[secdir] Security review of draft-ietf-dprive-dtls-and-tls-profiles-09
Ben Laurie <benl@google.com> Thu, 04 May 2017 11:12 UTC
Return-Path: <benl@google.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3C96F12EA7F for <secdir@ietfa.amsl.com>; Thu, 4 May 2017 04:12:08 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.698
X-Spam-Level:
X-Spam-Status: No, score=0.698 tagged_above=-999 required=5 tests=[BAYES_50=0.8, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=google.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id S0jxGYjcEOcH for <secdir@ietfa.amsl.com>; Thu, 4 May 2017 04:12:07 -0700 (PDT)
Received: from mail-vk0-x229.google.com (mail-vk0-x229.google.com [IPv6:2607:f8b0:400c:c05::229]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 49E8A12EA56 for <secdir@ietf.org>; Thu, 4 May 2017 04:12:01 -0700 (PDT)
Received: by mail-vk0-x229.google.com with SMTP id y190so5192406vkc.1 for <secdir@ietf.org>; Thu, 04 May 2017 04:12:01 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:from:date:message-id:subject:to; bh=yKl2JcjKMnF7ZcO6iG5vHE6B6vvo9oSMWGvAPrQs5ZA=; b=C7ANdOdZBJ202oVutfxJwnS3VL8fRrfLuYhzfGT5Geh4W+lL8x3ygWKWP1vjq3lHvI 1fHjKY1mLV8NXwRTkWT1CdSPPDY1ANc2KV5oo0BzZP1lq5w1muKVTFX18iogvymYKMVm QasVrDQ2+6O/L0neyPM2iJOyFlM8YM+NE2U56EaT5TyGQPOlEfkCbEUQo3pAz1YfxJNG Q7Fy6IZ2JXeMrW8b9y11a9TD39EAeCjIjCyLE4l5hWCZNDVgQpuFL3hGebCuJTgnv8Sf tNiBCyw/TwQo54iI1raO+XvwhXDidF5h3tNZKG5ggDGtU1GXAQnG0tYf73+0KExpksLU 5E8w==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=yKl2JcjKMnF7ZcO6iG5vHE6B6vvo9oSMWGvAPrQs5ZA=; b=Y4bALc4NFZ+irxWWOwEB+SuDHjCdzZmfq7Z66QlVmNMFUlFDPjMSGjuUsow6Fpi63+ oY8CVHnTasar1mZN2QuFxpVtXZ4opKzmhIDYFDIvvoLrsWKItduHfq7Iwo5q3YZUetOW QiMILwjj76gUd/x/JnQ607ciYXI40pEMx/WXdVOyMHP+Ybx2deATzATaelAmaQI4UOJ1 1LA9b1oUUAF1HksNCxechYdXoyXqBxde3qmr2GClnTfwSXQIffIXy3oZstvxTzUYLpFp zReigZTAAobo4sFMmX8C4EmCfUecFeZ7C38UIWLxI1KT27O+X6ZCgSXM2++OECsijO/A KYuQ==
X-Gm-Message-State: AN3rC/5GHgn0Eyqr2Azzpbc/jUUk7SbmZW4XUT1rmNTK1x+qauideVxj GoYce28BXlCo++N92KzF6bHGimrDsHncrZFUDw==
X-Received: by 10.31.79.66 with SMTP id d63mr5409786vkb.117.1493896320188; Thu, 04 May 2017 04:12:00 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.31.170.150 with HTTP; Thu, 4 May 2017 04:11:59 -0700 (PDT)
From: Ben Laurie <benl@google.com>
Date: Thu, 04 May 2017 12:11:59 +0100
Message-ID: <CABrd9SQhAwDHXs86pOgFUdKagEEe7DC0YJ6UnZNgFv95bWAD6A@mail.gmail.com>
To: The IESG <iesg@ietf.org>, "secdir@ietf.org" <secdir@ietf.org>, draft-ietf-dprive-dtls-and-tls-profiles.all@ietf.org
Content-Type: text/plain; charset="UTF-8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/PmMt88oDaErD_PZW3JqdXJ4OFTE>
Subject: [secdir] Security review of draft-ietf-dprive-dtls-and-tls-profiles-09
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 04 May 2017 11:12:08 -0000
I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments. Status: not ready. I am a little puzzled by this I-D. The title is "Authentication and (D)TLS Profile for DNS-over-(D)TLS" and the intro says it specifies profiles which "which define the security properties a user should expect when using that profile to connect to the available DNS servers", however, as far as I can see, no properties other than server authentication are defined. The document also appears to claim that a connection that is authenticated and encrypted is "private" - that seems to stretch the meaning of "private" quite considerably. Other considerations surely exist, such as resistance against traffic analysis, key sizes, algorithm choice. As a result, claims like "Strict Privacy provides the strongest privacy guarantees" are just plain wrong. Given these large holes in scope, I have not attempted a more detailed analysis.
- [secdir] Security review of draft-ietf-dprive-dtl… Ben Laurie
- Re: [secdir] Security review of draft-ietf-dprive… Sara Dickinson
- Re: [secdir] Security review of draft-ietf-dprive… Ben Laurie