IETF Logo Mail Archive

Re: [homenet] review of draft-ietf-homenet-redact and draft-ietf-homenet-dot

Andrew Sullivan <ajs@anvilwalrusden.com> Sun, 12 March 2017 13:59 UTC

Return-Path: <ajs@anvilwalrusden.com>
X-Original-To: homenet@ietfa.amsl.com
Delivered-To: homenet@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C77B312955A for <homenet@ietfa.amsl.com>; Sun, 12 Mar 2017 06:59:39 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=yitter.info header.b=dR/D8qOE; dkim=pass (1024-bit key) header.d=yitter.info header.b=KFqoEnyq
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Cs9qp-89DYhP for <homenet@ietfa.amsl.com>; Sun, 12 Mar 2017 06:59:37 -0700 (PDT)
Received: from mx4.yitter.info (mx4.yitter.info [159.203.56.111]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5861F12943F for <homenet@ietf.org>; Sun, 12 Mar 2017 06:59:37 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by mx4.yitter.info (Postfix) with ESMTP id 55CA6BEEDC for <homenet@ietf.org>; Sun, 12 Mar 2017 13:59:36 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yitter.info; s=default; t=1489327176; bh=GwSFRkMpPj/dLc3RVCPI/ZhpC4nb34DONWxkxSp93qA=; h=Date:From:To:Subject:References:In-Reply-To:From; b=dR/D8qOEms17ZJnUlfKeB4tDTynih9UDKQU36rzGrORYkkc5TFA3OPa7kGHgq5b4W Ohl9sv7a03DR6c5+5JstZ4/ys5sO1EYzV+Oll/ew9quUPgSzNOkexh6pR4C4967XKF 8k4srMy6Mkx7kE2bJgpm67mpSLMHpMIJOMqE+/bg=
X-Virus-Scanned: Debian amavisd-new at crankycanuck.ca
Received: from mx4.yitter.info ([127.0.0.1]) by localhost (mx4.yitter.info [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id G_mTnHnh2fl9 for <homenet@ietf.org>; Sun, 12 Mar 2017 13:59:34 +0000 (UTC)
Date: Sun, 12 Mar 2017 09:59:31 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yitter.info; s=default; t=1489327174; bh=GwSFRkMpPj/dLc3RVCPI/ZhpC4nb34DONWxkxSp93qA=; h=Date:From:To:Subject:References:In-Reply-To:From; b=KFqoEnyqlTp4+WB2PN7X/GvPKDEjcnurgg5k7/rjg8FRv9wnjub189lJG7f0iPyuI ArIASf+otUjqqhW1i6RC0INPVeHVLeX418Aiqu6HXX+TyRTn9C4v0VwNgU4PFmlYNl xCrOz12kQp+6PA2oLLlEB/TUWe0Z+YHElNDovP8E=
From: Andrew Sullivan <ajs@anvilwalrusden.com>
To: homenet@ietf.org
Message-ID: <20170312135930.GF13811@mx4.yitter.info>
References: <42ECD4C1-3A87-414C-91D3-8B709A8B3FB5@piuha.net>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
In-Reply-To: <42ECD4C1-3A87-414C-91D3-8B709A8B3FB5@piuha.net>
Archived-At: <https://mailarchive.ietf.org/arch/msg/homenet/g0S6o2IpTjGQaqT1LMP6T9D4YdU>
Subject: Re: [homenet] review of draft-ietf-homenet-redact and draft-ietf-homenet-dot
X-BeenThere: homenet@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: IETF Homenet WG mailing list <homenet.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/homenet>, <mailto:homenet-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/homenet/>
List-Post: <mailto:homenet@ietf.org>
List-Help: <mailto:homenet-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/homenet>, <mailto:homenet-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 12 Mar 2017 13:59:39 -0000

Hi,

On Sun, Mar 12, 2017 at 01:17:28PM +0100, Jari Arkko wrote:

> I’m fine overall in requesting the allocation of .homenet for
> this purpose.

As I've already argued in this list, I think it's a mistake, but I'll
try not to rehash that argument in what follows.  (So if you detect
such rehashing, please don't misunderstand it as what I've intended.
I'm imperfect.)

>    Such queries MUST NOT be recursively
>    forwarded to servers outside the logical boundaries of the home
>    network.
> 
> I’m not clear how to implement this MUST NOT. Is there
> a requirement here that any recursive resolver either
> knows about the logical boundaries of a home network,
> or does not forward .homenet queries?

It would seem that's an implicit requirement, but note that the
requirement will never be met by anyone who doesn't implement this
specification.  Since basically every shipped home network box has
some sort of forwarding or recursive DNS system in it, and they know
nothing about homenet now, so they will just send the query out to the
Internet.  (This will be true of every domain name we pick for this.)
 
>  2.  Applications SHOULD treat domain names ending with '.homenet.'
>        just like any other FQDN, and MUST NOT make any assumption on the
>        level of additional security implied by its presence.
> 
> This is fine, but that should probably be ‘… any assumption
> about the security properties based on the use of this special
> name.’ (It is not clear to me that there’d be additional security
> level, could also be reduced security, e.g., if DNSSEC was not
> locally available.)

I don't think I understand this comment.  But my understanding of the
goal of homenet use cases was that most of the deployment needed to
work without upgrading everything.  So you should be able to use the
homenet features with your unupgraded laptop, because it's supposed to
Just Work like any other network context.  So,

> It is not clear to me why these are a requirement.

it's because of the "Just Works" requirement.  If you are validating
on your laptop, your validator does not know about homenet, and so it
won't know that when it gets the proof of non-existence of
homenet. that it is supposed to ignore that proof.  So it will treat
any name beneath homenet as a bogus entry.

> Also, the insecure delegation in the root zone puts us into a
> place where we have not been before, process-wise, because
> this is a special use domain name and a proper TLD at the same
> time, causing us to run both the ICANN and the IETF process,

As long as we understand "run the ICANN process" as including "getting
ICANN to invent such a process", I agree with the above.

> If we categorise .homenet as special, I don’t understand
> why we need an insecure delegation. Software (e.g.,
> local resolver) would *know* this is a special name
> and it would never be the case that .homenet suddenly
> turns into a delegated secure regular domain which needs
> the chain of trust from the root. What gives?

Which "local resolver" do you mean?  There could be more than one, and
it's not only resolvers.  You could do validation without doing
resolution.  Basically, to get homenet without the provably insecure
delegation, you need to give up on validation or you have to accept
that homenet techniques won't work until everything has been upgraded.
(I suppose that, since we're assuming v6, we might be waiting for that
anyway ;-) )

Best regards,

A

-- 
Andrew Sullivan
ajs@anvilwalrusden.com

v2.23.0 | Report a Bug | By Email