On Wed, Nov 18, 2015 at 10:45 PM, Stephane Bortzmeyer <[email protected]> wrote: > On Wed, Nov 18, 2015 at 11:30:53AM +1300, > Alex Mayrhofer <[email protected]> wrote > a message of 207 lines which said: > >> - I think we should stick with requiring 0x00 padding (I am avoiding >> the term 'payload' here for a reason). This would prevent the abuse >> as a covert channel, > > -1 for me. I agree with Mark Andrews that "preventing the use as a > covert channel" is a non-goal (you cannot prevent two willing entities > to set up anything as a covert channel).
<no hats> I agree with Stephane here. If someone wants to use this as a convert channel between e.g: stub and recursive, they would need some manner to get information into the padding section when sending, and then extract it on the other end. This means that they have control of these endpoints, and so do basically whatever they want. They can hide stuff in the QNAME, they can stuff it anywhere else in the DNS packet, or they could just use some other protocol that looks nothing like DNS. This all gets wrapped in TLS, and so middleboxes / anything other then the sender and receiver cannot check to see if the padding is being used as a convert channel, if the stuff looks anything like DNS at all. Much of this seems like: Don't test for an error condition you don't know how to handle. So, I really don't think that the receiver should check this field (a well behaved receiver will ignore this field, a malicious one isn't gong to care what we put in an RFC). I also think (but am not sure) that the sender should pad with random stuff[0] to prevent issues with "accidental" compression. Yes, we can say that compression MUST be disabled, but will all implementations follow this? The way many people write software is "look for something kind of similar on stackexchange and fiddle with it till it compiles". None of the easy examples I could find mention compression - e.g: http://stackoverflow.com/questions/5009271/any-good-examples-on-programming-using-libssl, https://wiki.openssl.org/index.php/Libcrypto_API, etc. I suspect I'm in the rough on this. W [0]: Massive handwave here. </no hats> > _______________________________________________ > dns-privacy mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/dns-privacy -- I don't think the execution is relevant when it was obviously a bad idea in the first place. This is like putting rabid weasels in your pants, and later expressing regret at having chosen those particular rabid weasels and that pair of pants. ---maf _______________________________________________ dns-privacy mailing list [email protected] https://www.ietf.org/mailman/listinfo/dns-privacy
