[ietf-privacy] Fwd: draft-huitema-dnssd-privacy-01.txt

Tim Chown <Tim.Chown@jisc.ac.uk> Wed, 22 June 2016 12:19 UTC

Return-Path: <tim.chown@jisc.ac.uk>
X-Original-To: ietf-privacy@ietfa.amsl.com
Delivered-To: ietf-privacy@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 21AEF12D108 for <ietf-privacy@ietfa.amsl.com>; Wed, 22 Jun 2016 05:19:10 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.11
X-Spam-Level:
X-Spam-Status: No, score=-4.11 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001, T_DKIM_INVALID=0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=fail (1024-bit key) reason="fail (body has been altered)" header.d=jisc365.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8h59pzVUsuTY for <ietf-privacy@ietfa.amsl.com>; Wed, 22 Jun 2016 05:19:06 -0700 (PDT)
Received: from eu-smtp-delivery-189.mimecast.com (eu-smtp-delivery-189.mimecast.com [207.82.80.189]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 42C5B12B02A for <ietf-privacy@ietf.org>; Wed, 22 Jun 2016 05:19:05 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=jisc365.onmicrosoft.com; s=selector1-jisc-ac-uk; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=Uoho4LzJv9IrnXDes/M7Jylz7mVeTZAUWRHSKza8fe0=; b=kDT7iuY/hz3dARVCIO294aFrYCoWSNcrWTQEhhK6XIvfplmhIRAfOoj7Bq9YrM84cJ4H2OB1tgnTcrWKBOYzkkJfnaQFUTUd0ham9l/94ejYYWX8U+nnLGeP/uBUOB5unfKX/Ye1ereTLnycV51dWnZad5uNLBDCqq/SfRPCa14=
Received: from EUR01-HE1-obe.outbound.protection.outlook.com (mail-he1eur01lp0209.outbound.protection.outlook.com [213.199.154.209]) (Using TLS) by eu-smtp-1.mimecast.com with ESMTP id uk-mta-58-Vbivdcc-OfmwkXhehSRPbA-1; Wed, 22 Jun 2016 13:18:59 +0100
Received: from AMSPR07MB455.eurprd07.prod.outlook.com (10.242.106.148) by AMSPR07MB454.eurprd07.prod.outlook.com (10.242.106.145) with Microsoft SMTP Server (TLS) id 15.1.506.9; Wed, 22 Jun 2016 12:18:57 +0000
Received: from AMSPR07MB455.eurprd07.prod.outlook.com ([10.242.106.148]) by AMSPR07MB455.eurprd07.prod.outlook.com ([10.242.106.148]) with mapi id 15.01.0501.018; Wed, 22 Jun 2016 12:18:57 +0000
From: Tim Chown <Tim.Chown@jisc.ac.uk>
To: "ietf-privacy@ietf.org" <ietf-privacy@ietf.org>
Thread-Topic: draft-huitema-dnssd-privacy-01.txt
Thread-Index: AQHRzIBAVaQ6DttSpECICK7MqnEv7A==
Date: Wed, 22 Jun 2016 12:18:57 +0000
Message-ID: <FC54AE01-0E03-4414-809E-5A5460F2FCFF@jisc.ac.uk>
References: <DM2PR0301MB0655DA3D2AA9FD4FF08E5CA4A8500@DM2PR0301MB0655.namprd03.prod.outlook.com>
Accept-Language: en-GB, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-mailer: Apple Mail (2.3124)
x-ms-exchange-messagesentrepresentingtype: 1
x-originating-ip: [194.82.140.195]
x-ms-office365-filtering-correlation-id: e417e693-96af-4b50-167a-08d39a9762af
x-microsoft-exchange-diagnostics: 1; AMSPR07MB454; 5:vEjtcXNeR405SELEoygoyoMXCTHc4o22Gkzck9+SbTOmoAq/4PK2IhQuZNLpAd453Sm3ffArsrMz4u1WU3p+KtBNwr+VNmKiYJCH1q+q3+UG3k1nAMuOkAc+m6xcIf9omXAK3USHLBDE4QlFphPPZg==; 24:KZpDTdlLYpXrik+3VKxVot1pVuX/0crbQ5LzEjE4KSBxll/2QaX6S/ntH/uYmiA2NDWV6ij4i2Dep5QqmyUQmcHiFUxXL8PnfdGaD/q/dj4=; 7:lp0H5wVWFpdOFoBk4WAg7NF6lAwTVschZOs56lCp4LLA8VQdkT4pZYaTHycEQij1qselB9eSyjDjC8ufrZHMYOy9K3YNqXuFmjDMZkMHK77oJEmXT3AQaqhVwwTPiyA3w34CpyRTCgVw78dTIXPSVngNMwNKdIcUjQ1oz1JZBnqrCidf76Ivwvhe32XGKC+B; 20:XBLTNdXK28EauuQ4gMfhlWIxa+d9Kw/GKYNzhnF/YR1BAL2CjWMOTfxTuMnIpdqwE4J9XsEWrXRmTvvsF+bKjAqN/OQOKB7A24UXPaozAdsRhYVHB/uH7UYOChTxFPiVFOq5Tq4arpYMEmaPxV7hDVkbp0iQ9OfCPr/+RX2NrbY=
x-microsoft-antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:AMSPR07MB454;
x-microsoft-antispam-prvs: <AMSPR07MB454E2C71E67973A70EFDFD6D62C0@AMSPR07MB454.eurprd07.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(120809045254105);
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(601004)(2401047)(8121501046)(5005006)(3002001)(10201501046); SRVR:AMSPR07MB454; BCL:0; PCL:0; RULEID:; SRVR:AMSPR07MB454;
x-forefront-prvs: 0981815F2F
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(7916002)(66654002)(52044002)(189002)(377424004)(2473001)(199003)(13464003)(377454003)(105586002)(50986999)(10400500002)(19580395003)(8676002)(5002640100001)(106116001)(77096005)(74482002)(19580405001)(122556002)(4326007)(76176999)(101416001)(7846002)(561944003)(81166006)(81156014)(19617315012)(16601075003)(2900100001)(106356001)(8936002)(87936001)(2351001)(110136002)(15975445007)(584604001)(6116002)(82746002)(3846002)(3280700002)(57306001)(2906002)(86362001)(50226002)(11100500001)(33656002)(230783001)(16236675004)(66066001)(2501003)(5640700001)(189998001)(92566002)(68736007)(97736004)(7906002)(586003)(83716003)(102836003)(7736002)(36756003)(3660700001)(104396002); DIR:OUT; SFP:1101; SCL:1; SRVR:AMSPR07MB454; H:AMSPR07MB455.eurprd07.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords; MX:1; A:1; LANG:en;
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
MIME-Version: 1.0
X-OriginatorOrg: jisc.ac.uk
X-MS-Exchange-CrossTenant-originalarrivaltime: 22 Jun 2016 12:18:57.4659 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 48f9394d-8a14-4d27-82a6-f35f12361205
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AMSPR07MB454
X-MC-Unique: Vbivdcc-OfmwkXhehSRPbA-1
Content-Type: multipart/alternative; boundary="_000_FC54AE010E034414809E5A5460F2FCFFjiscacuk_"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf-privacy/7j4peLZCCXc1XPZ_FP-UCaGq3Ec>
Cc: Ralph Droms <rdroms.ietf@gmail.com>
Subject: [ietf-privacy] Fwd: draft-huitema-dnssd-privacy-01.txt
X-BeenThere: ietf-privacy@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Internet Privacy Discussion List <ietf-privacy.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf-privacy>, <mailto:ietf-privacy-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf-privacy/>
List-Post: <mailto:ietf-privacy@ietf.org>
List-Help: <mailto:ietf-privacy-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf-privacy>, <mailto:ietf-privacy-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 22 Jun 2016 12:19:10 -0000

Hi,

In the dnssd WG, we are developing methods to enable scalable DNS-based service discovery, which in practice means enabling mDNS/DNS-SD to work over multiple links within a site. As defined, mDNS/DNS-SD are link-local protocols, not forwarded by routers. If successful, one ‘win’ is that users with devices can discover services that may be physically near them, but that lie in a different subnet.

At a high level, the proposed solution works by clients/resolvers sending queries to hybrid proxies running on specific subnets (which may be manually configured in an enterprise scenario, or auto-discovered in an unmanaged home network scenario), which then issue local service discovery messages, the answers to which are relayed back to the originating querier.

We’re encouraging discussion of privacy considerations in the WG. As a result, we now have a draft (see below), including an initial proposal for a solution, for which we’d welcome wider review. The draft also addresses mDNS/DNS-SD privacy within single subnet scenarios.

Feel free to comment here, or join the dnssd WG list and contribute there.

Many thanks,
Tim & Ralph, dnssd WG co-chairs

Begin forwarded message:

From: Christian Huitema <huitema@microsoft.com<mailto:huitema@microsoft.com>>
Subject: [dnssd] FW: New Version Notification for draft-huitema-dnssd-privacy-01.txt
Date: 10 June 2016 at 21:02:50 BST
To: "dnssd@ietf.org<mailto:dnssd@ietf.org>" <dnssd@ietf.org<mailto:dnssd@ietf.org>>
Cc: Daniel Kaiser <daniel.kaiser@uni-konstanz.de<mailto:daniel.kaiser@uni-konstanz.de>>

Here is a new version of the "DNS-SD Privacy" draft. I co-authored it with Daniel Kaiser. Daniel is completing his PhD at the University of Konstanz, in Germany, studying issues related to privacy and discovery. This new draft is in my opinion much improved from the version 00 that I presented in Buenos Aires. You can read the abstract below for the broad lines of the proposed solution. Or, better yet, read the draft and comment!

-- Christian Huitema



-----Original Message-----
From: internet-drafts@ietf.org<mailto:internet-drafts@ietf.org> [mailto:internet-drafts@ietf.org]
Sent: Friday, June 10, 2016 12:35 PM
To: Christian Huitema <huitema@microsoft.com<mailto:huitema@microsoft.com>>; Daniel Kaiser <daniel.kaiser@uni-konstanz.de<mailto:daniel.kaiser@uni-konstanz.de>>
Subject: New Version Notification for draft-huitema-dnssd-privacy-01.txt


A new version of I-D, draft-huitema-dnssd-privacy-01.txt
has been successfully submitted by Christian Huitema and posted to the IETF repository.

Name: draft-huitema-dnssd-privacy
Revision: 01
Title: Privacy Extensions for DNS-SD
Document date: 2016-06-10
Group: Individual Submission
Pages: 26
URL:            https://www.ietf.org/internet-drafts/draft-huitema-dnssd-privacy-01.txt
Status:         https://datatracker.ietf.org/doc/draft-huitema-dnssd-privacy/
Htmlized:       https://tools.ietf.org/html/draft-huitema-dnssd-privacy-01
Diff:           https://www.ietf.org/rfcdiff?url2=draft-huitema-dnssd-privacy-01

Abstract:
  DNS-SD allows discovery of services published in DNS or MDNS.  The
  publication normally discloses information about the device
  publishing the services.  There are use cases where devices want to
  communicate without disclosing their identity, for example two mobile
  devices visiting the same hotspot.

  We propose to solve this problem by a two-stage approach.  In the
  first stage, hosts discover Private Discovery Service Instances via
  DNS-SD using special formats to protect their privacy.  These service
  instances correspond to Private Discovery Servers running on peers.
  In the second stage, hosts directly query these Private Discovery
  Servers via DNS-SD over TLS.  A pairwise shared secret necessary to
  establish these connections is only known to hosts authorized by a
  pairing system.




Please note that it may take a couple of minutes from the time of submission until the htmlized version and diff are available at tools.ietf.org<http://tools.ietf.org>.

The IETF Secretariat

_______________________________________________
dnssd mailing list
dnssd@ietf.org<mailto:dnssd@ietf.org>
https://www.ietf.org/mailman/listinfo/dnssd