IETF Logo Mail Archive

Re: [TLS] Two Multi-CDN proposals

Stephen Farrell <stephen.farrell@cs.tcd.ie> Fri, 01 March 2019 23:52 UTC

Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 432CB12D7EA for <tls@ietfa.amsl.com>; Fri, 1 Mar 2019 15:52:42 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.3
X-Spam-Level:
X-Spam-Status: No, score=-4.3 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cs.tcd.ie
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 11J1VMNz5mb4 for <tls@ietfa.amsl.com>; Fri, 1 Mar 2019 15:52:38 -0800 (PST)
Received: from mercury.scss.tcd.ie (mercury.scss.tcd.ie [134.226.56.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B13BF12F1A2 for <tls@ietf.org>; Fri, 1 Mar 2019 15:52:37 -0800 (PST)
Received: from localhost (localhost [127.0.0.1]) by mercury.scss.tcd.ie (Postfix) with ESMTP id 8328DBE64; Fri, 1 Mar 2019 23:52:35 +0000 (GMT)
X-Virus-Scanned: Debian amavisd-new at scss.tcd.ie
Received: from mercury.scss.tcd.ie ([127.0.0.1]) by localhost (mercury.scss.tcd.ie [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id FZ4vSWxUq3G1; Fri, 1 Mar 2019 23:52:33 +0000 (GMT)
Received: from [10.244.2.138] (95-45-153-252-dynamic.agg2.phb.bdt-fng.eircom.net [95.45.153.252]) by mercury.scss.tcd.ie (Postfix) with ESMTPSA id 1D77CBE5B; Fri, 1 Mar 2019 23:52:33 +0000 (GMT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cs.tcd.ie; s=mail; t=1551484353; bh=UWoq+eRKFFdsNgWk5XOZnhmVDjD8L2+/sydBI4JN3eg=; h=To:Cc:References:From:Subject:Date:In-Reply-To:From; b=VZu1bDLoaj3ZFojnyND53x1QsPQz9NM7evCOYPgolJmgs47/+ubBktbXDGK6QitHT M4/fgFpuLK/S7oPJECljpFw99NyjEBnLfClOPQeWnJv1lybIsPU3HLSu8CFm13QnRU pPFCQluPPsK7XNuOAFt8o6wMprRg/vAJlbSuAUpQ=
To: Mike Bishop <mbishop@evequefou.be>, Eric Rescorla <ekr@rtfm.com>
Cc: "<tls@ietf.org>" <tls@ietf.org>
References: <CAO8oSX=sPoLo78oX4qEEyeuck7CxM_uAqYPHEsY7BuYqBUaorg@mail.gmail.com> <0b19d021-8101-23ee-2899-450d103a8906@cs.tcd.ie> <CABcZeBN0mf7VFCKKdg9gH0=tCS7eLZz6M5_WJdaNG7XrJeyESw@mail.gmail.com> <0b854704-8f93-f9ad-c067-67f7f73cbbbf@cs.tcd.ie> <CABcZeBM61u=DtjQh+NkQF47MLyZS4EyuGBjDnsfjxz-z5kfjoQ@mail.gmail.com> <1eaaebf3-6e8a-ae84-0ab3-f977295c0721@cs.tcd.ie> <CY4PR22MB09831CBC251393EE334905D4DA760@CY4PR22MB0983.namprd22.prod.outlook.com>
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Openpgp: id=5BB5A6EA5765D2C5863CAE275AB2FAF17B172BEA; url=
Autocrypt: addr=stephen.farrell@cs.tcd.ie; prefer-encrypt=mutual; keydata= mQINBFo9UDIBEADUH4ZPcUnX5WWRWO4kEkHea5Y5eEvZjSwe/YA+G0nrTuOU9nemCP5PMvmh 5Cg8gBTyWyN4Z2+O25p9Tja5zUb+vPMWYvOtokRrp46yhFZOmiS5b6kTq0IqYzsEv5HI58S+ QtaFq978CRa4xH9Gi9u4yzUmT03QNIGDXE37honcAM4MOEtEgvw4fVhVWJuyy3w//0F2tzKr EMjmL5VGuD/Q9+G/7abuXiYNNd9ZFjv4625AUWwy+pAh4EKzS1FE7BOZp9daMu9MUQmDqtZU bUv0Q+DnQAB/4tNncejJPz0p2z3MWCp5iSwHiQvytYgatMp34a50l6CWqa13n6vY8VcPlIqO Vz+7L+WiVfxLbeVqBwV+4uL9to9zLF9IyUvl94lCxpscR2kgRgpM6A5LylRDkR6E0oudFnJg b097ZaNyuY1ETghVB5Uir1GCYChs8NUNumTHXiOkuzk+Gs4DAHx/a78YxBolKHi+esLH8r2k 4LyM2lp5FmBKjG7cGcpBGmWavACYEa7rwAadg4uBx9SHMV5i33vDXQUZcmW0vslQ2Is02NMK 7uB7E7HlVE1IM1zNkVTYYGkKreU8DVQu8qNOtPVE/CdaCJ/pbXoYeHz2B1Nvbl9tlyWxn5Xi HzFPJleXc0ksb9SkJokAfwTSZzTxeQPER8la5lsEEPbU/cDTcwARAQABtDJTdGVwaGVuIEZh cnJlbGwgKDIwMTcpIDxzdGVwaGVuLmZhcnJlbGxAY3MudGNkLmllPokCQAQTAQgAKgIbAwUJ CZQmAAULCQgHAgYVCAkKCwIEFgIDAQIeAQIXgAUCWj6jdwIZAQAKCRBasvrxexcr6o7QD/9m x9DPJetmW794RXmNTrbTJ44zc/tJbcLdRBh0KBn9OW/EaAqjDmgNJeCMyJTKr1ywaps8HGUN hLEVkc14NUpgi4/Zkrbi3DmTp25OHj6wXBS5qVMyVynTMEIjOfeFFyxG+48od+Xn7qg6LT7G rHeNf+z/r0v9+8eZ1Ip63kshQDGhhpmRMKu4Ws9ZvTW2ACXkkTFaSGYJj3yIP4R6IgwBYGMz DXFX6nS4LA1s3pcPNxOgrvCyb60AiJZTLcOk/rRrpZtXB1XQc23ZZmrlTkl2HaThL6w3YKdi Ti1NbuMeOxZqtXcUshII45sANm4HuWNTiRh93Bn5bN6ddjgsaXEZBKUBuUaPBl7gQiQJcAlS 3MmGgVS4ZoX8+VaPGpXdQVFyBMRFlOKOC5XJESt7wY0RE2C8PFm+5eywSO/P1fkl9whkMgml 3OEuIQiP2ehRt/HVLMHkoM9CPQ7t6UwdrXrvX+vBZykav8x9U9M6KTgfsXytxUl6Vx5lPMLi 2/Jrsz6Mzh/IVZa3xjhq1OLFSI/tT2ji4FkJDQbO+yYUDhcuqfakDmtWLMxecZsY6O58A/95 8Qni6Xeq+Nh7zJ7wNcQOMoDGj+24di2TX1cKLzdDMWFaWzlNP5dB5VMwS9Wqj1Z6TzKjGjru q8soqohwb2CK9B3wzFg0Bs1iBI+2RuFnxLkCDQRaPVAyARAA+g3R0HzGr/Dl34Y07XqGqzq5 SU0nXIu9u8Ynsxj7gR5qb3HgUWYEWrHW2jHOByXnvkffucf5yzwrsvw8Q8iI8CFHiTYHPpey 4yPVn6R0w/FOMcY70eTIu/k6EEFDlDbs09DtKcrsT9bmN0XoRxITlXwWTufYqUnmS+YkAuk+ TLCtUin7OdaS2uU6Ata3PLQSeM2ZsUQMmYmHPwB9rmf+q2I005AJ9Q1SPQ2KNg/8xOGxo13S VuaSqYRQdpV93RuCOzg4vuXtR+gP0KQrus/P2ZCEPvU9cXF/2MIhXgOz207lv3iE2zGyNXld /n8spvWk+0bH5Zqd9Wcba/rGcBhmX9NKKDARZqjkv/zVEP1X97w1HsNYeUFNcg2lk9zQKb4v l1jx/Uz8ukzH2QNhU4R39dbF/4AwWuSVkGW6bTxHJqGs6YimbfdQqxTzmqFwz3JP0OtXX5q/ 6D4pHwcmJwEiDNzsBLl6skPSQ0Xyq3pua/qAP8MVm+YxCxJQITqZ8qjDLzoe7s9X6FLLC/DA L9kxl5saVSfDbuI3usH/emdtn0NA9/M7nfgih92zD92sl1yQXHT6BDa8xW1j+RU4P+E0wyd7 zgB2UeYgrp2IIcfG+xX2uFG5MJQ/nYfBoiALb0+dQHNHDtFnNGY3Oe8z1M9c5aDG3/s29QbJ +w7hEKKo9YMAEQEAAYkCJQQYAQgADwUCWj1QMgIbDAUJCZQmAAAKCRBasvrxexcr6qwvD/9b Rek3kfN8Q+jGrKl8qwY8HC5s4mhdDJZI/JP2FImf5J2+d5/e8UJ4fcsT79E0/FqX3Z9wZr6h sofPqLh1/YzDsYkZDHTYSGrlWGP/I5kXwUmFnBZHzM3WGrL3S7ZmCYMdudhykxXXjq7M6Do1 oxM8JofrXGtwBTLv5wfvvygJouVCVe87Ge7mCeY5vey1eUi4zSSF1zPpR6gg64w2g4TXM5qt SwkZVOv1g475LsGlYWRuJV8TA67yp1zJI7HkNqCo8KyHX0DPOh9c+Sd9ZX4aqKfqH9HIpnCL AYEgj7vofeix7gM3kQQmwynqq32bQGQBrKJEYp2vfeO30VsVx4dzuuiC5lyjUccVmw5D72J0 FlGrfEm0kw6D1qwyBg0SAMqamKN6XDdjhNAtXIaoA2UMZK/vZGGUKbqTgDdk0fnzOyb2zvXK CiPFKqIPAqKaDHg0JHdGI3KpQdRNLLzgx083EqEc6IAwWA6jSz+6lZDV6XDgF0lYqAYIkg3+ 6OUXUv6plMlwSHquiOc/MQXHfgUP5//Ra5JuiuyCj954FD+MBKIj8eWROfnzyEnBplVHGSDI ZLzL3pvV14dcsoajdeIH45i8DxnVm64BvEFHtLNlnliMrLOrk4shfmWyUqNlzilXN2BTFVFH 4MrnagFdcFnWYp1JPh96ZKjiqBwMv/H0kw==
Message-ID: <25005af2-f22d-1ffd-e9ab-f2eba081ef8c@cs.tcd.ie>
Date: Fri, 01 Mar 2019 23:52:32 +0000
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.5.1
MIME-Version: 1.0
In-Reply-To: <CY4PR22MB09831CBC251393EE334905D4DA760@CY4PR22MB0983.namprd22.prod.outlook.com>
Content-Type: multipart/signed; micalg="pgp-sha512"; protocol="application/pgp-signature"; boundary="SyhU3JYsBJg3VHL4hnBju1vjU9PhCqasd"
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/MWC8u71G-3iUTsasxjTXg3T7vVw>
Subject: Re: [TLS] Two Multi-CDN proposals
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 01 Mar 2019 23:52:42 -0000

Hiya,

On 01/03/2019 23:19, Mike Bishop wrote:
> Stephen, there are a couple complicating factors here where I think
> we all have varying knowledge gaps.
Doubtless. I confess lots of ignorance as to how CDNs operate.

> 
> *   There are two major ways of pointing to a CDN:  Direct A/AAAA
> records and CNAMEs.  The easiest way to handle key update
> complexities on the part of the CDN(s) is simply to CNAME the ESNI
> query for your domain to their ESNI record, but you can certainly
> directly host your CDN’s keys in your domain if you prefer.  Nothing
> should preclude that.`

I agree that we need something that works for both. As there
are meta-issues with some privacy mechanisms encouraging more
centralisation, I think it's important that we be explicit in
considering such, as we've been doing here. (To simplify and
paraphrase it a bit: part of my position is that "nothing
should preclude" is too weak - ESNI needs to work for both - to
the extent possible.)

> *   The issue we’re trying to address is when
> the ESNI record and the A/AAAA record follow different CNAME chains
> and you get the records from different hosts.  Of course, if we move
> to an ESNI RRType with the same hostname (see #105), there’s
> hopefully a single CNAME chain that gets cached at the resolver and
> used when looking up both queries.  If they remain separate
> hostnames, it seems like it gets much easier for them to diverge. 

I agree with all you say except the first one of the two words "the
issue" - there is more than one issue at play I'd say:-)

> *
> It’s my understanding that DNSsec doesn’t play well with returning a
> subset of all extant RRs for a given name+type.  However, some CDNs
> return DNS results tailored to the user’s location; the
> load-balancing servers will (in some cases) return CNAMEs to
> different targets based on the desired traffic share.  That’s not a
> behavior that maps well to DNSsec as I understand it.  You mention
> DNSsec signing your domain as part of why you have issues with the
> proposal, but I think this is an open issue beyond ESNI or these
> PRs.

It seems I didn't explain myself so well. For my setup the fact
that I support DNSSEC (and hence periodic re-signing) makes it
easier for me to support periodically acquiring and (re-)publishing
ESNIKeys from multiple sources. So having an existing DNSSEC setup
helps here.

Other than that, I'm not sure DNSSEC and ESNI have so much to do
with one another, given that DNSSEC really doesn't provide any
cryptographic linkage when things like MX or CNAME are used in the
DNS.

> Maybe someone better-steeped in DNS/DNSsec can help us figure out how
> all that should work, and I agree with you that there are definitely
> bumps here we need to iron out – maybe those are just questions to
> answer, or maybe changes to the structure of the record are
> warranted.
> 
> 
> 
> However, these PRs are primarily about what information should be in
> these records and how clients make use of it.  I disagree with you
> that we have to resolve both questions at the same time.  Let’s agree
> on content first, and spent some time separately with DNS folks to
> see whether the content can be more pleasantly arranged.

I'm not quite sure what you mean but I can think of two things:-

1. I have argued about how the content and structure of ESNIKeys
can affect deployment models and manageability, and do think that
now is the time to consider both. I maintain that position. And
my main points in this thread have all been about how the structure
of ESNIKeys could affect deployment models.

2. I think I explicitly said I'm fine with the encoding (TXT vs new
RRTYPE) being handled later. The same goes for a lot of other aspects
of the structure of ESNIKeys (but not all). There were a bunch of
mails though, so it's likely easy to miss that;-)

Cheers,
S.


> 
> 
> 
> -----Original Message----- From: TLS <tls-bounces@ietf.org> On Behalf
> Of Stephen Farrell Sent: Thursday, February 28, 2019 2:50 AM To: Eric
> Rescorla <ekr@rtfm.com> Cc: <tls@ietf.org> <tls@ietf.org> Subject:
> Re: [TLS] Two Multi-CDN proposals
> 
> 
> 
> 
> 
> Hiya,
> 
> 
> 
> On 28/02/2019 02:40, Eric Rescorla wrote:
> 
>> On Wed, Feb 27, 2019 at 5:56 PM Stephen Farrell
> 
>> <stephen.farrell@cs.tcd.ie<mailto:stephen.farrell@cs.tcd.ie>>
> 
>> wrote:
> 
>> 
> 
>>> 
> 
>>> Hiya,
> 
>>> 
> 
>>> On 28/02/2019 01:41, Eric Rescorla wrote:
> 
>>>> I think you're misunderstanding the scenario here: we have two
>>>> CDNs
> 
>>>> A and B, and some switching service in front, so that when you
> 
>>>> lookup
> 
>>> example.com,
> 
>>>> you get a CNAME to A or B, and then you get the ESNIKeySet
> 
>>> 
> 
>>> (ESNIKeySet is a type you've just invented I guess?)
> 
>>> 
> 
>> 
> 
>> No. I forgot it was named ESNIKeys
> 
>> 
> 
> 
> 
> Phew:-)
> 
> 
> 
>>>> for A or B as
> 
>>>> the case may be. So you're not going to get both ESNIKeys
>>>> values.
> 
>>> 
> 
>>> Yes, that's not the model I had in mind. I don't recall that
>>> having
> 
>>> been written down but maybe I missed it. (Where should I look?)
> 
>>> 
> 
>> 
> 
>> I believe this was discussed in Bangkok during the discussion of
> 
>> problems with the current structure.
> 
> 
> 
> FWIW, I didn't take from that discussion that we only want that model
> to be supported, but it may have passed me by if that was stated.
> 
> 
> 
>>> The model I had in mind was where the hidden site has it's own
>>> DNS
> 
>>> operator but >1 CDN/front-site with each of those having a
>>> private
> 
>>> ESNI value. (And if there's some front-end DNS cleverness, it'd
>>> kick
> 
>>> in when the CNAME from #137 is being chased down.)
> 
>>> 
> 
>> 
> 
>> I don't see how this is conflicts with what I said above, as that
> 
>> server still needs to ensure consistency.
> 
> 
> 
> I don't think mine conflicts with the model you describe, but I do
> think it has different consequences for how we ought structure the
> ESNIKeys stuff.
> 
> 
> 
> To be more specific, say in my model I have example.com and want to
> see ESNI used for www.example.com<http://www.example.com> and I
> publish the zone for example.com including ESNIKeys.
> 
> 
> 
> Now I want browsers to be able to use either cdn1.example or
> cdn2.example to front for www.example.com<http://www.example.com>
> where those are independent CDNs.
> 
> 
> 
> So I need to update my DNS zone periodically whenever one or other
> CDN changes their ESNI public key share.
> 
> In my tiny little case doing this for a few domains, I already have a
> small infrastructure that allows me to do that kind of thing because
> of the need for regular DNSSEC re-signing. (Mine currently works at a
> weekly or daily cadence, but doing it hourly would be fine.)
> 
> 
> 
> I'd like to do that via a simple update to my zone files without
> having to unpack and re-pack the data structures I get from cdn1 or
> cdn2. Now sure, I could write a new tool to munge together what I get
> from the CDNs but that's more work (that could go wrong) and doesn't
> match my current work flows. And I suspect others may operate
> similarly.
> 
> 
> 
> That's what leads me to think that we'd be better off to have
> multi-valued answers when a browser looks up the RRset at
> _esni.www.example.com with each separate value matching one ESNI
> public share (or one CDN, though I'd argue for one share per zone
> file stanza).
> 
> 
> 
> I don't think that conflicts with your model where
> _esni.www.example.com is one or another CNAME at a given moment but
> it does differ from it.
> 
> 
> 
> There is however some dependency on #137 to get what I want I guess
> using the host_pointer to get the privacy benefit of using a CDN. I
> guess I might need to publish yet another ESNI public share that
> matches the private available at the A/AAAA of
> www.example.com<http://www.example.com> as well as those from the CDN
> even though that may get me less privacy benefit compared to browsers
> who go to cdn1 or cdn2. (It's possible that I'm reading
> 
> #137 wrong though, but I read it as supporting the kind of setup I
> describe here.)
> 
> 
> 
>> In any case, the model I am describing has a consistency problem
>> which
> 
>> needs to be addressed.
> 
> 
> 
>>> PS: I nonetheless maintain my points about the current ESNIKeys
> 
>>> structure - it's over generic and over complex and these PRs can
>>> only
> 
>>> make that worse:-)
> 
>>> 
> 
>> 
> 
>> Yes, I am aware this is your opinion, but I don't agree.
> 
> Fair enough:-) Personally I think that if we support the kind of
> model above, such simplifications may well naturally fall out of that
> work but we'll see I guess.
> 
> For example, I think that'd allow re-structuring the ESNIKeys thing
> so the host_pointer in #137 no longer needs to be an extension and
> hence we don't need the concept of mandatory/critical extensions at
> all.
> 
> 
> 
> Cheers,
> 
> S.
> 
> 
> 
> 
> 
> 
> 
>> 
> 
>> -Ekr
> 
>>

v2.23.0 | Report a Bug | By Email