Greetings. The tone in Section 4 about strict privacy seems completely
wrong to me. I recognize that there some users really want to be able to
configure strict privacy for themselves, but the text in the section
ignores the fact that if strict privacy cannot be achieved in a
particular session, a user is likely to turn off DNS-over-TLS. The text
here makes opportunistic privacy seem like a weak second cousin, not a
legitimate choice for people who want to encrypt where possible. If a
user sees "you can't use the Internet because of your setting for DNS
over TLS", the result will be less overall privacy than if the document
primarily emphasizes opportunistic privacy, and describes strict privacy
only for those users who are willing to have no internet connectivity at
some times.
There are many ways that strict privacy can fail. The most obvious one,
which we still see repeatedly, is a name server that forgets to renew
its certificate. There are many others, all of which can be controlled
by an attacker: SRV chains that accidentally get changed, CNAME chains
that change, temporary unavailability of OCSP or CRL information, and so
on. Note that many of these attacks are not on-path between the user and
the name server. An attacker who wants to force users to choose to not
use DNS-over-TLS can block any of these to anger users enough to turn
off DNS-over-TLS.
I propose that Section 4 be completely recast. Keep in all the stuff
about opportunistic allowing on-path attackers to view and modify
traffic, but start with the attitude that most users would prefer the
chance of some encryption but always get Internet service, and that
fewer users would want no internet service if there is anything wrong
with the authentication. That is, emphasize opportunistic privacy
because it is less fragile and less likely to be later turned off.
I'm not going to write up the full recast unless there is consensus in
the WG to do so. Clearly, I'm not the one to judge that consensus.
Also: why is "hard failure" the fourth bullet describing Opportunistic
Privacy? That would only apply to Strict Privacy, correct?
Even if the WG doesn't want to recast the section to emphasize (what I
consider) the profile more people will want due to its resilience, I
still would like to see the following sentence removed: "Since Strict
Privacy provides the strongest privacy guarantees it is preferable to
Opportunistic Privacy." It is only preferable to people who are willing
to lose all Internet connectivity, not to everyone.
--Paul Hoffman
_______________________________________________
dns-privacy mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dns-privacy
