[dnssd] Review of draft-sctl-advertising-proxy-02

Esko Dijk <esko.dijk@iotconsultancy.nl> Mon, 22 November 2021 14:57 UTC

Return-Path: <esko.dijk@iotconsultancy.nl>
X-Original-To: dnssd@ietfa.amsl.com
Delivered-To: dnssd@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E5D7F3A0BE1; Mon, 22 Nov 2021 06:57:22 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.1
X-Spam-Level:
X-Spam-Status: No, score=-2.1 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=iotconsultancy.nl
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZcpNvKxkecfr; Mon, 22 Nov 2021 06:57:18 -0800 (PST)
Received: from EUR05-DB8-obe.outbound.protection.outlook.com (mail-db8eur05on2100.outbound.protection.outlook.com [40.107.20.100]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0F0053A0BDD; Mon, 22 Nov 2021 06:57:13 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=X57k22Kr5X3k2+fidLqqcleSCKTVj9oGu8FuqK9y253Tb/H/vg9iCw0Rt9Jlx0xdqdXpymh+HbTfUgHL0edLLrvHR2pFbTVF3WiKyJeQj737HJFahmoJM1osituN7WBLP1eg8GdznRrydLXHDBTRqFNzUY1tQlBk7x5wnWLL62zyqeq+r2+LVApTE++eVUZJrGP9rlAkPQHxplTUvgkWYJvF60XGgqTZ8ei2DkXqfXSGpW24P5Bym5G/l55UULGyn0/9vOr7EhSmxF1wdRp1J9L5q5+7P2z8C7nhiouV1SGPuvH2Oc0LShiLa5z69MsqChsFklVfwkdXQJ8VZuvr5A==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=MHyVpF6ziYohZ29YWtRLyjYPVTP9OFPg63fTAPPUTBM=; b=btFryuamvmtFjW4ef9eZ8ADXqYDMChCKDwEhBcfaDGH9d8mwV4Hu4SlgGw4cWbO5SfOX8NI70lWit3RJwYUNLyrFZxzD173BddtE6otqhmFVM6AQs7fgQyHyFEXd8cZDmCJgFjqv9dYLIvFSnmGb8jYNyskRFcC2QgPYYSH6imLqsB0QEMqwZtqIX0LCVRS4jABa8Fpf8x7ZboG2Pec1cQoELA7YRxBYrUmiwdAEKP5StJcVxs2gzbKxtiiT9RnAtu0vJXOE8IhwggBwNoFARx+hQSmFn+SSZY17O1m8v/SeCi6XxFyUFGEQl00MLf1A/Kh3X6itQ6DGAPGPP5/15Q==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=iotconsultancy.nl; dmarc=pass action=none header.from=iotconsultancy.nl; dkim=pass header.d=iotconsultancy.nl; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=iotconsultancy.nl; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=MHyVpF6ziYohZ29YWtRLyjYPVTP9OFPg63fTAPPUTBM=; b=p7hf23EiNZXJxI9Hi6gbQE2sBqe8yd2wo6OjNqef91Ua8++3vEBwO9alugY6aRtiVJdvpAllhwZ0drVpgb7oRinwahT7H9vDWfjdqeslLKMyE/CPDSEwp7mGPoxaf+HARD+5WIpQh2xOqjIt916pyxIusy+7Apiwp6ULKsrOUwo=
Received: from AM8P190MB0979.EURP190.PROD.OUTLOOK.COM (2603:10a6:20b:1d3::8) by AM0P190MB0708.EURP190.PROD.OUTLOOK.COM (2603:10a6:208:198::23) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4713.19; Mon, 22 Nov 2021 14:57:06 +0000
Received: from AM8P190MB0979.EURP190.PROD.OUTLOOK.COM ([fe80::c41d:c9d6:d8c7:65c8]) by AM8P190MB0979.EURP190.PROD.OUTLOOK.COM ([fe80::c41d:c9d6:d8c7:65c8%7]) with mapi id 15.20.4713.025; Mon, 22 Nov 2021 14:57:06 +0000
From: Esko Dijk <esko.dijk@iotconsultancy.nl>
To: "dnssd@ietf.org" <dnssd@ietf.org>
CC: "draft-sctl-advertising-proxy@ietf.org" <draft-sctl-advertising-proxy@ietf.org>
Thread-Topic: Review of draft-sctl-advertising-proxy-02
Thread-Index: Adffr6iR7zvRFWe0ROWNbSbUK9cAmw==
Date: Mon, 22 Nov 2021 14:57:06 +0000
Message-ID: <AM8P190MB09795557BFE320C5F1715E81FD9F9@AM8P190MB0979.EURP190.PROD.OUTLOOK.COM>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=iotconsultancy.nl;
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 5456cc8d-8dda-42ec-518f-08d9adc85a0b
x-ms-traffictypediagnostic: AM0P190MB0708:
x-microsoft-antispam-prvs: <AM0P190MB0708249E5E17057C3E01F71EFD9F9@AM0P190MB0708.EURP190.PROD.OUTLOOK.COM>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: EDd5Fg9SpRsel30hNbMtGWGiyF6fqqB7iOMBtVDr6+DJ7S4hkgPx1+cROXv9vgZnnjPW/70TMRQ0ifaiL/DLgRwrgz7MJpYIZ0ifTA0Jz9taD9Sbg2UYFRUq7IDK0j9Zg1WOEkCJv5QjmDV4J8QsJVEZMn7kXQC4zzv+jOUdR3kjZ7QmQqVLMZDWOjmtA9mKAPhKoNbSqCE4df/hFoKiNf3HmWvXkpFzorHkmhlOosv+Qt274YIdKhzkOP25xlfzrOgUPimhml0hIilza4h1EwFto27afVcIBZTH+HYRfh1NQtuve8ql5QrZ/6Zgvv9nM6dh32l1dws1iGRGn7Q3YXWyJ51yYX8TMHqvLK398zdy6YwJv6XMyry8Hje/nKKgUBMsbd/Tvf8YKm0f+uTJAYr1Oiivy1D3fRXrfyQTWA0JPy0FvfNj10N3s04JDCQUOHIJTG/Lzyb2Rt2QX6slNADlW1cV4G9SrX5mfk5jouSRLSBlmr321x8VrGAs1Lj1elLW0mpvsNBCNsFDglJNTaY6xYq4R21k3po9cj7X8IVMKP3Ahd+23zyPQwoCxh5Wd6T8QIvsOzeA9+q31BMla5D+hRLjbXbHMoKwwyCvj0Wa/1Y7sHIqp6deG1Ybs+IFNZLKuYB4ohpVdtgjDhQ0ZU87kuCr95+e7h9Sc2W/xAN0yxKBucUrLHEewmWS59rK0Nju6fZfbjmLGa2RhGHgng==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:AM8P190MB0979.EURP190.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFS:(376002)(39830400003)(366004)(396003)(346002)(136003)(2906002)(316002)(450100002)(55016002)(44832011)(71200400001)(4326008)(6506007)(33656002)(508600001)(52536014)(38070700005)(186003)(66556008)(6916009)(5660300002)(8676002)(7696005)(76116006)(83380400001)(122000001)(86362001)(38100700002)(8936002)(66946007)(64756008)(9686003)(66476007)(66446008); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: L0Fi+LosYKEvRpMwiojMzYTcfMVOWx4MZKLT/Duk6VR9VjXkvGW18hitgyXw9CO+oCodfr7DgQXYxvVH6NnpcJff3DLOwm+8ed49/GvOi2lDORNNK0zjgpC9iXpMZ458DqxnPO/NzHhencqVIaPzo/O8aMtNSU8vVdgBNhjCzPVu/cKzIKlBo0jtVTLD0ZM1hSFt+/8nv5u1fN42Gi4jjIqUcgfho7fI1z6fvADjaKczju6b/hrlVvGB/HL3/N8vLZJzfl21WO8Ay/c4Ae7gTHEjAPlEVuxDfDZ8wqyomTGkD+D/RePExrt8QzsLasgwwsvheBTRhLNb1eZ6fkCaiXRzdzl/AYCD0AwkovX7p6wYix3D4s1fZ6agY+WhhY44LyzSP21QKLQaEg1XYqEl6FIRmi1Y7N5R6d9XraTTN/vyUq3F2VNiKwwbi3gGtpxziQ2ViS2OP2oubvU8IiXVwHb4N6OGrhvF0q5IuuPErKDd4rpgbcLdrnGRijR8Glye37X7oDLSvTK0s+IY0syb77dkALCPKPAyZJJw6Dx8lvhXHDwEyGjNVyqMZ4XCZR4LPvFs3cbIa1FSfpg/LCuqkqqh2aGzQxjWMNrHHIq/EQ3tCjdJ8F46BggfQsTY/no2i/4m7ESIqf7hVT9OoTvw4aI/41/9brAy5tGuVE0usET2y52cjMLfPOYOLlZIkYZ1T4T6BKVmhSQfRbBbhy0cNmx5H646LkU8AOZb+Z2PkRwnB7BTNToem4nYKvjKJtVjOxlorCWPDNcQxeFc0N3nNRpj+AAih8E9twxY9lEgSvJUDAVE49oBHdiDwZ+s6S14vYuxtuNstSE2XuxAl0NEnyloSNp7IUXV9TJjGJWR3dHBzuJWP23ReTxm1mwgtILnXxE+9/rUpeyYgy5myHtCIWiK7LUf0w7zOPb1qIME1g92qddCBmAcswFBY6deTylRkryqzbid0O4LUsm3Xm1Zav9rGCvEvBNHTvo4SRIog7Q8vcnTmaDn0BtU8xOTHJTk3ItTyewqEmkBBAZpyrc0yw25DL7eLcOAtgvQW3KDZAIBbAUclOwaegUryToPOCrbUAbe6NH51kpHv6+nq/oskIoj0p9AhIyTLtJy8CwG8+69/bdDcgOh3ae5LzeNAbl9i5GOnUDBdTgEzie8w4bJvxBgypRHEVkDZZAV34HCVYTEq5e2ViZ6SAa2vScE+JFzk7KImFfBPwDXgfX7KTD+HVe6w1+Z0dAxYakBf5KcdKvrZzX9TxUi+wSmNsgkRoWqaJuGRFeoUqOXbVwKqpCLkCbFw1AG2wUpXpfiNluwqmndg5qWxBWN/3NsOBA7WlYyYU8V/tjjuiq++J7sxy/gQuS1tk6ezotLSFRlVxJJBMddfBhkl4jV0rRal7jB+X+3GynyMgPFvYFJIUvtDN57SzoTqJOLIjZAxlUnYsAJkThtHYDqhhSK3pBkA+Dy8JjQuVDFGpF85UQ/2q0eKg654Cm7S6tFRDHcjUvXLZz78M29AgtG8mLs73QLNvgH2VPl8jVUVgNp9Qs+NEq75iLmHGrXBfIFcsKdaZ+spUgNCPzBCSlbkgo38ruODmC0WtR2qQHeXligE4zMtWTj8jeYv1Aw5jDIzok210/yMnK52WY8hzCImeUxFG/irolSaUj0ALemdgXwR/IKs6szEnkL/GgDetrNgWq0HfMy0KQjvb/HRkOkVxs21cRBgCcuznpHlUEPNiOm1hr9pvg3q4IQ0w==
Content-Type: multipart/alternative; boundary="_000_AM8P190MB09795557BFE320C5F1715E81FD9F9AM8P190MB0979EURP_"
MIME-Version: 1.0
X-OriginatorOrg: iotconsultancy.nl
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: AM8P190MB0979.EURP190.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-Network-Message-Id: 5456cc8d-8dda-42ec-518f-08d9adc85a0b
X-MS-Exchange-CrossTenant-originalarrivaltime: 22 Nov 2021 14:57:06.4097 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 58bbf628-15d2-46bc-820b-863b6774d44b
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: Kes2VWeGUQ9/+6dCbNuzzoaWGLCjXL1GTSEmBTMV1gu1o6+4iqvFTiPF58bd36mEOVkSMeDk+Ll++q2gvvSImMDPqrmphPv0Us5FPztZ37U=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM0P190MB0708
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnssd/E5tvkIncypXh5CqzdmcZWDWveKo>
Subject: [dnssd] Review of draft-sctl-advertising-proxy-02
X-BeenThere: dnssd@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Discussion of extensions to DNS-based service discovery for routed networks." <dnssd.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnssd>, <mailto:dnssd-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnssd/>
List-Post: <mailto:dnssd@ietf.org>
List-Help: <mailto:dnssd-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnssd>, <mailto:dnssd-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 22 Nov 2021 14:57:23 -0000

Dear WG/authors,

Here is a review of draft-sctl-advertising-proxy-02. Overall this looks like a useful extension of the SRP server.


*** 1.
reference [MCAST] can be changed to [RFC 9119] now.

*** 2.1
When the client next renews, the service registry informs
   the client of the new name the service registry selected on its
   behalf.  The client can choose to accept that new name, or select a
   new name of its own choosing.
-> This brings up the question how the server (registry) can do this. Maybe this was planned to be added still?  The SRP draft Section 2.2.5.2 just states that the server responds YXDOMAIN. That’s another behavior than what we say here: informing the client of the new name.
That would need some new/additional message or code presumably.

*** 2.1.1

The text in this section suggests that an Advertising Proxy may be configured in one of two 'modes':

  1.  Non-managed namespace; with renaming upon conflicts (default mode; operate as in section 2.1)
  2.  Managed namespace; no renaming upon conflicts (can be configured in some deployments, as needed, as stated in 2.1.1)

It could be helpful to make this more clear by:

  1.  Creating separate subsections for modes 1 and 2 ; e.g. 2.1.1 and 2.1.2.
  2.  Stating that mode 1 is the default
  3.  Stating that mode 2 MAY be implemented in an Advertising Proxy; and if so, it MAY be enabled by an admin.

Networks that use Advertising Proxies
   configured to behave in this way should provide a way to rename the
   device that is suffering the conflict.
-> This looks like a requirement on a 'network' to provide a way to rename a 'device'.  But typically the device picks/selects its own name, or it is commissioned to claim a particular name.   What does the recommendation practically mean, in that case? Do we mean that there should be some setup/commissioning phase procedure in every network to detect conflicts and resolve them by allowing name changes on the devices ? What about conflicts after the installation/commissioning phase?
Or is it only a requirement on the client device to have some means to let an external tool/commissioner change its name?    Or a requirement that the device itself can pick a new name?
It looks like the recommendation here can be made more clear and actionable.

In order to address this problem, it may be advisable to provide with
   a way for the advertising proxy to inform the mDNS service ... detected.
-> can clarify that this is not needed in case of 'mode 1' operation. And that this is a MUST to support 'mode 2' operation.

*** 3

An Advertising Proxy may made data visible to eavesdroppers on the
   configured multicast-capable link(s).
-> Here it would be good to refer to RFC 8882 for an analysis of privacy and security risks of mDNS.  We can mention explicitly that data which was private to the client/server  (e.g. SRP registration over TLS) is now broadcasted in the clear on the mDNS-link.  So it's not "may make data visible" but its core job is to make all that data visible.
Additional consideration/issue here worth mentioning is that the client may not be aware of the fact that its data is going to be sent out via the Advertising Proxy. Because it does not see the difference between a regular SRP server and one with Advertising Proxy.

That said, an SRP client is of course aware that the data about its services is not staying in the server but is meant to be discoverable to any DNS-SD clients. But the fact that now a fully passive eavesdropper can learn this information without doing a query itself would make an attacker less detectable and less traceable so in my opinion still worth mentioning in Section 3.

Regards
Esko


IoTconsultancy.nl  |  Email/Teams: esko.dijk@iotconsultancy.nl