF rREw==
X-Gm-Message-State: AHQUAua5fMs9wDfgK1eN0PCaodz3b6A/5HlwGjVBKqwj3MVesUuX7kTR AYhWTBU8BRtAlYsHAihSm4LPT+FeapJ25HbE7wk=
X-Google-Smtp-Source: AHgI3IbHfDR6+eF8plj3TEoXUMnP/qVXHu19+77Ne5iyWcqop2/EpAP6ydCENH30wD0Oc5eDY/TQ1wUcrFcjlJzuMv0=
X-Received: by 2002:a0d:edc3:: with SMTP id w186mr3771186ywe.301.1551319478118; Wed, 27 Feb 2019 18:04:38 -0800 (PST)
MIME-Version: 1.0
References: <CAPDSy+6YyW_G7uwfwGPv1KLtJqL96dZ87R-5pnmmffEEniTigg@mail.gmail.com> <47A82E32-32B9-476F-AB79-76C8D182624F@apple.com> <CAO8oSXkGAErtKQgMGGT+88PY4Y+wJ_6Rz493exaymZ_L8F4FNg@mail.gmail.com> <CAPDSy+68V=rx8cAbVq6rKxNbb9yHisCCPURwHoLKsA179NooLw@mail.gmail.com> <e9b4900d-94e3-c79a-2a72-e2f996663b9d@huitema.net> <CAPDSy+4d27SQCStGzPpzzv=pjGiCM+0df988BesRGHdV_vvteA@mail.gmail.com> <CAO8oSXnXre29hjbNCZ1N7b8VBRMubS1yO5_XXr7VY2yxzNAWGw@mail.gmail.com> <1fc0ba86-2619-6efb-5e89-aa0a025c998e@huitema.net> <CAO8oSX=rWYxkKq0H5dEJDKq_Hs3tH2gqSxQ-Cr_SaHDPkrvvCA@mail.gmail.com> <CAO8oSXkfszNXUT6gr1G2OEWgJXe-cX_S4yAJmLm5sUqN0SQ54w@mail.gmail.com> <CAPDSy+7UvYdNOeYZg-R2b+eXuvGNMguXDWtkKgotVpLP5YPk4g@mail.gmail.com> <3d4d353e-5cb5-e35f-fc31-db819b4b2506@huitema.net> <CAO8oSX=9Fi60GigVWgCRkLXxwgF8aD1BveVNicz6_m5S-MQnYg@mail.gmail.com> <867b0844-ddf2-a7d1-4b3c-166fb4770e2d@huitema.net>
In-Reply-To: <867b0844-ddf2-a7d1-4b3c-166fb4770e2d@huitema.net>
From: Christopher Wood <christopherwood07@gmail.com>
Date: Wed, 27 Feb 2019 18:04:26 -0800
Message-ID: <CAO8oSXmKwA6yE3A_OczjCBSvLwm1jqT3dEDNGzAB88ZM785+CQ@mail.gmail.com>
To: Christian Huitema <huitema@huitema.net>
Cc: Bob Bradley <bradley@apple.com>, DNSSD <dnssd@ietf.org>, David Schinazi <dschinazi.ietf@gmail.com>
Content-Type: multipart/alternative; boundary="0000000000006d2cc30582eab612"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnssd/6POF0_J0LgvXWOlUG-A3cM2F-pI>
Subject: Re: [dnssd] Confirming consensus from DNSSD Privacy discussion in Bangkok
X-BeenThere: dnssd@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Discussion of extensions to DNS-based service discovery for routed networks." <dnssd.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnssd>, <mailto:dnssd-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnssd/>
List-Post: <mailto:dnssd@ietf.org>
List-Help: <mailto:dnssd-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnssd>, <mailto:dnssd-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 28 Feb 2019 02:04:42 -0000

On Wed, Feb 27, 2019 at 5:58 PM Christian Huitema <huitema@huitema.net>
wrote:

>
> On 2/27/2019 5:40 PM, Christopher Wood wrote:
>
> On Wed, Feb 27, 2019 at 5:37 PM Christian Huitema <huitema@huitema.net> <huitema@huitema.net> wrote:
>
> On 2/27/2019 4:48 PM, David Schinazi wrote:
>
> <chair hat off>
> Given that our main target is local networks, I personally believe spending an extra round trip to prevent dictionary attacks sounds worth it.
>
> I am thinking of using the ESNI extension, or developing a very similar extension specifically for the purpose of private discovery. The ESNI extension format is defined in https://datatracker.ietf.org/doc/draft-ietf-tls-esni/?include_text=1 as:
>
>       struct {
>           CipherSuite suite;
>           KeyShareEntry key_share;
>           opaque record_digest<0..2^16-1>;
>           opaque encrypted_sni<0..2^16-1>;
>       } ClientEncryptedSNI;
>
> The service name is encrypted, but we would have to do something to not reveal the hash of the key in the "record digest".
>
> This seems to highlight my main reservation about the 1-RTT approach.
> I think we ought not to complicate things and just pay the round trip.
>
> My priority there is not the 1 RTT design, but rather the integration with
> TLS. I don't like coming up with a new crypto protocol, even when using
> well known patterns.
>

That’s a fair concern. Note that I’m not advocating for something that’s
not TLS. I’m simply advocating for something that’s not one stage.

As for the complication, the only requirement is to omit the record_digest,
> or redefine it to include a nonce. Apart from that, the prototype can just
> reuse the existing code.
>

The record digest is required to prevent downgrade attacks in the normal
ESNI case. Depending on how the keys are installed, it may be fine to omit
here.

Can you please be specific for how you expect this optional nonce to work?
It would help this discussion, I think.

Thanks,
Chris

v2.23.0 | Report a Bug | By Email