Re: [Medup] GNU Name System draft
Paul Wouters <paul@nohats.ca> Tue, 28 July 2020 02:34 UTC
Return-Path: <paul@nohats.ca>
X-Original-To: medup@ietfa.amsl.com
Delivered-To: medup@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EE8533A0AFD for <medup@ietfa.amsl.com>; Mon, 27 Jul 2020 19:34:35 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=nohats.ca
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2wabc9L6utDX for <medup@ietfa.amsl.com>; Mon, 27 Jul 2020 19:34:34 -0700 (PDT)
Received: from mx.nohats.ca (mx.nohats.ca [IPv6:2a03:6000:1004:1::68]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AB09F3A0AF5 for <medup@ietf.org>; Mon, 27 Jul 2020 19:34:33 -0700 (PDT)
Received: from localhost (localhost [IPv6:::1]) by mx.nohats.ca (Postfix) with ESMTP id 4BG13C5Z90z21f; Tue, 28 Jul 2020 04:34:31 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nohats.ca; s=default; t=1595903671; bh=D9FAA3G6Jf9zoS2BHFD+hhE1LiFjP+5GnHd0mJ7FdpM=; h=Date:From:To:cc:Subject:In-Reply-To:References; b=CWPe6DKSPjWo0gKGTLARXXxVL9mStLvFEZxmOKnYqLQQ1B1gC5lnvqtfMbz8GsQiS o4+nTImb9SwyZ2hbyiwtg3Q6Xx4iYbxB9EdUknyoG9aEUzu4AmVSyYST/SaqrrgTxM IQUIyCe9J+ItdTjjUzRw1eWmzRHsY2DrWq6p2rdI=
X-Virus-Scanned: amavisd-new at mx.nohats.ca
Received: from mx.nohats.ca ([IPv6:::1]) by localhost (mx.nohats.ca [IPv6:::1]) (amavisd-new, port 10024) with ESMTP id H2HbchTxzgDT; Tue, 28 Jul 2020 04:34:30 +0200 (CEST)
Received: from bofh.nohats.ca (unknown [193.110.157.194]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx.nohats.ca (Postfix) with ESMTPS; Tue, 28 Jul 2020 04:34:29 +0200 (CEST)
Received: by bofh.nohats.ca (Postfix, from userid 1000) id 81EE06029BA5; Mon, 27 Jul 2020 22:34:28 -0400 (EDT)
Received: from localhost (localhost [127.0.0.1]) by bofh.nohats.ca (Postfix) with ESMTP id 799BC82C94; Mon, 27 Jul 2020 22:34:28 -0400 (EDT)
Date: Mon, 27 Jul 2020 22:34:27 -0400
From: Paul Wouters <paul@nohats.ca>
To: Christian Grothoff <grothoff@gnunet.org>
cc: medup@ietf.org
In-Reply-To: <2cc40030-971b-b581-0513-5725ebbd124b@gnunet.org>
Message-ID: <alpine.LRH.2.23.451.2007272209330.338886@bofh.nohats.ca>
References: <2eb43a08-e087-2322-ec51-181d1ea5f13d@gnunet.org> <2cc40030-971b-b581-0513-5725ebbd124b@gnunet.org>
MIME-Version: 1.0
Content-Type: text/plain; charset="US-ASCII"; format="flowed"
Archived-At: <https://mailarchive.ietf.org/arch/msg/medup/aq3Xg8oTA-kCtegPygv3dejYmjQ>
Subject: Re: [Medup] GNU Name System draft
X-BeenThere: medup@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Missing Elements for Decentralized and Usable Privacy <medup.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/medup>, <mailto:medup-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/medup/>
List-Post: <mailto:medup@ietf.org>
List-Help: <mailto:medup-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/medup>, <mailto:medup-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 28 Jul 2020 02:34:36 -0000
On Mon, 27 Jul 2020, Christian Grothoff wrote: > Eh, it is of course ITEF 108. Sorry for the bad link... > https://datatracker.ietf.org/meeting/108/session/secdispatch > > On 7/27/20 2:44 PM, Christian Grothoff wrote: >> Dear all, >> >> We'll be presenting our draft on the GNU Name System >> (https://tools.ietf.org/id/draft-schanzen-gns-01.html) >> at IETF 101 SECDISPATCH >> (https://datatracker.ietf.org/doc/agenda-101-secdispatch/). >> >> GNS might be a topic for MEDUP, so please join the discussion! I read the draft. I am confused about a few aspects. The first is similar to other schemes suggested that replace the central authority with proof of ownership of a private key. If the private key is lost or compromised, the entire GNS name is at risk of being lost or taken over. Similarly, if a court would rule the transfer of a GNS name (say from a rogue sysadmin of the company) than there is no entity that can execute this. For namespaces that might have millions of dollars of value behind it, that is really a no starter. Image that someone at Coca Cola screws up and now no one controls cocacola.com anymore and it is dead. In this case, I also did not quite understand how a change of crypto by GNS apparently creates a new namespace with a fresh new "first come, first serve" run ? That is, a lot of this ends up depending not on a specification published by an RFC, but by GNS clients that either implement a GNS variant or not. This typically leads to newer variants being impossible to launch. We had this problem ourselves with DNS itself with the IN CLASS. I'm also not sure how the mapping works between a memorable name in the new namespace and the conversion internally to a name that contains the public key representation. I also feel there is a fake TLD lookup involved somewhere to map the name onto GNS instead of DNS, so that would be an entire other problem that has sadly been discussed many times before without a resolution by the IETF or ICANN. I think the document could be be improved by giving an overview of the entire mechanism before going into the packet formats and record formats. I also found the illustrations a bit confusing, as they did not use the regular IETF notation. The introduction also sounded a bit political under the guise of technical arguments. It suggests DNS can be taken over by a nation state. That the "global availability" or "integrity" can be attacked. These are are weak argumens that seem meant to obfuscate that the real goal is privacy and censorship resistance. DNSSEC already provides integrity. DoT and DoH are about to add some privacy to DNS, although streams of queries could still lead to identifcation of source and data. DNS via DoH is working on censorship resistance. This leads me personally to not be very convinced of the added value here. There are also disadvantages for using a non-DNS system for naming to avoid state censorship. Once you install such a system as GNS, you can no longer claim you were never trying to circumvent the censors. Using GNS could simply become a crime. Having a DoT/DoH stock and standard DNS implementation that _can_ be used for circumvention would not have this issue. Then there is the issue of creating a new namespace. When ICANN did this, it created a lot of problems. Such as people feeling forced to register their name/trademark in the new space or else weaken their trademark. Lastly, why go through this much effort for making only a name space censorship resistant? Why not just all the traffic? Eg what does this add to something like tor? So, all in all, I'm not very convinced this specification, or any other "decentralized" naming system, will solve any realworld problem. Paul
- [Medup] GNU Name System draft Christian Grothoff
- Re: [Medup] GNU Name System draft Christian Grothoff
- Re: [Medup] GNU Name System draft Paul Wouters
- Re: [Medup] GNU Name System draft Christian Grothoff