> On 15 Dec 2018, at 11:37 am, Daniel Kahn Gillmor <[email protected]> > wrote: > > On Fri 2018-12-14 22:58:09 +0000, Stephen Farrell wrote: > >> I'm probably exposing my lack of DNS-clue, but I wonder if it >> is/isn't possible to embed a "like/want/offer privacy" signal >> in the DNS protocol, rather than in the data carried by the >> protocol? (Regardless of whether the latter might be done via >> funny names or new/additional RRs.). > > i think you're suggesting some sort of "starttls"-like mechanism -- > start a DNS connection to an authoritative server, and then the server > lets you know "hey you might also want to try me in the future via > private channels" > > is that what you're proposing? > > if so, it has the unsatisfying aspect common to all starttls-like > proposals: it can be trivially stripped.
Not if the zone is signed. > it is also unsatisfying in the DNS world because there typically isn't > a handshake -- the first packet contains the sensitive data that you > might want to keep private. I you can’t hide that you are talking to a nameserver. Asking for the nameserver’s TLSA record isn’t exposing much that is already exposed. > It could certainly help over the longer term against a passive monitor > -- the initial privacy leak could be amortized over many future > communications between the resolver and the authoritative -- but it > still leaves the first connection to that server unprotected even > against passive attack, which is something that signalling in the name > could potentially avoid. > > --dkg > _______________________________________________ > dns-privacy mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/dns-privacy -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: [email protected] _______________________________________________ dns-privacy mailing list [email protected] https://www.ietf.org/mailman/listinfo/dns-privacy
