[ietf-privacy] Fwd: Call for Papers: NDSS Workshop on DNS Privacy

Allison Mankin <allison.mankin@gmail.com> Tue, 13 December 2016 18:59 UTC

Return-Path: <allison.mankin@gmail.com>
X-Original-To: ietf-privacy@ietfa.amsl.com
Delivered-To: ietf-privacy@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E807C12966F for <ietf-privacy@ietfa.amsl.com>; Tue, 13 Dec 2016 10:59:37 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.699
X-Spam-Level:
X-Spam-Status: No, score=-2.699 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id dLIZZnsTldEX for <ietf-privacy@ietfa.amsl.com>; Tue, 13 Dec 2016 10:59:35 -0800 (PST)
Received: from mail-vk0-x22c.google.com (mail-vk0-x22c.google.com [IPv6:2607:f8b0:400c:c05::22c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 75ECA12948F for <ietf-privacy@ietf.org>; Tue, 13 Dec 2016 10:59:35 -0800 (PST)
Received: by mail-vk0-x22c.google.com with SMTP id x186so75976767vkd.1 for <ietf-privacy@ietf.org>; Tue, 13 Dec 2016 10:59:35 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=H7twUQg9xg3MIguTGxWndwnQLEjYMPWT5fZxqwKYWr4=; b=C1oIdVJERASYvVlViewoRk73EC0e4CF2tKsw2JqVE3bXpiX/hbQ7K3Iu7FJKrElTlG EPY/J0/0QPFkoMe+3o4+u9YszgiHgB4eHJhz+pkZl2+GjyuCfd4eqLod0iMdK5wPQJko bhuSc88UnimJDP4W3E6DCAB6Shk/4Z/yH/H8qz8nSfE1GQNpokx00BBjcXhsEENKEgPZ Xsevg376W63LNzn5CG4cJ07EIss6CvwihwP+W6aLr+F8GeG0sRhwkFsDQA3nwGDbasxz 0zh3c87duAXWWIA0sxAcIVkJRHi/nxg3zrm707f/40SGDABkOF/CMNQMH2VnxSZCvY6+ Wozg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=H7twUQg9xg3MIguTGxWndwnQLEjYMPWT5fZxqwKYWr4=; b=Cxg0oN046A3I8L4sJqWu6TTdbGIxQaWDYmSwVJroFkua808TpckECFJ9JFzJPpoT2Y WflT3FVrEA0xG/zkgcuQDmGVHZqrx+8h6y9E1U6LQro6snCm8VIxxeDfo03S+2zXGKfu aTwR6rH6TuMWdsygAS96AYuxwdLNpDQyJnD6aB6tOGj3ahGKif+9huNX9DAxGJDRuiF1 y1Nf+JV+SDTOU4N6zVsYVwR/l9XVA/KiWMHrLiL5wybLO3JrxxNk0B4vy57gakPB8vQ9 x2hwMiPLxY0j3dmvSg1rnmcWlhgskA1Pch7/tnhvOIIu4kRGlwEwtLOz6WxrMPPvPxud pvRw==
X-Gm-Message-State: AKaTC02F7ljyVBbSdjyfeOBBXuNneGJntY0kl0NoRzIdhJTliv5y6xSMJLwam8tkMBCUEJG3LMZeYSV2noQMgw==
X-Received: by 10.176.1.9 with SMTP id 9mr81902982uak.112.1481655574573; Tue, 13 Dec 2016 10:59:34 -0800 (PST)
MIME-Version: 1.0
Received: by 10.103.126.10 with HTTP; Tue, 13 Dec 2016 10:59:34 -0800 (PST)
In-Reply-To: <CAP8yD=uGR0ptPX-RX_g_+-9-4pFnYBb6C3y+1Gv=s8MyhvRJsw@mail.gmail.com>
References: <CAP8yD=vEeoM=ZhF1gaNwkc+DEQcST7GjFbWWwwMiYTgxG7QyJg@mail.gmail.com> <CAP8yD=uGR0ptPX-RX_g_+-9-4pFnYBb6C3y+1Gv=s8MyhvRJsw@mail.gmail.com>
From: Allison Mankin <allison.mankin@gmail.com>
Date: Tue, 13 Dec 2016 13:59:34 -0500
Message-ID: <CAP8yD=vS3HhzUBErGeG664WD-Fwk8QwW2wzDxo-x=Rj4KqVO0A@mail.gmail.com>
To: "ietf-privacy@ietf.org" <ietf-privacy@ietf.org>
Content-Type: multipart/alternative; boundary=001a113de21433baa205438ed2d1
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf-privacy/RC82TEaAHMa6Zzn2zDsmWzcx1XY>
Cc: Sara Dickinson <sara@sinodun.com>
Subject: [ietf-privacy] Fwd: Call for Papers: NDSS Workshop on DNS Privacy
X-BeenThere: ietf-privacy@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Internet Privacy Discussion List <ietf-privacy.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf-privacy>, <mailto:ietf-privacy-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf-privacy/>
List-Post: <mailto:ietf-privacy@ietf.org>
List-Help: <mailto:ietf-privacy-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf-privacy>, <mailto:ietf-privacy-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 13 Dec 2016 18:59:38 -0000

​Dear
​IETF-privacy​
list,

Please consider submitting to the NDSS First Workshop on DNS Privacy
(DPRIV17)
​, as this topic arose from IETF efforts (see below).  ​


The call for papers is here:   DPRIV17
<https://www.internetsociety.org/events/ndss-symposium/ndss-symposium-2017/dns-privacy-workshop-2017-call-papers>.


Elevator pitch:  DNS queries and domain names are metadata and there are
many new directions (and open questions) for mitigating privacy issues for
them.

Location and Important dates:
Workshop Location: San Diego, CA, USA

Workshop date: 2017-02-26 (co-located with NDSS 2017)

Submissions: 2017-01-09 anywhere-on-earth

Final date for notifications and invitations to present at the workshop:
2017-02-03
Submissions may be new papers, papers already published, Short Papers, or
Position Papers.  Also, please contact the TPC chairs if you want to
suggest a panel.

Allison and Sara

------------
*Workshop on DNS Privacy DPRIV17 (#NoMoreCowbell)* BackgroundDNS Privacy
has been a growing concern of the IETF and others in the Internet
engineering community for the last few years.  Almost every activity on the
Internet starts with a DNS query (and often several).

   - Those queries can reveal not only what websites an individual visits
   but also metadata about other services such as the domains of email
   contacts or chat services.
   - Whilst the data in the DNS is public, individual DNS transactions made
   by an end user *should not* be public.
   - Today, however DNS queries are sent in *clear text* (using UDP or TCP)
   which means passive eavesdroppers can observe all the DNS lookups
   performed.
   - The DNS is a globally distributed system that crosses international
   boundaries and often uses servers in many different countries in order to
   provide resilience.
   - It is well known that the NSA used the MORECOWBELL tool to perform
   mass surveillance of DNS traffic, and other surveillance techniques
   involving DNS almost certainly are in play today.
   - Some ISPs embed user information (e.g. a user ID or MAC address)
   within DNS queries that go to the ISP’s resolver in order to provide
   services such as Parental Filtering. This allows for fingerprinting of
   individual users.
   - Some CDNs embed user information (e.g. client subnets) in queries from
   resolvers to authoritative servers (to geo-locate end users). This allows
   for correlation of queries to particular subnets.
   - Some ISPs log DNS queries at the resolver and share this information
   with third-parties in ways not known or obvious to end users.

The IETF's DPRIVE (*D*NS *PRIV*ate *E*xchange) Working Group has taken
initial protocol steps to address these concerns (with much of the early
work focussing on the stub to resolver problem), publishing DNS Privacy
Considerations (RFC 7626), Specification for DNS over Transport Layer
Security (RFC 7858), and The EDNS(0) Padding Option (RFC 7830), and DNS
Query Name Minimisation to Improve Privacy (RFC 7816). However because of
the great diversity of the DNS ecosystem, and the pervasive role of DNS and
domain names in Internet applications and security, much is not fully
understood or resolved.

The goal of this workshop is to bring together privacy and Internet
researchers with a diversity of backgrounds and views, to identify
promising long-term mitigations of the broad space of DNS privacy risks.