IETF Logo Mail Archive

Re: [Secdispatch] GNU Name System

Francesca Palombini <francesca.palombini@ericsson.com> Thu, 30 July 2020 09:24 UTC

Return-Path: <francesca.palombini@ericsson.com>
X-Original-To: secdispatch@ietfa.amsl.com
Delivered-To: secdispatch@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DFE113A0FF2; Thu, 30 Jul 2020 02:24:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.102
X-Spam-Level:
X-Spam-Status: No, score=-2.102 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ericsson.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jl36u-rSZ1E1; Thu, 30 Jul 2020 02:24:31 -0700 (PDT)
Received: from EUR03-VE1-obe.outbound.protection.outlook.com (mail-eopbgr50075.outbound.protection.outlook.com [40.107.5.75]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 294603A0AE6; Thu, 30 Jul 2020 02:24:29 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=ag7viVswM0RbSaIp13skLCv52hRlTDJoVugLQ67ejy4DvnDcRTlVRissT8Tt9DTQpiI184eplgAxPEqxbw3V3AGX99SpElTda6OLPnL+82PMu0HvsIWksQis9eSPEVIXnY5UAbM6Ez6fB7ffv9kyjGqsBV61GIqqZuQpwNQdEDnvhOkDnRw0MWEbkMOxRZsdiTX06hfM3CxlTl5cl+WvIhYnk9GOWd8iqcfBy6IYFdhTrEgd9QqwOa9dYXicMtu15IWxDrOmIon2n0dOAlRLpxPcV28V0BF0gqpQxRYmMos4cRACVXNALMIc/fGlh7o8nKuUjUQ54ZBJOnQ9lL0KCg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=0Dm5qqmQGchfrGXj0lU5x9jcN+1IArmHxGBD0apcltE=; b=NnfBQyCgranbP8wBWen2eyYK+MLPPtgDUi7qmSMGfFCrh5zXcBfgxT2MgnuTOCOPhcyI3GxpjRvp4qOZtxf9cfEN5oCHtJP+IuaDE/36KhsO/S46AQqH8M1An1GsGzGt7W3qcNUFvl6YGP4csBasVUTvPmqlvKNjb58PjRByHyzAZ5HI06lvKCq9bGj+Rr5+RuNc93eSsH/oHR5vGWNoJokB6RdsVWnLtY+1xqjuo2odQB0/tnMxiOFTLeRwmexiY8YaFqpCS5Oz5PdJNFxFwtmYXpoSOtrNOx0Kn4o6ehyHHklGd87Qq05AcLQDtef3GLSp0O3pCaXcWCFnzrDApw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ericsson.com; dmarc=pass action=none header.from=ericsson.com; dkim=pass header.d=ericsson.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericsson.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=0Dm5qqmQGchfrGXj0lU5x9jcN+1IArmHxGBD0apcltE=; b=IoqPagnZP7E5xwy1b8CZOAgDNR6IBFLTeTh19w5Kwj23ti1B3BQOBsiVWlvO71BLjUN/dsb/RMkjFVZCKL2DSD+IcHDUTLWMA9yfOvfT5N/p5xlcqZvmpvpCftIyTM+p02Vubvzy04/YQhsDNN/xU8shFa6aBJae5lUQ3MOtbvA=
Received: from HE1PR0702MB3818.eurprd07.prod.outlook.com (2603:10a6:7:8c::18) by HE1PR07MB3196.eurprd07.prod.outlook.com (2603:10a6:7:2e::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3239.12; Thu, 30 Jul 2020 09:24:22 +0000
Received: from HE1PR0702MB3818.eurprd07.prod.outlook.com ([fe80::a1fa:7949:3b5:b72f]) by HE1PR0702MB3818.eurprd07.prod.outlook.com ([fe80::a1fa:7949:3b5:b72f%7]) with mapi id 15.20.3239.017; Thu, 30 Jul 2020 09:24:22 +0000
From: Francesca Palombini <francesca.palombini@ericsson.com>
To: Jon Callas <jon@callas.org>, "secdispatch@ietf.org" <secdispatch@ietf.org>, "draft-schanzen-gns@ietf.org" <draft-schanzen-gns@ietf.org>
Thread-Topic: [Secdispatch] GNU Name System
Thread-Index: AQHWX6njABA4iPTbNkynRAtKC7sfXKkV75oAgAoZAQA=
Date: Thu, 30 Jul 2020 09:24:21 +0000
Message-ID: <B4F1F19E-90D0-465B-839F-DDCA8F413CB6@ericsson.com>
References: <31625.1595368614@localhost> <707BC467-05E0-43C9-AF86-AE741E4E26FD@callas.org>
In-Reply-To: <707BC467-05E0-43C9-AF86-AE741E4E26FD@callas.org>
Accept-Language: en-GB, en-US
Content-Language: en-GB
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/16.39.20071300
authentication-results: callas.org; dkim=none (message not signed) header.d=none;callas.org; dmarc=none action=none header.from=ericsson.com;
x-originating-ip: [79.12.182.121]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: d2048fe5-0c65-4df2-e1dc-08d8346a587f
x-ms-traffictypediagnostic: HE1PR07MB3196:
x-microsoft-antispam-prvs: <HE1PR07MB31963D443973F4D8D1C1709098710@HE1PR07MB3196.eurprd07.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: b3Ko03HWKvO188UCCa3poW9KXgbVLGTEa+drT0EX6W3oI9SezDiNqiYpnIJvPaLKnW+b3MjXlioiXMQs/ew7w+QIBu+lrbcBDS1B/xzy9R5KPjDn9xU67gZrAdEJNBqf7GKXUKfUxfAQbEZ2zeZcW5XGgKi7crLHIfFQw5EVtRbkJ3ITfwyDJ+zuEldmL1ZWjlXtS0RkRYMxHmxsTm9vH53WWArxZOxWDiwkGw1CV1citn/TwghlKYAnyMxuUvfG9OkojunoeJ2ko7fo3fyNhcWqDLaPUwhxIS0mY1sKrW2Y1n2yT4rP3MfAMiq7pC86IOjsG4UdSWB3kByDSCxgOmyugUfKJa5U7z11NQ01+z3StmUXQ/zxyqazmhNSIFl5kvgxO7yreZm59hhgAszAnw==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:HE1PR0702MB3818.eurprd07.prod.outlook.com; PTR:; CAT:NONE; SFTY:; SFS:(4636009)(376002)(346002)(39860400002)(136003)(396003)(366004)(478600001)(5660300002)(66946007)(44832011)(66556008)(66446008)(66476007)(64756008)(76116006)(91956017)(33656002)(966005)(71200400001)(2616005)(6512007)(6486002)(316002)(83380400001)(86362001)(110136005)(8676002)(66574015)(2906002)(186003)(6506007)(26005)(8936002)(36756003); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata: ygWUA3j1UPRb1isDwtGBnCpM8BDyJ4ZsMI0r2EUlx/zH/64tiIBXxmvyMhr/ncVuLUBGkdNd3cR2UGege1CLNQa8BFlBL0AEK7ixptjZfTmXmv2ZE7Fs7w1niLZZoZWyO9oGEaHX/jgxbJFfABHB0PaR75VlIS9gkF77hX39+j8agvWFMAQ9U9ABkRazvjZgo4OycSOAT2c0WrshnhVI0Lio8uF7qTaw9YA7hS99kscct9yh5ggPjlJX0xBJbmOlmt/q9eNUtfbftziwSYkDzc+iBuEMUAPU/bxTUgo+Adb6MBw/rjrGyIOsc189JBSuEHTMS3a1c2eC3dDAxBZKHPnCr6fPGVC+Y82MxH1eNLSfxOZoVSgDfbtRf/erOdQgK4V9fmhKiDSUyxg/54jWCd+6BEIDaQAZYrV7VbKUvUoztB4T4Z6EUXNI/L6cXFJWOQ613tvSBPNXng/M0kFTMsu9cBG0mfPFWr0s8MB2Mv+Ur4Yk/cUPdEltD7QMJEEcx7lz2PwZx+MmEtT4qneY6Ah7YuH8j4YMv+l1KtfwJv59Es/5qN7mOML/R6McPJ7n+sBqvYsx7Mo0kzN1EN67BRU2xH+wmC2sGF/drsvAQY6XQcKeeoh6oRCSA7nsqhBMkLsCIr+l7cRsOiEQ5qm00A==
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="utf-8"
Content-ID: <E0CBB8755B1B4C4D9619B15ED2C32F79@eurprd07.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: ericsson.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: HE1PR0702MB3818.eurprd07.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: d2048fe5-0c65-4df2-e1dc-08d8346a587f
X-MS-Exchange-CrossTenant-originalarrivaltime: 30 Jul 2020 09:24:22.0983 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: hlQRBYn7OUThzMc+vOSFbt08upKghx28EPusV7st41icNb38jKPKJH0ZVeF2W6XUfdWaFygfEQ17YJmu2kVUloU3BmwO+PHRcqqMHo/Xf0+nCLVEwmFyHIcgGUGdlSEC
X-MS-Exchange-Transport-CrossTenantHeadersStamped: HE1PR07MB3196
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdispatch/GgYowUHJhXtYkzQMBYHxC2PPr1I>
Subject: Re: [Secdispatch] GNU Name System
X-BeenThere: secdispatch@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Dispatch <secdispatch.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdispatch>, <mailto:secdispatch-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdispatch/>
List-Post: <mailto:secdispatch@ietf.org>
List-Help: <mailto:secdispatch-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdispatch>, <mailto:secdispatch-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 30 Jul 2020 09:24:33 -0000

Hi Jon,

Just to touch on the last part of your mail, the objective stated in the agenda (which I drafted): that is meant to be the objective that presenters shared with us chairs, to start  the dispatching discussion on what their preferred output would be, if they come with a proposal. By no mean that presupposes the decision that the draft is to be in the IETF. 

Thank you for your feedback, and especially for the one to the point of the potential track and dispatching question. 
Francesca

On 24/07/2020, 03:12, "Secdispatch on behalf of Jon Callas" <secdispatch-bounces@ietf.org on behalf of jon@callas.org> wrote:

    I've also read through the GNS draft and have some comments:

    * Like Michael Richardson, I have a great love for SDSI and love to see it used. I think there's a large discussion we should have about what the use cases can and should be. Alternate roots etc. are an issue, but I'm not sure it would be so bad to be able to say "ICANN's ietf.org" other than that it implies there could be someone else's "ietf.org" and that this is obviously problematic, particularly in how it would enable things like phishing. I take the opposite take on user experience. Protocol documents shouldn't be talking UX. Anyway, I think there's a discussion point as to whether this is a good idea. As much as I would like to be able to say "the media server I have at home" (for a number of reasons, not the least of which that that implies I'm not at home"), it's not clear this is really a good idea in the general case. My security auditor's mind is having a field day in thinking of cool (meaning confusing or malicious) ways to use this. Yet, I think it's a discussion point.

    * If this gets put into a working group, I think it needs an IETF name for it, not GNS and not something that contains "GNU." Other standards have had their institutional links filed off; SSL became TLS, SSH became SECSH. Notably, OpenPGP did not, and I think that this was unfortunate. Despite all good intentions at the time, it's created confusion, and I say that as an RFC editor and as an implementer. There's nothing wrong with GNUnet's GNS being a reference implementation of <protocol>, and my advice to both the IETF and the GNS people, you'll be happier if you change the protocol name.

    * There are a number of eccentric things in the protocol now. I don't mean that as a pejorative -- there are lots of eccentric things I like, SDSI, for example. I also like CFB mode as well as Twofish. Why, though, are they here? Are the design decisions leading to these? There's not a lot in the draft about these decisions. In general, it's better to stick to the well-trodden paths, to pick algorithms, modes, etc. that are in common use. In specific there are often reasons to do something on its own; I can see that a naming system might have reasons for going its own way. We just need a discussion of them. New code, new algorithms mean new bugs. If you can write about these decisions, "Most people do X, we are doing Y, because Z" that helps understand why the decisions are there. Some can be guessed -- CFB means no CBC padding, and no keying issues of a stream cipher like CTR mode. Tell us, though. I also really want to see what's going on and why with the record data encryption ini
      4.3. 

    * There are a number of other features in this that are interestingly eccentric, but leave me with a raised eyebrow. For example, a resource record for a VPN. That's interesting, but why? Zone revocation with proof-of-work -- why, as time and time again proof-of-work proves not to work? (I refer also to section 9.5 where you recommend pre-generating proofs of work. Where should these be stored, how should they be protected?) 

    * The Security considerations need more work. 9.1 discusses the ECDSA decision, but not other crypto considerations. It refers us to the relevant papers without really saying more.  

    9.2 points out that unrestricted Unicode names can lead to phishing, but says nothing more than, "zone administrators must take into account this attack vector and incorporate rules in order to mitigate it." That's not helpful. Or perhaps, 'this enables phishing, and it's your problem not ours, and we're not going to tell you what to do' is the actual security consideration. The second paragraph essentially says that protocol prevents taking down phishing site because authoritarian governments are bad. Um, okay.

    9.3 is also pretty scary, a direct quote (and not my paraphrase) is: "Zone administrators, and for GNS this includes end-users, are required to responsibly and dilligently [sic] protect their cryptographic keys." That's a pretty big security consideration that everyone has to do their own key management and get it 100% right.

    I do have a question -- what happens if the keys are lost? Does this mean the domain is essentially gone forever? I can't quite tell.

    9.4 says that we need to pick the right DHT, if we pick the wrong one bad stuff will happen, and if we pick different ones interoperability is "unlikely."

    I don't have further things to say about revocations, except that it's tetchy and brittle, by design.

    All in all, the security considerations don't leave me thinking this is anything like a safe protocol.

    * Despite all my comments above, I think that there's something interesting in the protocol and the issues can be fixed. Nonetheless, this is being positioned as an Informational RFC and I think that's a bad idea. This should either be standards track or continue to be off on its own and not part of the IETF.

    The major risk is that this is an alternative to DNS that could lead to fragmentation of the most basic service on the Internet, naming. Yet it requires everyone to do key management perfectly and optimizes against easy management through proof of work and so on. I know I've done silly things managing my own DNS, and it seems that I'd be unhappily doing proof-of-work to undo every typo.

    There are exciting ideas here. I believe that many of the issues I've brought up have relatively simple solutions. I also believe that it's no where near ready to deploy or standardize in the IETF. An informational RFC is not a good idea; this is too big and too experimental for that. While we in the IETF understand the difference, most people think and RFC is an RFC is an RFC is an RFC. The belief is that informational RFCs are standards. (Again, I am a sinner here, too. I have at times gotten tired of saying "informational" when someone incorrectly says "standard" and just let them go on.)

    The agenda for Secdispatch says simply that this item is, "objective: find a home at IETF" which seems to be presupposing that the decision is not if it should be in some working group, but which one. I think it's premature for that. Much more work needs to be done.

    	Jon


    _______________________________________________
    Secdispatch mailing list
    Secdispatch@ietf.org
    https://www.ietf.org/mailman/listinfo/secdispatch

v2.23.0 | Report a Bug | By Email