Re: [dnssd] I-D Action: draft-huitema-dnssd-privacy-00.txt
"Christian Huitema" <huitema@huitema.net> Thu, 24 March 2016 05:46 UTC
Return-Path: <huitema@huitema.net>
X-Original-To: dnssd@ietfa.amsl.com
Delivered-To: dnssd@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8341512D775 for <dnssd@ietfa.amsl.com>; Wed, 23 Mar 2016 22:46:27 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.921
X-Spam-Level:
X-Spam-Status: No, score=-1.921 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id cB0le6pCJrAA for <dnssd@ietfa.amsl.com>; Wed, 23 Mar 2016 22:46:25 -0700 (PDT)
Received: from xsmtp02.mail2web.com (xsmtp02.mail2web.com [168.144.250.215]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 856DC12D52F for <dnssd@ietf.org>; Wed, 23 Mar 2016 22:46:25 -0700 (PDT)
Received: from [10.5.2.14] (helo=xmail04.myhosting.com) by xsmtp02.mail2web.com with esmtps (TLS-1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.63) (envelope-from <huitema@huitema.net>) id 1aiy67-0005LK-Kj for dnssd@ietf.org; Thu, 24 Mar 2016 01:46:24 -0400
Received: (qmail 31754 invoked from network); 24 Mar 2016 05:46:18 -0000
Received: from unknown (HELO huitema1) (Authenticated-user:_huitema@huitema.net@[24.16.156.113]) (envelope-sender <huitema@huitema.net>) by xmail04.myhosting.com (qmail-ldap-1.03) with ESMTPA for <alf@istumbler.net>; 24 Mar 2016 05:46:17 -0000
From: Christian Huitema <huitema@huitema.net>
To: 'Alf Watt' <alf@istumbler.net>
References: <20160310013909.9336.65458.idtracker@ietfa.amsl.com> <7E27ED38-3858-4080-A31E-2116EA2DD436@ecs.soton.ac.uk> <EMEW3|53a64596503ce821209d6d873fee625as2GNBl03tjc|ecs.soton.ac.uk|7E27ED38-3858-4080-A31E-2116EA2DD436@ecs.soton.ac.uk> <055301d184bc$11a0e450$34e2acf0$@huitema.net> <620719BD-01B1-426C-8FAC-09C615DFBF7C@istumbler.net> <FC9530D1-C66A-4A63-B62C-6D98EB8E2E9C@istumbler.net>
In-Reply-To: <FC9530D1-C66A-4A63-B62C-6D98EB8E2E9C@istumbler.net>
Date: Wed, 23 Mar 2016 22:46:16 -0700
Message-ID: <020c01d18590$7c59a690$750cf3b0$@huitema.net>
MIME-Version: 1.0
Content-Type: text/plain; charset="Windows-1252"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Outlook 15.0
Thread-Index: AQIT3HtUSd1CzI+WTk3PSxCkI12h1wJZ1p8tAxB9ygAB+k+JcwIVaXVYAo4RXfqegx+gUA==
Content-Language: en-us
Archived-At: <http://mailarchive.ietf.org/arch/msg/dnssd/8CJqBFdGW_3bKIJoFXdVvTF2eC4>
Cc: dnssd@ietf.org
Subject: Re: [dnssd] I-D Action: draft-huitema-dnssd-privacy-00.txt
X-BeenThere: dnssd@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "Discussion of extensions to Bonjour \(mDNS and DNS-SD\) for routed networks." <dnssd.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnssd>, <mailto:dnssd-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnssd/>
List-Post: <mailto:dnssd@ietf.org>
List-Help: <mailto:dnssd-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnssd>, <mailto:dnssd-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 24 Mar 2016 05:46:27 -0000
On Wednesday, March 23, 2016 5:37 PM, Alf Watt wrote: > ... > For most users a single security posture or group membership won't be > adequate. Some services may be private (synch with a phone, for e.g.), some > shared with work mates (file and screen sharing), some with family (game and > content sharing), while others are public, the service advertising stack will > have to keep track of the difference and advertise and browse as appropriate. Fair point. I am mostly concerned with the use case of several devices roaming together, typically phone and laptop or tablet, and then of work mates travelling together. We certainly need to work on the usage scenario and the UI implications. > - Yes, the concern is privacy in multicast environments, so I suggest the title > change to reflect that. Strictly speaking any kind of DNS message send over > mDNS is leaking information, but we only expect to see the SD, name and > address resolution messages associated with DNS-SD Multicast is certainly the first concern. I do not believe that people are actually using server-based resolution in Wi-Fi hot spots. > - 4.1: if the party is concerned they MAY use a random host name, if privacy is > required they MUST Yes. The MAY is my awkward attempt at providing 2 ways of doing that. > - the goal is to advertise services in such a way that hosts not implementing > the updated protocol will not see them, this suggests using a new protocol > and port to differentiate traffic, allow for a secure protocol design and avoid > obfuscation and name mangling That's certainly an option. But at the same time, there is value in reusing as much infrastructure as possible. > - as you are proposing a shared key solution, there should be some proposal > for key sharing and exchange Agreed. I wanted to have first a discussion of the concept. > - this moves the solution towards Bluetooth style link-key exchange pairing > model of security for local services. It's probably worth reviewing those > protocols to see if one can be reused for this purpose. Bluetooth style pairing is certainly one way. I should really have added a link to the BT LE spec, and its address obfuscation mechanism. But then, pairing is certainly not the only way to do that. We could also use "cloud based" mechanism, of the kind used to synchronize multiple device with the same owner. > - as suggested, only a single key and therefore a single 'kin' group[1] per > device would be supported That would be adequate for the "laptop and phone" scenario. Not so much for the "work mates" scenario. > - consider using a one-time key to protect the payload of an mDNS packet, > and wrapping that key in one or more 'kin' group keys to allow a single > service to be advertised to multiple groups: > > [mDNS message encrypted with K] > [K encrypted with G1] > [K encrypted with G2] > [etc.] Yes, that's the other possible design -- running encrypted MDNS on a separate port. It is a different tradeoff. Obfuscation allows reuse of the "low level" mechanisms, and places the burden entirely at the user interface. Encryption makes the interface implementation easier, but requires different ports, sending systems, etc. I believe the user-interface solution is easier to implement and less error prone. > - note that this allows for privately advertising the true host name and makes > browsing requests private as well (only a kin will be able to unwrap the on- > time-key and see the service type requested). That would work, as long as the names do not leak from the "encrypted MDNS" to the "clear text MDNS." If MDNS is configured with an obfuscated host name, it will not leak when if an active attacker does an active search for the clear-text name. -- Christian Huitema
- [dnssd] Fwd: I-D Action: draft-huitema-dnssd-priv… Tim Chown
- Re: [dnssd] I-D Action: draft-huitema-dnssd-priva… Christian Huitema
- Re: [dnssd] I-D Action: draft-huitema-dnssd-priva… Alf Watt
- Re: [dnssd] I-D Action: draft-huitema-dnssd-priva… Tom Pusateri
- Re: [dnssd] I-D Action: draft-huitema-dnssd-priva… Alf Watt
- Re: [dnssd] I-D Action: draft-huitema-dnssd-priva… Christian Huitema
- Re: [dnssd] I-D Action: draft-huitema-dnssd-priva… Alf Watt