Nicholas Weaver wrote: > ... > > One important observation: ONLY the path between the client and the > recursive resolver in the classic model substantially benefits from channel > security.
if i were proposing a secrecy scheme that was easy to do on stub-to-recursive but hard to do on recursive-to-authority, then i'd be looking very much harder at the benefits of recursive-to-authority. however, what i'm proposing is no easier to do in one case than the other, and so any purported difference in benefit is outweighed by the lack of difference in the cost. pay once, benefit twice, is good engineering economics as far as i'm concerned. > ... > > Even if you wave a magic wand and all resolver<->authority communication > becomes protected with 0-cost, 100% perfect data encryption, basic traffic > analysis will largely be able to determine which domains are being looked up. > Individual names within the domain are protected, but that is relatively > minor. > > The other problem is DNS is used to guide endpoint communication. Between > the resolver<->authority information leak, and the actual IP selected by the > endpoint itself for communication, this allows a nation-state observer > adversary to pretty much recover what the hostname was in question in many > cases, and at least the domain in almost all cases. i wish it noted that i am responding to the general post-snowden call for channel secrecy, and that i don't myself see much need for it in the case of DNS, but that the proposals i've seen come out of the security community for how to add channel secrecy to DNS are alarming in their lack of understanding of what DNS is, how large DNS is, and how DNS works. therefore, i'm attempting to isolate the cases which might be relevant to somebody, i am drumming up a definition of "dissident", and crafting a proposal that would protect that mythical person's interests. the fact that the QNAME can be recovered in many cases by a well resourced nation-state actor is meaningless here, since that surveillance would have to be targeted, and would be both inaccurate and expensive; whereas the surveillance i'm solving for is the ubquitous kind, which is presently very accurate and very cheap. vixie
_______________________________________________ Int-area mailing list [email protected] https://www.ietf.org/mailman/listinfo/int-area
