Re: [secdir] E2MD BOF

Samuel Weiler <weiler@watson.org> Fri, 19 March 2010 03:49 UTC

Return-Path: <weiler@watson.org>
X-Original-To: secdir@core3.amsl.com
Delivered-To: secdir@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 465D33A677C; Thu, 18 Mar 2010 20:49:02 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.793
X-Spam-Level:
X-Spam-Status: No, score=-1.793 tagged_above=-999 required=5 tests=[AWL=-0.324, BAYES_00=-2.599, DNS_FROM_OPENWHOIS=1.13]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id iSgqBZ7+E7w1; Thu, 18 Mar 2010 20:49:01 -0700 (PDT)
Received: from fledge.watson.org (fledge.watson.org [65.122.17.41]) by core3.amsl.com (Postfix) with ESMTP id 7D0103A6403; Thu, 18 Mar 2010 20:49:01 -0700 (PDT)
Received: from fledge.watson.org (localhost.watson.org [127.0.0.1]) by fledge.watson.org (8.14.3/8.14.3) with ESMTP id o2J3nB3Q026769; Thu, 18 Mar 2010 23:49:11 -0400 (EDT) (envelope-from weiler@watson.org)
Received: from localhost (weiler@localhost) by fledge.watson.org (8.14.3/8.14.3/Submit) with ESMTP id o2J3nBek026766; Thu, 18 Mar 2010 23:49:11 -0400 (EDT) (envelope-from weiler@watson.org)
X-Authentication-Warning: fledge.watson.org: weiler owned process doing -bs
Date: Thu, 18 Mar 2010 23:49:11 -0400 (EDT)
From: Samuel Weiler <weiler@watson.org>
To: Cullen Jennings <fluffy@cisco.com>
In-Reply-To: <ECABA224-C533-43A6-A888-C0F8097A145B@cisco.com>
Message-ID: <alpine.BSF.2.00.1003182344390.13633@fledge.watson.org>
References: <ECABA224-C533-43A6-A888-C0F8097A145B@cisco.com>
User-Agent: Alpine 2.00 (BSF 1167 2008-08-23)
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed
X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.2.3 (fledge.watson.org [127.0.0.1]); Thu, 18 Mar 2010 23:49:11 -0400 (EDT)
Cc: saag@ietf.org, secdir@ietf.org
Subject: Re: [secdir] E2MD BOF
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
Reply-To: secdir-secretary@mit.edu
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 19 Mar 2010 03:49:02 -0000

Cullen,

I suggest taking this question to the DNSEXT WG.  AFAIK, the DNSEXT 
agenda in Anaheim still has two minutes left open, which is about all 
the WG will tolerate of this.  :-)

-- Sam

On Wed, 17 Mar 2010, Cullen Jennings wrote:

> The E2MD BOF is wrestling with some complicated issues around 
> putting personal data about individuals in DNS (names, phones 
> numbers etc). They are considering various approaches to constrain 
> access to the private data. The leading contender as far as I can 
> tell is to only run the DNS with the private data in a walled garden 
> and make sure no one that should not see the data can query a server 
> in the walled garden. One or two people have mentioned you might 
> want to encrypt the private data and control access to the keys but 
> that idea has not received much discussion. It seems to me like a 
> possibility worth exploring a little.
>
> If anyone is interested or has spend time thinking about privacy of 
> data in DNS, input from folks on this list would be valuable and I 
> hope at least a few security folks can show up at the BOF.
>
> Thanks, Cullen
>
> Mailing list archive at http://www.ietf.org/mail-archive/web/e2md/index.html