On 11/2/2014 12:57 PM, Stephane Bortzmeyer wrote:
A reviewer told me privately that it is not clear, from
draft-ietf-dprive-problem-statement-00.txt, what are the actual
considerations/issues/problems. They are mentioned but not highlighted
enough, he said.
He suggested to add prominent CONSIDERATIONS from time to time, for
instance when discussing source IP addresses, having:
CONSIDERATION NNN: "exposing source IP addresses of DNS queries raises
privacy risks"
Passive monitoring records the domain names queried by IP addresses.
This can be us to identify the user behind the address -- finding
quickly the domain names of private mail server, business mail server,
preferred services, etc. Some of that information can be also retrieved
from traffic analysis, but all.
Passive monitoring divulges access to named services, which is more info
than mere IP addresses when the services use shared infrastructure like
CDN or server pools.
Real time passive monitoring enables "automated spoofed response," which
are used to instantiate MITM attacks.
-- Christian Huitema
_______________________________________________
dns-privacy mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dns-privacy
