On Thu, Apr 23, 2015 at 09:49:32AM +0200, Simon Josefsson wrote: > > I agree that DNSCurve is the best solution. > > I didn't say that. I believe DNSCurve and DNS-over-(D)TLS are somewhat > different, and which is best depends on what you appreciate. > DNS-over-(D)TLS is to me clearly the best answer for stub resolvers > talking to an iterative resolver, which appears to be the focus of this > WG's charter. > > I'll update my position on WG adoption a bit: > > I support adopting DNS-over-TLS but urges the WG to adopt DNS-over-DTLS > at the same time, and make consistency between them a requirement. > Having both with different TLS-related security semantics would be a > disaster. In fact, I would suggest that these two documents are merged > into one. There is (or, rather, should be) more in common between these > documents than what separates them.
- Can one resume sessions across protocols (resume UDP session as TCP session or vice versa)? - Does DNS-over-DTLS need some sort of channel identifier in queries (taking place of the 5-tuple)? To deal with things like client IP address/portrange changes or client socket being dropped[1]. - Also, whereas 53/TCP is surprisingly clean[2], 53/UDP has lots of bad stuff going on, sometimes even with packets not destined to the middle- boxes.[3][4] How bad is that problem? Also, some problems with (D)TLS: - No length hiding: There is no defined mechanism for length hiding (which is needed unless one can pad at DNS level). I think there have been at least one proposal tho. - Complexity: Enormously complicated. TLS libraries are almost invariably junk for one reason or another. - Insecure configs: Most of TLS usage is insecure due to usage of legacy junk. One could address this by aggressively profiling down the usage. [1] That sort of stuff would kill TCP connection anyway, and TCP connections are so heavyweight that using resumption is feasible. [2] Then again, most TCP ports are pretty clean, with only a few exceptions (I think at most 10 or so). [3] IIRC, some ISP dropped all outgoing 53/UDP packets with QR bit [3rd byte MSB] set (and similarly all incoming 53/UDP packets with QR bit clear). This was to deal with amplification attacks. [4] Assorted DNS forwarders are infamous for having all sorts of weird interpretations of DNS (despite the fact that dumb forwarding based on ID/port would work). -Ilari _______________________________________________ dns-privacy mailing list [email protected] https://www.ietf.org/mailman/listinfo/dns-privacy
