On 27/02/15 15:09, Warren Kumari wrote: > I don't have any suggested text, nor do I know if anything should go > in *this* doc, but if we mention the pattern attack, perhaps we should > mention timing as well?
FWIW, I'm not sure. I don't think this'd count as a problem with current DNS, except maybe in a really weird case where the adversary can see ciphertext packets inside an IPsec VPN and DNS queries in clear outside? Otherwise, it'd be like a non-constant time crypto implementation and something to bring up in the context of a specific solution proposal. If one did want to include text, I guess there are references to how equivalent timing correlations have been seen in Tor that could be used to identify a source. (I'm not sure if that's been done in the wild against Tor or only in lab studies though.) On balance I'd say maybe leave that one for solution docs but I'd also not object if text like that was added as a security consideration. (I could imagine the editor might be wary of that though, in case it's the start of a slippery slope;-) Cheers S. _______________________________________________ dns-privacy mailing list [email protected] https://www.ietf.org/mailman/listinfo/dns-privacy
