Re: [dnssd] WWDC / Bonjour Privacy

Daniel KAISER <> Tue, 11 June 2019 18:26 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 3C8C912018D for <>; Tue, 11 Jun 2019 11:26:11 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -4.3
X-Spam-Status: No, score=-4.3 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (2048-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id DcYt7fKaZ9vi for <>; Tue, 11 Jun 2019 11:26:08 -0700 (PDT)
Received: from ( [IPv6:2001:a18:a:c5::d]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id AD19D120099 for <>; Tue, 11 Jun 2019 11:26:07 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple;;; q=dns/txt; s=DKIM; t=1560277567; x=1591813567; h=subject:references:from:cc:to:message-id:date: mime-version:in-reply-to:content-transfer-encoding; bh=mNyIhGekIdO3huf/Coqo2c5Oj5aaPPtxo7N9DZWK5dE=; b=HbjNUX5/Tlm58TDYy07mdvmi6gskOdT6CBFWC384cv/zpQZKridLmXC7 etcGpBESLSvyv6wP8cbbFHH5oEEw5IVMEHbV52Yz666l5pczfHrZL11i/ J/7pB2o5raUDAJwnZSrPMKLMkj/xIezUlkFl1Ytis9TcAghFkL2SNRAtw IkwwHcOWtQBTO+xlZ24Y1/eCFXTsetfhaesO6cxHdZIrmxFGYNIfuTL4R PUPUSX435RIXX3xCU3E7CwLQl4zTX8PlNO9mrOP3/ISibuwG7yEHVqm2F qs7uDQ8tBhwoGNlugBNTppGDkZsJBUX2wnKZSm6xRNS0xXCti3r+pBhL9 Q==;
Authentication-Results:; spf=Fail; dkim=none (message not signed) header.i=none; dmarc=fail (p=none dis=none)
X-IronPort-AV: E=Sophos;i="5.63,362,1557180000"; d="scan'208";a="22103733"
References: <> <> <> <> <>
From: Daniel KAISER <>
CC: Ted Lemon <>, <>, Christian Huitema <>
To: "" <>
Message-ID: <>
Date: Tue, 11 Jun 2019 20:25:58 +0200
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.6.0
MIME-Version: 1.0
In-Reply-To: <>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
Content-Language: en-US
X-Originating-IP: []
X-ClientProxiedBy: Widow2017.uni.lux (2001:a18:a:90::71) To lydia2017.uni.lux (2001:a18:a:90::6f)
Archived-At: <>
Subject: Re: [dnssd] WWDC / Bonjour Privacy
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Discussion of extensions to DNS-based service discovery for routed networks." <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Tue, 11 Jun 2019 18:26:11 -0000

On 6/11/19 5:19 PM, Ted Lemon wrote:
> Thanks, Daniel.   IIRC, some folks at Apple have been involved in working on the spec. 
Sorry, I forgot Bob Bradley is with Apple.
I will ask him and Christian Christian Huitema for a phone conference.
Imho, orally discussing our various approaches while taking Apple's use
cases into consideration
might help progressing and unifying the drafts.
(Most likely, I will not be able to attend the next IETF meeting.)
>   I think part of the radio silence that you’re hearing is that the Apple product cycle is such that the period from March to June is actually a very busy time, and so there just aren’t cycles for IETF between the spring and summer meetings.
>> On Jun 11, 2019, at 11:13 AM, Daniel KAISER <> wrote:
>> Regarding the privacy aspects of (m)DNS-SD:
>> I still think it would be beneficial to finalize a document on a privacy-extension,
>> and I still want to work on that.
>> I agree, the lack of feedback within the group is a problem;
>> we have come up with quite a few different proposals and there is no clear "favorite".
>> Also, I see the problem that we try to solve too many use cases with a single specification
>> (p2p mobile devices, classical  DNS server, printer, ...).
>> For P2P applications like the tic-tac-toe example from the WWDC talks,
>> the PSK could be extracted from the TLS connection and be used to derive a secret for obfuscating the
>> service related information for the (next) discovery process.
>> The interface matches the one from our proposal for a DNS-SD/mDNS based manually authenticated
>> device pairing protocol.
>> We could either go in the TLS/ESNI direction or stick with our older proposals and seamlessly
>> integrate a privacy extension into mDNS-SD / Bonjour.
>> Listening to the great talks by Apple I wonder if Apple is interested in working with us on
>> a specification that would fit Apple's use cases of Bonjour.
>> If someone is interested, I would be happy to collaborate.
>> (However, as I work at a University and the projects I am involved in currently are not directly related
>> to (m)DNS-SD, the time I can spend on this topic is limited until I find a matching project.)
>> Kind regards,
>> Daniel
>> On 6/8/19 1:11 AM, Ted Lemon wrote:
>>> On May 31, 2019, at 8:33 PM, Olafur Gudmundsson < <>> wrote:
>>>> I think you are right and with only 2 people interested in the work it is time to close the WG 
>>> It is a concern to me that the number of people who are interested in this and paying attention to the mailing list and replying seems low, but at the same time work is going on to deploy our work in the industry.   All of the major O.S. vendors support it.   One option would be to go forward with the remaining work as ISE documents, with the potential that the IETF might want to update them later.
>>> I would be curious to know your opinion on this: do you feel that you would rather that this stuff not be documented, or are you concerned that there aren’t enough people here doing review?
>>> _______________________________________________
>>> dnssd mailing list
>>> <>
>>> <>
>> -- 
>> Dr. Daniel Kaiser
>> Research Associate
>> SnT- Interdisciplinary Centre for Security, Reliability and Trust
>> University of Luxembourg
>> Maison du Nombre (MNO)
>> 6, avenue de la Fonte
>> L-4364 Esch-sur-Alzette
>> Office: E02 0225-010

Dr. Daniel Kaiser
Research Associate
SnT- Interdisciplinary Centre for Security, Reliability and Trust

University of Luxembourg
Maison du Nombre (MNO)
6, avenue de la Fonte
L-4364 Esch-sur-Alzette
Office: E02 0225-010