Hi Ravi, Seems like this was stuck in your outbox and sent a duplicate email to the one from August 10?
Tommy > On Aug 10, 2022, at 1:40 AM, Ravi sankar MANTHA > <[email protected]> wrote: > > Hi, > > In Section 6.2 of RFC 9230, its mentioned that SetupBaseS takes only 2 > parameters (pkR, "odoh query") > > However, reference implementations are indeed using a randomiser from client > side. > > enc, ctxI, err := hpke.SetupBaseS(suite, rand.Reader, pkR, > []byte(ODOH_LABEL_QUERY)) > (https://github.com/cloudflare/odoh-go/blob/7c6d9ff448c53e0e546f2afe915ad9608e11f7bd/odoh.go#L471) > > This has an implication on target implementations, > > If Targets assume the randomizer is not present in shared secret derivation, > then Context is unique for Target Public Key and they may choose not to > store/derive it per message per Public Key. > > If random seed is present, then contexts are unique only per message (DSN > Query). > > So, this has an interoperability impact as Encrypt/Decrypt fails for Query > Responses if wrong shared key/Context is used on Target side. > > IMHO, we might need to clarify this in RFC either by updating pseudocode for > SetupBaseS or add a note that Target should derive shared secret/Context with > every oblivious DNS query. Or its implicit somewhere in the RFC ? > > Regards, > > Ravi Mantha > > > > > _______________________________________________ > dns-privacy mailing list > [email protected] <mailto:[email protected]> > https://www.ietf.org/mailman/listinfo/dns-privacy
_______________________________________________ dns-privacy mailing list [email protected] https://www.ietf.org/mailman/listinfo/dns-privacy
