> On 2 Jan 2020, at 06:45, S Moonesamy <[email protected]> wrote: > > Hello, > > There are currently four (IETF) working groups focused on DNS with three of > them having privacy as part of their charter. I read > draft-ietf-dprive-rfc7626-bis-03 as I was looking for a document which might > be related to those topics.
Comments here are based on the content of the -04 draft. > > Section 1 of the draft has a tutorial of how DNS works. What is the audience > for this draft? > > Section 3.1 of the draft discusses about the claim that "the data in the DNS > is public". The claim is supported [1] by one of the authors of the draft. > The draft states that the claim makes sense. What is the meaning of the > "data in the DNS"? Does "is public" mean that the "data" is not confidential? Both previously answered by Stephane. > > Section 3.2 discusses what a user does and use a DNS query related to email > as an example. Is the MUA expected to validated the MX RR or is it the role > of the MSA? I think questions of validation are out of scope for this draft. > > Section 3.4.1 discusses the lack of confidentiality in the design of DNSSEC > and equates privacy-aware with "secured against surveillance". Mixing the > pervasive monitoring and privacy aspects creates ambiguity. For example, > encrypting all the entire DNS communication chain with adequate security > mechanisms could mitigate pervasive monitoring concerns. However, that does > not address privacy concerns as there is still entities which are able to > collect and process those DNS queries for secondary purposes. The draft contains sections on both the wire encryption (3.4) and handling of data in the servers (3.5) which between them cover these two aspects. Do you have a specific suggestion for changes to the draft? > > The choice of resolvers was previously made by the network on which the user > was connected. Recently, the Internet Engineering Steering Group approved > the standardization of a mechanism so that the choice can be made by a web > browser. The data from the DNS query is, with some exceptions, automatically > transferred to a foreign jurisdiction. The draft mentions in Section 3.5.1.1 > that the entities running networks might have a strong, medium, or weak > privacy policy. However, it misses a crucial aspect with respect to privacy > policies, which is the redress mechanism available to the user. Since such mechanisms would vary at least by region and certainly by organisation so I’m not sure what can be said here. Do you have specific text to suggest on this topic? > > Section 3.5.1.3 states that user privacy can also be at risk if the network > operator blocks access to some remote recursive server. It could be argued > that it might be a filtering (or censorship) technique. However, it does not > have an impact on user privacy unless there is an identifier which can be > traced back to the user. Section 3.5.1.3 states: “User privacy can also be at risk if there is blocking (by local network operators or more general mechanisms) of access to remote recursive servers that offer encrypted transports when the local resolver does not offer encryption and/or has very poor privacy policies." and “This is a form of Rendezvous-Based Blocking as described in Section 4.3 of [RFC7754].” which I think cover both of your issues. Otherwise, please suggest text. > > If I understood Section 3.5.1.5.2. correctly, the move to DNS over HTTPS > created more privacy issues because HTTPS functionality was favored at the > expense of privacy. To quote from Section 3.5.1.5.2: “Utilizing the full set of HTTP features enables DoH to be more than an HTTP tunnel, but it is at the cost of opening up implementations to the full set of privacy considerations of HTTP." > > Section 3.6 of the draft states that the IAB privacy and security program has > some work in progress. Given that it has been over four years, could an > update be provided about that work in progress? Looking back, this text was introduced into the original I-D before RFC7624 was published and wasn’t updated. Suggest: OLD: “The IAB privacy and security program also have a work in progress [RFC7624] that considers such inference-based attacks in a more general framework.” OLD: “The IAB privacy and security program has also produced [RFC7624] that considers such inference-based attacks in a more general framework." > > Section 5 discusses legalities within a European Union context and concluded > that there are no specific laws for DNS data in any country. Did the working > group conduct a worldwide study to find evidence of that? The text says “to our knowledge’; no DPRIVE or IETF review comment to date (or errata to RFC7626) has contradicted this statement so I think it is a fair representation of the community knowledge on this matter. If you are aware of such a law please suggest text. Best regards Sara. _______________________________________________ dns-privacy mailing list [email protected] https://www.ietf.org/mailman/listinfo/dns-privacy
