IETF Logo Mail Archive

Re: [Doh] [Ext] some privacy ponderings wrt HTTPs and plain DNS

Star Brilliant <m13253@hotmail.com> Tue, 19 June 2018 04:45 UTC

Return-Path: <m13253@hotmail.com>
X-Original-To: doh@ietfa.amsl.com
Delivered-To: doh@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6A3A5130ED0 for <doh@ietfa.amsl.com>; Mon, 18 Jun 2018 21:45:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.876
X-Spam-Level:
X-Spam-Status: No, score=-0.876 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FORGED_HOTMAIL_RCVD2=0.874, FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=hotmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id gpZfrntfxFNa for <doh@ietfa.amsl.com>; Mon, 18 Jun 2018 21:45:16 -0700 (PDT)
Received: from NAM04-SN1-obe.outbound.protection.outlook.com (mail-oln040092011066.outbound.protection.outlook.com [40.92.11.66]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 231F7130EB9 for <doh@ietf.org>; Mon, 18 Jun 2018 21:45:15 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=hotmail.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=uiFOf+khB1L0DYkNhmRXAihT0ZwZ7wNzVb3oOKaxNYc=; b=RM9no+rIeIwNSYbKzrTLbO/8I5zp4ZnN6+RtBVHNcP2/bna3+8q/tnVPZRIs21+ZhihfA9sBWfjlHwLmTv3J6Gp16eBHhju0NQVJg8mkdD5dGqDBt6rdbxbQPWM2PY1CHmDKn+GAK8PAiEoAJONZw+fkbz4a1OyksEnZzWroKqsysxMrsiiMC+9zlaRPZGnmvhwv93LdmabZErO0G97PT5MYZoS836FTxnI3Vf2Mk6E4FlTq316V7d9eya05lz+ELJLpATIxe55c8rHdI+yFX0GRY8xdKpxyIcNC+PwE/SbZQrDezuUf5TEDxreqdRn+FIppiOBm9NB+JVLrdVq/1g==
Received: from SN1NAM04FT037.eop-NAM04.prod.protection.outlook.com (10.152.88.55) by SN1NAM04HT142.eop-NAM04.prod.protection.outlook.com (10.152.88.211) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384) id 15.20.863.11; Tue, 19 Jun 2018 04:45:14 +0000
Received: from BYAPR19MB2248.namprd19.prod.outlook.com (10.152.88.56) by SN1NAM04FT037.mail.protection.outlook.com (10.152.88.202) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.20.884.17 via Frontend Transport; Tue, 19 Jun 2018 04:45:14 +0000
Received: from BYAPR19MB2248.namprd19.prod.outlook.com ([fe80::4067:c141:d328:eca3]) by BYAPR19MB2248.namprd19.prod.outlook.com ([fe80::4067:c141:d328:eca3%3]) with mapi id 15.20.0863.016; Tue, 19 Jun 2018 04:45:14 +0000
From: Star Brilliant <m13253@hotmail.com>
To: "doh@ietf.org" <doh@ietf.org>
Thread-Topic: [Doh] [Ext] some privacy ponderings wrt HTTPs and plain DNS
Thread-Index: AQHUB02EGbW+uNcgw02XNu0nBCAwqKRmu9MAgABAyhk=
Date: Tue, 19 Jun 2018 04:45:14 +0000
Message-ID: <BYAPR19MB2248092E240AF9D7A441DDAC94700@BYAPR19MB2248.namprd19.prod.outlook.com>
References: <20180618112116.GB9195@server.ds9a.nl> <d137a136-d456-8de2-b682-512edd86b1f7@riseup.net> <E4082C8A-8D16-4F13-82ED-C9F68F66A2A1@sinodun.com> <CAOdDvNrnfxxQ__G_kKn4Fe4jcwcQUZfOb4aNAE6+bjvSrfLcmA@mail.gmail.com> <0D08F629-1719-440D-B4B4-A474CF90B865@sinodun.com> <CAOdDvNrKhV83ZmCX=KWHx49PtFVO2eTzY+GOxjEzEVd6Auj4Nw@mail.gmail.com> <910b8990-d962-ffd1-caa6-591d60e93e7e@NLnetLabs.nl> <AA306D47-E241-4DF6-9685-5578A7C9CA1D@icann.org> <45d445e5-afbb-907b-ffee-77588ab688fa@cs.tcd.ie>, <e9e148f0-543b-f44d-1192-c2a8d25994e4@riseup.net>
In-Reply-To: <e9e148f0-543b-f44d-1192-c2a8d25994e4@riseup.net>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-incomingtopheadermarker: OriginalChecksum:1C35FDDD0B98792CA7C82420E89BEE9192F45FCADF43C6CFCAFDA7835A30DFF6; UpperCasedChecksum:5D2858D0E685C41E5F910E3C6B4A33156FF1B83C96EC2B025F5D7607AA743EC1; SizeAsReceived:7632; Count:46
x-ms-exchange-messagesentrepresentingtype: 1
x-tmn: [kRgOsC9mfWjWoH5f+kUAWmBmgKlq86uHIqkflqh8cKF4Ke8sBy0Y+w==]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; SN1NAM04HT142; 7:u8qpIieX6VJYwgeVHSACnWzwqQV9pCIMGrXhzLFUCyZ2NQ2DV+EoXHn9H9q2NKk27QY1Z5pnNVFQjh0KiyRJZ4cU+3BBomBJWDM4xgQiRZkbVNOBCZqp6raW7Kkd7c/hAVg3JRGZ+XFXfUnJybfIpe2wg6HyLt24G5Ny/1/irAiqU310iErBSX4jVhlR93xekEKKfu3XlACEUZwx8zvy7iCj/8uXW7dBe5cyXlHJPnWYUm8PH62arTx8tWbee4dN
x-incomingheadercount: 46
x-eopattributedmessage: 0
x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(7020095)(201702061078)(5061506573)(5061507331)(1603103135)(2017031320274)(2017031324274)(2017031323274)(2017031322404)(1603101448)(1601125500)(1701031045); SRVR:SN1NAM04HT142;
x-ms-traffictypediagnostic: SN1NAM04HT142:
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(444000031); SRVR:SN1NAM04HT142; BCL:0; PCL:0; RULEID:; SRVR:SN1NAM04HT142;
x-forefront-prvs: 07083FF734
x-forefront-antispam-report: SFV:NSPM; SFS:(7070007)(199004)(189003)(2351001)(5640700003)(446003)(82202002)(73972006)(33656002)(102836004)(76176011)(5660300001)(25786009)(7696005)(104016004)(6506007)(68736007)(59450400001)(87572001)(6346003)(486006)(229853002)(6436002)(11346002)(20460500001)(476003)(97736004)(55016002)(1730700003)(46003)(8676002)(93886005)(81156014)(83332001)(2501003)(2900100001)(9686003)(8936002)(3660700001)(5250100002)(6916009)(99286004)(105586002)(14454004)(106356001)(86362001)(305945005)(3280700002)(6246003)(74316002)(15852004)(42262002); DIR:OUT; SFP:1901; SCL:1; SRVR:SN1NAM04HT142; H:BYAPR19MB2248.namprd19.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords; A:1; MX:1; LANG:;
received-spf: None (protection.outlook.com: hotmail.com does not designate permitted sender hosts)
authentication-results: spf=none (sender IP is ) smtp.mailfrom=m13253@hotmail.com;
x-microsoft-antispam-message-info: DYHCbLlNOEfWopec+CAweWQ2ZaGCfXfipOJ63OsfwfdqadJXh8JfzVAezlyORInZvyOCXCu5ZySmZwnX3tX0+606XcguVLeupVjkdfJ7k1BWSjbth7blDwVU4xO4B2ej4oN9WxrVRn8cCco88cfIsBpesoWb/iiE6O65GDmoc/RXXf1aEqiJI6+pZkT0nV3F
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: hotmail.com
X-MS-Exchange-CrossTenant-RMS-PersistedConsumerOrg: c001924d-3e68-4f40-89c2-901a49278da7
X-MS-Exchange-CrossTenant-Network-Message-Id: 9b1c83b6-1a1a-4ab9-89b4-08d5d59f72c4
X-MS-Exchange-CrossTenant-rms-persistedconsumerorg: c001924d-3e68-4f40-89c2-901a49278da7
X-MS-Exchange-CrossTenant-originalarrivaltime: 19 Jun 2018 04:45:14.3541 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Internet
X-MS-Exchange-CrossTenant-id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa
X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN1NAM04HT142
Archived-At: <https://mailarchive.ietf.org/arch/msg/doh/JVO9KT_gXC9gU2yK-hIwr6kEsX8>
Subject: Re: [Doh] [Ext] some privacy ponderings wrt HTTPs and plain DNS
X-BeenThere: doh@ietf.org
X-Mailman-Version: 2.1.26
Precedence: list
List-Id: DNS Over HTTPS <doh.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/doh>, <mailto:doh-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/doh/>
List-Post: <mailto:doh@ietf.org>
List-Help: <mailto:doh-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/doh>, <mailto:doh-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 19 Jun 2018 04:45:18 -0000

>> Extra A: Keep-Alive and Tor
>> 
>> I just talked about Keep-Alive. Since DoH runs over HTTP/2,
>> Keep-Alive is normally enabled. If you are worried about it, you can
>> run a non-standard DoH client with HTTP/1.0 over HTTPS. Please be
>> warned that this is non-standard
>
>The current draft RECOMMENDS HTTP/2 but does not require it, or
>did I overlook the HTTP/2 requirement elsewhere?
>
>"HTTP/2 [RFC7540] is the minimum RECOMMENDED version of HTTP for use
>with DoH"

Sorry I remembered the old text. (It was once a "MUST" in the past.)

But what are you expecting with a DoH protocol running over HTTP/1.0?
I mean, it is nothing better than a DNS-over-TLS-without-session-resumption.



> I agree that data like user-agent strings is helpful for debugging
> and to implement server-side workarounds for client-side bugs or error handling but
> the privacy of users - in a protocol that's primary goal is to provide
> privacy for end users - should be more important than ease-of-debugging
> for us operators of DoH servers.

If you think User-Agent can be a problem, then you shouldn't use TLS either.
When you look at the Client Hello packet, you will find different browsers have different things in it. Even different versions of a same browser are not identical.
As far as I know, Chinese government use this technique to block certain TLS protocols, including Tor and OpenVPN.
This is far far far more "plaintext fingerprintable" than a User-Agent.


Additionally, detecting a server or a client's software version is actually very easy.
I knew there is a certain bug that can't handle ECS headers well in a certain version of miekg/dns Go library.
I constructed a packet containing this certain header and sent it to CloudFlare. They crashed and returned nothing.
Now I knew CloudFlare's DNS implementation was written in Go. And they even were even using the old version! (I'm not sure about now.)
The client side is the same, as far as I know, miekg/dns has some difficulty processing some Rcode values.

To conclude: Hiding User-Agent does nothing to protect privacy. Oppositely, hiding User-Agent reduces user's security and service availability.



> I guess there is no expectation of unlinkability within multiple
> DNS queries going over a single TCP connection. The concern
> with cookies is more about linking multiple TCP connections
> based on the cookie.

Let me explain my worries: I run a public DoH service. Now it is healthy because few people are using. I am afraid it may receive DDoS attack in the future, so I planned to use Cookie challenge (with 2 minutes lifetime) whenever I got attacked.
What should I do now if I am not allowed to use Cookies?

v2.23.0 | Report a Bug | By Email