IETF Logo Mail Archive

Re: [Doh] WG Review: DNS Over HTTPS (doh)

Adam Roach <adam@nostrum.com> Wed, 20 September 2017 17:25 UTC

Return-Path: <adam@nostrum.com>
X-Original-To: doh@ietfa.amsl.com
Delivered-To: doh@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 70AD813202D; Wed, 20 Sep 2017 10:25:09 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.88
X-Spam-Level:
X-Spam-Status: No, score=-1.88 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, T_SPF_HELO_PERMERROR=0.01, T_SPF_PERMERROR=0.01] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jD6PtDXyuRt7; Wed, 20 Sep 2017 10:25:05 -0700 (PDT)
Received: from nostrum.com (raven-v6.nostrum.com [IPv6:2001:470:d:1130::1]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AAB23126D0C; Wed, 20 Sep 2017 10:25:05 -0700 (PDT)
Received: from Orochi.local (99-152-146-228.lightspeed.dllstx.sbcglobal.net [99.152.146.228]) (authenticated bits=0) by nostrum.com (8.15.2/8.15.2) with ESMTPSA id v8KHP2qx073667 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NO); Wed, 20 Sep 2017 12:25:03 -0500 (CDT) (envelope-from adam@nostrum.com)
X-Authentication-Warning: raven.nostrum.com: Host 99-152-146-228.lightspeed.dllstx.sbcglobal.net [99.152.146.228] claimed to be Orochi.local
To: Ted Hardie <ted.ietf@gmail.com>, Mark Nottingham <mnot@mnot.net>
Cc: doh@ietf.org, Paul Hoffman <paul.hoffman@vpnc.org>, IETF <ietf@ietf.org>
References: <150549029332.2975.12341647131707994474.idtracker@ietfa.amsl.com> <CA+9kkMBJAP23GmGf_ix-DMeOMB=Rbas+qsBQhrVwZuA5-Cv7Mg@mail.gmail.com> <EB3D58DB-1F8D-4E32-AE71-841EBCDDC3CA@vpnc.org> <42309404-8991-5d1d-7834-59087f273d41@nostrum.com> <CA+9kkMDokEDbBiCR_TRQda2RBHxoHag6mQL57Uzn7ALqakm1Og@mail.gmail.com> <e4a02fff-6803-28c7-c01d-f27a1b282d50@nostrum.com> <CA+9kkMCPRfjazW7Kk7GGnu1a0f2QNvgERV-5SGXWzp2HRmPJ=A@mail.gmail.com> <0EA5CC8C-D4B0-47F4-A8CF-950BDB1A1D55@mnot.net> <CA+9kkMDRdje0LTjAXLJkU6MeEP9tgJOmTjEP3jbtogyFtYYAwA@mail.gmail.com> <32479A66-5D72-48CF-8C33-2D131AEB2B5B@mnot.net> <CA+9kkMCHPO_VO8sO2YUFLHCw8fTKFwoB4-Jy3V22ODHjtVs5YA@mail.gmail.com> <89896E61-3275-4214-BEC5-59D40B6DDA4A@mnot.net> <CA+9kkMC=C9cW6wabYApNv9svN0DTCaWTHCedYgzbELdwqSasuQ@mail.gmail.com> <296AD098-5728-44E6-855F-91881359162C@mnot.net> <CA+9kkMBwgT39PjbfxD-wGBy2JDMJYOSVHPte0uRqYYzus6N0fg@mail.gmail.com>
From: Adam Roach <adam@nostrum.com>
Message-ID: <2bc5fab5-ce23-54d9-7440-6d55940560cd@nostrum.com>
Date: Wed, 20 Sep 2017 12:24:57 -0500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:52.0) Gecko/20100101 Thunderbird/52.3.0
MIME-Version: 1.0
In-Reply-To: <CA+9kkMBwgT39PjbfxD-wGBy2JDMJYOSVHPte0uRqYYzus6N0fg@mail.gmail.com>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Transfer-Encoding: 7bit
Content-Language: en-US
Archived-At: <https://mailarchive.ietf.org/arch/msg/doh/fnXt3ZYYbdsosAka6U27lpMeWz0>
Subject: Re: [Doh] WG Review: DNS Over HTTPS (doh)
X-BeenThere: doh@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: DNS Over HTTPS <doh.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/doh>, <mailto:doh-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/doh/>
List-Post: <mailto:doh@ietf.org>
List-Help: <mailto:doh-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/doh>, <mailto:doh-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 20 Sep 2017 17:25:09 -0000

On 9/20/17 12:17, Ted Hardie wrote:
> That there is no intent to allow that information to be further 
> propagated is certainly useful to know, but if I understand you (and 
> Adam) correctly, this problem must be handled somewhere because of the 
> intersection of this proposal and JavaScript capabilities in a modern 
> browser. 


This can be done with or without any work in the IETF. If the hack mnot 
describes is possible[1], then having a standardized format for 
launching such queries (rather than doing the *exact* same thing in a 
proprietary syntax) neither helps nor hinders the attack.

That said, I want to stress quite heavily that I don't think this kind 
of attack is possible due to the scoping rules around which resources a 
service worker is allowed to handle.

/a

____
[1] I'm extremely dubious that this could be pulled off even for normal 
resources; for HTTPS-secured resources, replacing the host with the 
result of DNS resolution would cause cert validation to fail, so it 
definitely can't be mounted there.

v2.23.0 | Report a Bug | By Email