On Mon, Nov 2, 2015 at 4:29 AM, Tim WIcinski <[email protected]> wrote:
> > (no hats) > > With this new version, I think the document is useful and provides a solid > discussion of how to quantify privacy mechanisms for a DNS implementer who > is not a security subject matter expert. > > tim > On 11/2/15 6:22 PM, Andrew Sullivan wrote: > >> Despite my comments against the hum at the mic, I have read this >> document and think it should certainly be adopted. I just don't want >> Yet Another Meaningless Commitment. (If you looked before and can't >> fact it again, give it a try. It's much improved.) >> >> A >> >> > This looks useful. I have a few concerns. https://tools.ietf.org/html/draft-am-dprive-eval-02 pg 3, section 2 "reasability" -> "readability" Also, these sentences seem redundant: "The verbatim source of most of those definitions is from [RFC6973], which are included as an aid in reasability." and "For the terms from [RFC6973], we include their definitions rather than simply referencing them as an aid to readability." pg 5, sec 2.4, end of first paragraph: "In this section, we outline such definitions we further notes on their indications." That sentence seems incomplete around the word "we". Perhaps "we" -> "with". pg 12, sec 6, last paragraph, "Composed (Multiple) Mechanisms": "than either of the two along." -> than either of the two alone." pg 14, sec 7.2 says: "the probability that one query is comes from a given individual is (1/10 = 0.1). The probability that two queries are issued by the same initiator is 0.1^2 = 0.01, which represents the linkability probability. The unlinkability probability is given as 1-0.01 = 0.99." Does "same initiator" mean "a given individual"? Or just "second packet is from same initiator as the first packet" I think we should distinguish between linking to an initiator and linking between packets:: -- The probability that two queries are issued by "a given individual" is 0.1^2 = 0.01 -- The probability that two queries are issued by the same initiator, meaning the second packet is from the same initiator as the first, is 0.1. pg 17, sec 7.4 I am not familiar with the details of IPSEC, but from the text it appears to hide the port number. But does it hide the destination IP? If not, and if most DNS resolvers have a separate IP from other services, then "undetectability" is very low, since any communication with the IP of the DNS resolver is most likely a DNS query. (For purposes of the illustration, perhaps you should clearly state the you are assuming a resolver on a shared IP that does much more than just DNS resolution.) -- Bob Harold
_______________________________________________ dns-privacy mailing list [email protected] https://www.ietf.org/mailman/listinfo/dns-privacy
