[dnssd] WWDC / Bonjour Privacy

Daniel KAISER <daniel.kaiser@uni.lu> Tue, 11 June 2019 15:13 UTC

Return-Path: <prvs=058024826=daniel.kaiser@uni.lu>
X-Original-To: dnssd@ietfa.amsl.com
Delivered-To: dnssd@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2C07F120181 for <dnssd@ietfa.amsl.com>; Tue, 11 Jun 2019 08:13:50 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.299
X-Spam-Level:
X-Spam-Status: No, score=-4.299 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=uni.lu
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id A6L5NsNWAsGc for <dnssd@ietfa.amsl.com>; Tue, 11 Jun 2019 08:13:45 -0700 (PDT)
Received: from smtp2.uni.lu (smtp2.uni.lu [IPv6:2001:a18:a:c5::e]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 64FB81200E5 for <dnssd@ietf.org>; Tue, 11 Jun 2019 08:13:44 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=uni.lu; i=@uni.lu; q=dns/txt; s=DKIM; t=1560266025; x=1591802025; h=to:references:from:subject:cc:message-id:date: mime-version:in-reply-to; bh=qFrofq9KczaVfbZmtR2BhhBiozMAH9AHxSz6tGF9Je4=; b=W+mUSQH/66OFbOjwybcVbonoTuJa4aZ8KNRTCPVchLLepzun6v0lSlKX l9Zhk4gmtv/A/099F63+z2sDvSuFfVID5+GvgnMWQfWJXRK6yksOGRcHx Et6Nuor0HC6zrZFcWuDNquxItmdOLeN5HYleSmuSLUE3mCU2zSCqEEg8u ITaSMsWjM4Fh7oqn+CGs+bK3U56IxdH01m+R70wVNb6RcrAHrBGBjfI+a F+kzfjbMkYqKonw1yhgljinBPM6ay2knDX81jdYkL6w1eHnW+ynnMpZmy RdnDuuNtI5Nw4h2XMxbRN+xbHkf6P01EYRoezijeRnKw3ZhzsOfifqn2j Q==;
Authentication-Results: smtp2.uni.lu; spf=Fail smtp.mailfrom=daniel.kaiser@uni.lu; dkim=none (message not signed) header.i=none; dmarc=fail (p=none dis=none) d=uni.lu
X-IronPort-AV: E=Sophos; i="5.63,579,1557180000"; d="scan'208,217"; a="20893781"
To: <dnssd@ietf.org>
References: <1E8281A3-50CD-4526-86D2-A65B4A6C27CF@bangj.com> <80100734-B735-44BC-A3DF-E0EAA279305A@ogud.com> <1E9E1477-1C80-4846-BB2C-1134F3D0865D@fugue.com>
From: Daniel KAISER <daniel.kaiser@uni.lu>
CC: Ted Lemon <mellon@fugue.com>, Christian Huitema <huitema@huitema.net>
Message-ID: <f422e182-c3ab-c4a8-612b-70421e993861@uni.lu>
Date: Tue, 11 Jun 2019 17:13:40 +0200
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.6.0
MIME-Version: 1.0
In-Reply-To: <1E9E1477-1C80-4846-BB2C-1134F3D0865D@fugue.com>
Content-Type: multipart/alternative; boundary="------------43747CAD85FF0A3469E8A505"
Content-Language: en-US
X-Originating-IP: [10.240.10.16]
X-ClientProxiedBy: Ryder2017.uni.lux (2001:a18:a:90::72) To lydia2017.uni.lux (2001:a18:a:90::6f)
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnssd/RVFSgDx9_ejy63BnXpVZM5e_8eU>
Subject: [dnssd] WWDC / Bonjour Privacy
X-BeenThere: dnssd@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Discussion of extensions to DNS-based service discovery for routed networks." <dnssd.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnssd>, <mailto:dnssd-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnssd/>
List-Post: <mailto:dnssd@ietf.org>
List-Help: <mailto:dnssd-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnssd>, <mailto:dnssd-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 11 Jun 2019 15:13:50 -0000

Regarding the privacy aspects of (m)DNS-SD:
I still think it would be beneficial to finalize a document on a 
privacy-extension,
and I still want to work on that.

I agree, the lack of feedback within the group is a problem;
we have come up with quite a few different proposals and there is no 
clear "favorite".
Also, I see the problem that we try to solve too many use cases with a 
single specification
(p2p mobile devices, classical  DNS server, printer, ...).

For P2P applications like the tic-tac-toe example from the WWDC talks,
the PSK could be extracted from the TLS connection and be used to derive 
a secret for obfuscating the
service related information for the (next) discovery process.
The interface matches the one from our proposal for a DNS-SD/mDNS based 
manually authenticated
device pairing protocol.
We could either go in the TLS/ESNI direction or stick with our older 
proposals and seamlessly
integrate a privacy extension into mDNS-SD / Bonjour.

Listening to the great talks by Apple I wonder if Apple is interested in 
working with us on
a specification that would fit Apple's use cases of Bonjour.

If someone is interested, I would be happy to collaborate.
(However, as I work at a University and the projects I am involved in 
currently are not directly related
to (m)DNS-SD, the time I can spend on this topic is limited until I find 
a matching project.)

Kind regards,
Daniel



On 6/8/19 1:11 AM, Ted Lemon wrote:
> On May 31, 2019, at 8:33 PM, Olafur Gudmundsson <ogud@ogud.com 
> <mailto:ogud@ogud.com>> wrote:
>> I think you are right and with only 2 people interested in the work 
>> it is time to close the WG
>
> It is a concern to me that the number of people who are interested in 
> this and paying attention to the mailing list and /replying/ seems 
> low, but at the same time work is going on to deploy our work in the 
> industry.   All of the major O.S. vendors support it.   One option 
> would be to go forward with the remaining work as ISE documents, with 
> the potential that the IETF might want to update them later.
>
> I would be curious to know your opinion on this: do you feel that you 
> would rather that this stuff not be documented, or are you concerned 
> that there aren’t enough people here doing review?
>
>
> _______________________________________________
> dnssd mailing list
> dnssd@ietf.org
> https://www.ietf.org/mailman/listinfo/dnssd

-- 

Dr. Daniel Kaiser
Research Associate
SnT- Interdisciplinary Centre for Security, Reliability and Trust

University of Luxembourg
Maison du Nombre (MNO)
6, avenue de la Fonte
L-4364 Esch-sur-Alzette
Office: E02 0225-010