IETF Logo Mail Archive

[dnssd] Confirming consensus from DNSSD Privacy discussion in Bangkok

David Schinazi <dschinazi.ietf@gmail.com> Thu, 15 November 2018 01:37 UTC

Return-Path: <dschinazi.ietf@gmail.com>
X-Original-To: dnssd@ietfa.amsl.com
Delivered-To: dnssd@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AE5C7130E4D for <dnssd@ietfa.amsl.com>; Wed, 14 Nov 2018 17:37:14 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id aC4MPioegCMu for <dnssd@ietfa.amsl.com>; Wed, 14 Nov 2018 17:37:12 -0800 (PST)
Received: from mail-pl1-x62c.google.com (mail-pl1-x62c.google.com [IPv6:2607:f8b0:4864:20::62c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D01FB130E4B for <dnssd@ietf.org>; Wed, 14 Nov 2018 17:37:12 -0800 (PST)
Received: by mail-pl1-x62c.google.com with SMTP id b22-v6so3208704pls.7 for <dnssd@ietf.org>; Wed, 14 Nov 2018 17:37:12 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:date:message-id:subject:to; bh=YvO7O1EzmQDm4Irla3JRVG0xeqVIb2vrynLgTcsxxVo=; b=PYUPkgj7iuVS+EM/IanfCjyAhV0vfoD4KR6tLo2B1YaqaQ5kcWggXDU3iBcogMzlNL DOjyXFqsvtx4C9UixvT4M85yMlaMFunOOKzUiOhYXuMH6j/MdhGsqmKj0wWnPxFfXiFS cwURLXLTurfiLdFHelCWFaVBKN9MbfBD47W8ta/pzEXFxS9TKiPkQk5bWFv8KvTgxWe4 p0MZfEVt0kzagPIZY9sYmU3+3l7ldRfqgbtCCrJk7ZAB6drmzaLrExxuughWuZJ6lu86 EwruYJXQvIJh6YGAUymnyVsR8/Oac72IqncztC6bUMEtd/fwsoC30kM/T8zBkc/h4DNI V3nA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=YvO7O1EzmQDm4Irla3JRVG0xeqVIb2vrynLgTcsxxVo=; b=babxFdnegZZPlQg0KHtzwslSZ5CF9E1Ys2TtikVl6iKL1Y++M5dzJA5UpMfxrWvqHE SFQ77OnJGIhBccHDPqYUT32frxFMhjPkcCOnXX0v0cYOcn8RV6ogtze5zLJX8Pmmp8Wx qZp2Od+Xh7V3PJreDG3RmnCTWQiuHgJ4gPI7D3Li+kACPfkllUr9TCTFLx1VRNksGsD4 jr6MQkLOSJf+gfEb2pOlFLjN1UuYpv3ut2lZG49EWIRuzDQ9J6Ed4rhQST3j74pr0+1d SkSK0od8rfJVKxjN31ebEJuV0HbbAVjWC1PzsenmdTcoaj3XPGFw8GcQRW1IXHr9HyUh pSqg==
X-Gm-Message-State: AGRZ1gLhizU1Tq3LXOzLe8Qe7TH2wUMAYStxHZ/I/jZazSaySWBYwa0F nKnQm5Svr5VegZUFErKSxes36E3oN7N/JuZ1l20DR/YO
X-Google-Smtp-Source: AJdET5eNUJ7bqmV9MNQusihY1hMlfe9+v5rXnZGTKL/u2g1ESMzw2EJlOGPmWXWUF7sGmbNWCaGUN5elV2JMybbc2n4=
X-Received: by 2002:a17:902:9f8c:: with SMTP id g12-v6mr3650158plq.127.1542245831873; Wed, 14 Nov 2018 17:37:11 -0800 (PST)
MIME-Version: 1.0
From: David Schinazi <dschinazi.ietf@gmail.com>
Date: Wed, 14 Nov 2018 17:37:00 -0800
Message-ID: <CAPDSy+6YyW_G7uwfwGPv1KLtJqL96dZ87R-5pnmmffEEniTigg@mail.gmail.com>
To: DNSSD <dnssd@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000f717fd057aaa165b"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnssd/8TyDpW_lgBumP0g9zTV-12ATDmQ>
Subject: [dnssd] Confirming consensus from DNSSD Privacy discussion in Bangkok
X-BeenThere: dnssd@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Discussion of extensions to DNS-based service discovery for routed networks." <dnssd.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnssd>, <mailto:dnssd-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnssd/>
List-Post: <mailto:dnssd@ietf.org>
List-Help: <mailto:dnssd-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnssd>, <mailto:dnssd-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 15 Nov 2018 01:37:15 -0000

Hello everyone,

It the room at IETF 103, there was a very productive discussion about DNSSD
privacy:
https://www.youtube.com/watch?v=hPuTD19R-uQ&t=28m43s

During that discussion, the room reached consensus on the following items:

1) single-stage approach -- Up until now, we were considering two
approaches: single-stage (send encrypted and authenticated service
identifier, receive encrypted and authenticated service response) and
two-stage (send encryption and authenticated identifier, receive encrypted
and authenticated response, derive secrets, send and receive subsequent
queries encrypted using derived secrets). There was consensus in the room
to go with the single-stage approach.

2) Use of TLS -- The single-stage approach no longer requires a key
exchange mechanism such as TLS. There was consensus in the room that we do
not need TLS as part of this protocol.

3) Evolution of documents -- It was proposed that we would take all input
and compound it into a single document and only advance that one. We will
use draft-ietf-dnssd-privacy since that document has already been adopted
by the working group. Christian Huitema has offered for Bob Bradley to join
as co-author if Bob would like.

If you disagree with any of these points, please say so before 2018-12-02.

Thanks,
David

v2.23.0 | Report a Bug | By Email