[secdir] Secdir review of draft-ietf-dprive-padding-policy-04

Charlie Kaufman <charliekaufman@outlook.com> Sun, 01 April 2018 03:59 UTC

Return-Path: <charliekaufman@outlook.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 70FD8126CF6; Sat, 31 Mar 2018 20:59:49 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.701
X-Spam-Level:
X-Spam-Status: No, score=0.701 tagged_above=-999 required=5 tests=[BAYES_50=0.8, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, T_KAM_HTML_FONT_INVALID=0.01, T_RP_MATCHES_RCVD=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=outlook.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id lTdob7S1puv3; Sat, 31 Mar 2018 20:59:47 -0700 (PDT)
Received: from NAM02-BL2-obe.outbound.protection.outlook.com (mail-oln040092003065.outbound.protection.outlook.com [40.92.3.65]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 02C541205F0; Sat, 31 Mar 2018 20:59:43 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=outlook.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=nLB1MmPb53NC+otEioVDw1suIqdz6KCS0GcssjIzgCQ=; b=enxKHuUFlTUPhV2wulYG+0PkY6+ZpSEbMwuIWJciNDCIAVeLwg0Y3WyLL3SvGbrURXGyd4hYkYWb9zmmi69WfhHRNMrI8Rdc23UDcdG3Fh2aYg3MMBH8MnwacbEL3gKa0GNFVcuhFQE1RmkVj5VwJFRKIDyJouyT0Ut+inWb26lZN4CkQ8Bl9pwHGThlSLVPuRBw79tEnAHMivIpRnRJS+PxK5qbKiL89yZ9uEpacOD3BqlSJi7V7XFjoTZZgq431hX7bFQdu+OE6hiVYBtUDrTCw22smymWgULTQuNqcTmPI/rCM++tWR4RD7poVWBhT3xuFd4Eq4c5N7WjJFsP7Q==
Received: from BL2NAM02FT019.eop-nam02.prod.protection.outlook.com (10.152.76.60) by BL2NAM02HT029.eop-nam02.prod.protection.outlook.com (10.152.77.4) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384) id 15.20.631.7; Sun, 1 Apr 2018 03:59:42 +0000
Received: from CY4PR04MB1031.namprd04.prod.outlook.com (10.152.76.59) by BL2NAM02FT019.mail.protection.outlook.com (10.152.77.166) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.20.631.7 via Frontend Transport; Sun, 1 Apr 2018 03:59:42 +0000
Received: from CY4PR04MB1031.namprd04.prod.outlook.com ([10.171.244.153]) by CY4PR04MB1031.namprd04.prod.outlook.com ([10.171.244.153]) with mapi id 15.20.0631.013; Sun, 1 Apr 2018 03:59:42 +0000
From: Charlie Kaufman <charliekaufman@outlook.com>
To: "secdir@ietf.org" <secdir@ietf.org>, "iesg@ietf.org" <iesg@ietf.org>, "draft-ietf-dprive-padding-policy.all@ietf.org" <draft-ietf-dprive-padding-policy.all@ietf.org>
Thread-Topic: Secdir review of draft-ietf-dprive-padding-policy-04
Thread-Index: AQHTyW2atG5TU0ZcWUyBj0lqmSqtEg==
Date: Sun, 1 Apr 2018 03:59:42 +0000
Message-ID: <CY4PR04MB1031F3BE1AF7A66E5DCA0AF3DFA70@CY4PR04MB1031.namprd04.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-incomingtopheadermarker: OriginalChecksum:1C57B031070C7B336772122C867197F8BA9DA357685F2912796B0FDAFD7B311F; UpperCasedChecksum:916AB289147DB3B16841E2095761227FC2A6EB87AF5D40771E610B1026D88A0A; SizeAsReceived:7097; Count:43
x-tmn: [Xi0uWE+ZrssDFpxw4frdD7yxvEcVMo+bM7IfoWlpgKpoGn8gqAV7qF9hjwlpuT0k]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; BL2NAM02HT029; 7:ZygblvUppfck05KJbUKvtZQWF9PvxlLi4l5nfLMjcIIrhHTkDnY7qnd9POB2A7lyBsV4HEPAS/2nH15yHvpdgDdz2VZ+CUEc/9WlUXgoW5cKZ8TkpDAvmrUnbbThQmg4ikt69R54eJC6rLhPJjPA+H8TPH5yIeMDSC5ARbMh4Aaxd//Yjk+qN4ILlhgd/hAAgZAT5+iLJRz4bvU4fQ86a6l5vFYy62cBK7I7780Qw6/25SfArioBpzon3K1iW/ta
x-incomingheadercount: 43
x-eopattributedmessage: 0
x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(7020095)(201702061078)(5061506573)(5061507331)(1603103135)(2017031320274)(2017031324274)(2017031323274)(2017031322404)(1601125374)(1603101448)(1701031045); SRVR:BL2NAM02HT029;
x-ms-traffictypediagnostic: BL2NAM02HT029:
x-ms-office365-filtering-correlation-id: 45a35235-474f-4750-2226-08d59784ffae
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(444000031); SRVR:BL2NAM02HT029; BCL:0; PCL:0; RULEID:; SRVR:BL2NAM02HT029;
x-forefront-prvs: 06290ECA9D
x-forefront-antispam-report: SFV:NSPM; SFS:(7070007)(98901004); DIR:OUT; SFP:1901; SCL:1; SRVR:BL2NAM02HT029; H:CY4PR04MB1031.namprd04.prod.outlook.com; FPR:; SPF:None; LANG:;
x-microsoft-antispam-message-info: ohRnSppEtJSNrH7fwHgWfn0Jolk/gH19Ag1OD+WsmAwdwQnwc7FkhF9nZoER+noBD2ns3l5lt8yFMLvDYjIsvKEuIJc+C11fjK7p0kbINoQpgg2aH+vbKQ9WF0cO1CytLPllktIk+6SVEITxE1shsZS4cGUp2RG+TWjcFDgeV+qtwn16J2/ba0C2KI1Hwy59
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: multipart/alternative; boundary="_000_CY4PR04MB1031F3BE1AF7A66E5DCA0AF3DFA70CY4PR04MB1031namp_"
MIME-Version: 1.0
X-OriginatorOrg: outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 45a35235-474f-4750-2226-08d59784ffae
X-MS-Exchange-CrossTenant-originalarrivaltime: 01 Apr 2018 03:59:42.2981 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Internet
X-MS-Exchange-CrossTenant-id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BL2NAM02HT029
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/_c1U_gV1ncSEIlBOZtJ-NCKiJfU>
Subject: [secdir] Secdir review of draft-ietf-dprive-padding-policy-04
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 01 Apr 2018 03:59:49 -0000

I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG.  These comments were written primarily for the benefit of the security area directors.  Document editors and WG chairs should treat these comments just like any other last call comments.


Summary: Ready to advance to Experimental if typos are fixed unless someone wants to quibble with the details of the algorithm. The proposed algorithm has an empirical study to back it up.


This document proposes a padding policy for encrypted DNS requests designed to make such requests less susceptible to traffic analysis based on packet length. RFC7830 specifies extension mechanisms to DNS to allow optional padding but makes no recommendations concerning how much padding to use. While no agreement is necessary to assure interoperability between the two ends of a connection, this document gives operational guidance to implementers of reasonable policies to apply.


There is a complex tradeoff between the privacy benefits of large amounts of padding vs. the performance benefits of minimal padding, so there can be no one "optimal" scheme. This document does a good job of enumerating the important considerations for an implementer and the recommended strategy is (in my opinion) a reasonable one for most scenarios. I believe, however, that no padding (listed in Appendix A as a Non-sensible Padding Policy) may be sensible in certain situations where performance is at a premium, and that servers should take their cues from clients and omit padding in a response if the client has omitted it in the request.


I disagree with the "disadvantage" listed in section 4.3 that generating a pseudo-random byte per packet sent could be a "hindrance" on servers. High quality randomness is not needed (e.g., ARC4 would work just fine), and so I would favor a scheme like the one listed in section 4.4. But I don't believe the document should be held up to debate this. If anything, publishing this document would get more people thinking about the problem and perhaps find a reason to revise it later.


Typos:

Page 4: "pading" -> "padding"
Page 5: "(pseudo) which" -> "(pseudo) random values which"
Page 5: "transction" -> "transaction"
Page 6: "does apply only" -> "applies only"
Page 5: "inffective" -> "ineffective"

 --Charlie