Re: [dnssd] New Version Notification for draft-pusateri-dnsop-private-subdomains-00.txt
Tom Pusateri <pusateri@bangj.com> Tue, 12 March 2019 05:01 UTC
Return-Path: <pusateri@bangj.com>
X-Original-To: dnssd@ietfa.amsl.com
Delivered-To: dnssd@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 70E4713127E for <dnssd@ietfa.amsl.com>; Mon, 11 Mar 2019 22:01:34 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id sbDZZT7f2vl3 for <dnssd@ietfa.amsl.com>; Mon, 11 Mar 2019 22:01:32 -0700 (PDT)
Received: from oj.bangj.com (69-77-154-174.static.skybest.com [69.77.154.174]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6A6D6130EE0 for <dnssd@ietf.org>; Mon, 11 Mar 2019 22:01:32 -0700 (PDT)
Received: from [172.16.10.104] (mta-107-13-246-59.nc.rr.com [107.13.246.59]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by oj.bangj.com (Postfix) with ESMTPSA id 68D2C29D8C for <dnssd@ietf.org>; Tue, 12 Mar 2019 01:01:31 -0400 (EDT)
From: Tom Pusateri <pusateri@bangj.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_9043FBCA-5C79-49DC-A802-71C2ACFE8568"
Mime-Version: 1.0 (Mac OS X Mail 12.2 \(3445.102.3\))
Date: Tue, 12 Mar 2019 01:01:28 -0400
References: <155233479715.23070.14580718185398098231.idtracker@ietfa.amsl.com> <84A76287-DBD8-4FC2-ADAC-A3CF822716A4@bangj.com> <15A71FF9-26DB-4404-93F9-64BEA6F4417F@bangj.com>
To: dnssd <dnssd@ietf.org>
In-Reply-To: <15A71FF9-26DB-4404-93F9-64BEA6F4417F@bangj.com>
Message-Id: <3C56750A-0F30-4B22-9C55-C956104CBC64@bangj.com>
X-Mailer: Apple Mail (2.3445.102.3)
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnssd/oIozoINvz72M08VtYPEN3tCCzI0>
Subject: Re: [dnssd] New Version Notification for draft-pusateri-dnsop-private-subdomains-00.txt
X-BeenThere: dnssd@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Discussion of extensions to DNS-based service discovery for routed networks." <dnssd.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnssd>, <mailto:dnssd-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnssd/>
List-Post: <mailto:dnssd@ietf.org>
List-Help: <mailto:dnssd-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnssd>, <mailto:dnssd-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 12 Mar 2019 05:01:34 -0000
Sorry for the noise. The updated version can be found here: https://github.com/pusateri/draft-pusateri-dnsop-private-subdomains/blob/master/draft-pusateri-dnsop-private-subdomains.txt <https://github.com/pusateri/draft-pusateri-dnsop-private-subdomains/blob/master/draft-pusateri-dnsop-private-subdomains.txt> I’ll keep tuning it and submit it on 3/23 when draft submission opens up again. Thanks, Tom > On Mar 12, 2019, at 12:21 AM, Tom Pusateri <pusateri@bangj.com> wrote: > > It just occurred to me that I made the solution for query/responses overly complex in order to use caching at existing resolvers. The more obvious and simple solution is to directly query the authoritative servers using signed queries over TLS. This should remove the entire encoding/decoding encrypted resource record text. I don’t think this causes a problem because the number of devices is likely small and the query rate low. > > I’ll push out another version shortly on github but it won’t get published in the internet-draft archive until the freeze is lifted. So keep that in mind if you read this before the -01 version is available. > > Thanks, > Tom > > >> On Mar 11, 2019, at 8:26 PM, Tom Pusateri <pusateri@bangj.com <mailto:pusateri@bangj.com>> wrote: >> >> During the re-charter discussion last summer in Montréal, I presented some observations about service discovery to help focus our future work. >> >> 1. We should transition from using mDNS to using unicast DNS when possible for privacy, performance, and resource conservation. When we do use multicast, it should be for initial discovery but not for data transfer. >> 2. Some services are personal. Some services are meant to be openly shared, some are private. >> 3. Some services are location dependent but not necessarily network attachment dependent. Think on campus but attached cellular. >> >> The Update proxy that I submitted on 12 Feb is meant to stimulate a discussion for #1. >> >> This drafty draft below is meant for discussion on #2. It describes a method of creating personal subdomains for sharing private services. Unlike some of the other privacy solutions being discussed, it is not intended for use over mDNS but only over unicast DNS. Since it is still a work in progress, it would benefit from some other collaborators and so if you read the draft and have some contributions to make, I would love to work together. Protecting service discovery is not a security solution on its own. It’s just one more piece of the puzzle to not leak private information. >> >> Thanks and see you in Prague. >> >> Tom >> >>> Begin forwarded message: >>> >>> From: internet-drafts@ietf.org <mailto:internet-drafts@ietf.org> >>> Subject: New Version Notification for draft-pusateri-dnsop-private-subdomains-00.txt >>> Date: March 11, 2019 at 4:06:37 PM EDT >>> To: "Tom Pusateri" <pusateri@bangj.com <mailto:pusateri@bangj.com>> >>> >>> >>> A new version of I-D, draft-pusateri-dnsop-private-subdomains-00.txt >>> has been successfully submitted by Tom Pusateri and posted to the >>> IETF repository. >>> >>> Name: draft-pusateri-dnsop-private-subdomains >>> Revision: 00 >>> Title: Private DNS Subdomains >>> Document date: 2019-03-11 >>> Group: Individual Submission >>> Pages: 10 >>> URL: https://www.ietf.org/internet-drafts/draft-pusateri-dnsop-private-subdomains-00.txt <https://www.ietf.org/internet-drafts/draft-pusateri-dnsop-private-subdomains-00.txt> >>> Status: https://datatracker.ietf.org/doc/draft-pusateri-dnsop-private-subdomains/ <https://datatracker.ietf.org/doc/draft-pusateri-dnsop-private-subdomains/> >>> Htmlized: https://tools.ietf.org/html/draft-pusateri-dnsop-private-subdomains-00 <https://tools.ietf.org/html/draft-pusateri-dnsop-private-subdomains-00> >>> Htmlized: https://datatracker.ietf.org/doc/html/draft-pusateri-dnsop-private-subdomains <https://datatracker.ietf.org/doc/html/draft-pusateri-dnsop-private-subdomains> >>> >>> >>> Abstract: >>> This document describes a method of providing private DNS subdomains >>> such that each subdomain can be shared among multiple devices of a >>> single owner or group. A private subdomain can be used for sharing >>> personal services while increasing privacy and limiting knowledge of >>> scarce resources. >>> >>> >>> >>> >>> Please note that it may take a couple of minutes from the time of submission >>> until the htmlized version and diff are available at tools.ietf.org <http://tools.ietf.org/>. >>> >>> The IETF Secretariat >>> >> >> _______________________________________________ >> dnssd mailing list >> dnssd@ietf.org <mailto:dnssd@ietf.org> >> https://www.ietf.org/mailman/listinfo/dnssd > > _______________________________________________ > dnssd mailing list > dnssd@ietf.org > https://www.ietf.org/mailman/listinfo/dnssd
- [dnssd] Fwd: New Version Notification for draft-p… Tom Pusateri
- Re: [dnssd] New Version Notification for draft-pu… Tom Pusateri
- Re: [dnssd] New Version Notification for draft-pu… Tom Pusateri