Re: [dns-privacy] Call for Adoption: draft-mayrhofer-dprive-padding-profile

2016-12-02 Thread tjw ietf 
The Call for Adoption has ended and the group has chosen to adopt this
work. Thanks everyone for their input.

The author(s) should upload a new draft with the updated name.

thanks
tim


On Thu, Nov 17, 2016 at 11:42 PM, Warren Kumari  wrote:

> Dear DPRIVE WG,
>
> This starts a Call for Adoption for draft-mayrhofer-dprive-
> padding-profile.
>
> The draft is available here:
> https://datatracker.ietf.org/doc/draft-mayrhofer-dprive-padding-profile/
>
> Please review this draft to see if you think it is suitable for
> adoption by DPRIVE,
> and comments to the list, clearly stating your view.
>
> Please also indicate if you are willing to contribute text, review, etc.
>
> This call for adoption ends Fri 02-Dec-2016.
>
> In addition, to satisfy RFC 6702 ("Promoting Compliance with
> Intellectual Property Rights (IPR)"):
> If you are personally aware of any IPR that applies to
> draft-mayrhofer-dprive-padding-profile, has this IPR been disclosed in
> compliance with IETF IPR rules? (See RFCs 3979, 4879, 3669, and 5378
> for more details.)
>
>
> Thanks,
> Warren Kumari
> (as DPRIVE WG co-chair)
> --
> I don't think the execution is relevant when it was obviously a bad
> idea in the first place.
> This is like putting rabid weasels in your pants, and later expressing
> regret at having chosen those particular rabid weasels and that pair
> of pants.
>---maf
>
> ___
> dns-privacy mailing list
> dns-privacy@ietf.org
> https://www.ietf.org/mailman/listinfo/dns-privacy
>
___
dns-privacy mailing list
dns-privacy@ietf.org
https://www.ietf.org/mailman/listinfo/dns-privacy

Re: [dns-privacy] Call for Adoption: draft-mayrhofer-dprive-padding-profile

2016-11-28 Thread Bob Harold 
On Mon, Nov 28, 2016 at 6:18 AM, Sara Dickinson  wrote:

>
> > On 18 Nov 2016, at 06:13, Shane Kerr  wrote:
> >
> > Warren,
> >
> > At 2016-11-18 13:42:08 +0900
> > Warren Kumari  wrote:
> >
> >> This starts a Call for Adoption for draft-mayrhofer-dprive-
> padding-profile.
> >>
> >> The draft is available here:
> >> https://datatracker.ietf.org/doc/draft-mayrhofer-dprive-
> padding-profile/
> >>
> >> Please review this draft to see if you think it is suitable for
> >> adoption by DPRIVE,
> >> and comments to the list, clearly stating your view.
> >
> > I have read this draft and support its adoption by DPRIVE.
>
> +1
>
> >
> >> Please also indicate if you are willing to contribute text, review, etc.
> >
> > I am willing to contribute text, and review, and even etc. if necessary.
>
> +1
>
> >
> > 
> >
> > Note there was some discussion today in the working group about the
> > approach that this document takes. The concern is that this seems to be
> > a survey of possible techniques. Personally I think it makes sense to
> > have two documents:
> >
> > 1. A review of all possible approaches (the current document), and
> > 2. Recommendations for implementors (based on pending research and
> >   analysis).
> >
> > If we really only want one document, then probably it should start with
> > recommendations and then include the review of techniques as an
> > appendix.
>
> I happen to favour this second approach of just one document, evolving the
> structure of the draft as the recommendations become clearer.
>
> Sara.
>

I support and will review.  Prefer one doc.

-- 
Bob Harold
___
dns-privacy mailing list
dns-privacy@ietf.org
https://www.ietf.org/mailman/listinfo/dns-privacy

Re: [dns-privacy] Call for Adoption: draft-mayrhofer-dprive-padding-profile

2016-11-28 Thread Sara Dickinson 

> On 18 Nov 2016, at 06:13, Shane Kerr  wrote:
> 
> Warren,
> 
> At 2016-11-18 13:42:08 +0900
> Warren Kumari  wrote:
> 
>> This starts a Call for Adoption for draft-mayrhofer-dprive-padding-profile.
>> 
>> The draft is available here:
>> https://datatracker.ietf.org/doc/draft-mayrhofer-dprive-padding-profile/
>> 
>> Please review this draft to see if you think it is suitable for
>> adoption by DPRIVE,
>> and comments to the list, clearly stating your view.
> 
> I have read this draft and support its adoption by DPRIVE.

+1

> 
>> Please also indicate if you are willing to contribute text, review, etc.
> 
> I am willing to contribute text, and review, and even etc. if necessary.

+1 

> 
> 
> 
> Note there was some discussion today in the working group about the
> approach that this document takes. The concern is that this seems to be
> a survey of possible techniques. Personally I think it makes sense to
> have two documents:
> 
> 1. A review of all possible approaches (the current document), and 
> 2. Recommendations for implementors (based on pending research and
>   analysis).
> 
> If we really only want one document, then probably it should start with
> recommendations and then include the review of techniques as an
> appendix.

I happen to favour this second approach of just one document, evolving the 
structure of the draft as the recommendations become clearer. 

Sara. 

___
dns-privacy mailing list
dns-privacy@ietf.org
https://www.ietf.org/mailman/listinfo/dns-privacy

Re: [dns-privacy] Call for Adoption: draft-mayrhofer-dprive-padding-profile

2016-11-27 Thread Warren Kumari 
Reminder -- this CfA concludes on Dec 2nd.

W

On Sat, Nov 19, 2016 at 2:48 PM, John Levine  wrote:
> In article  you write:
>>I support the adoption of this document, knowing that there is still a
>>bunch of research that needs to be done before we can specify good
>>profiles.
>
> As I said at the microphone, I'd like to adopt it, and then stall it
> until we have enough research data to narrow down the list of profiles.
>
> R's,
> John
>
> ___
> dns-privacy mailing list
> dns-privacy@ietf.org
> https://www.ietf.org/mailman/listinfo/dns-privacy



-- 
I don't think the execution is relevant when it was obviously a bad
idea in the first place.
This is like putting rabid weasels in your pants, and later expressing
regret at having chosen those particular rabid weasels and that pair
of pants.
   ---maf

___
dns-privacy mailing list
dns-privacy@ietf.org
https://www.ietf.org/mailman/listinfo/dns-privacy

Re: [dns-privacy] Call for Adoption: draft-mayrhofer-dprive-padding-profile

2016-11-18 Thread Daniel Kahn Gillmor 
On Fri 2016-11-18 13:42:08 +0900, Warren Kumari  wrote:
> This starts a Call for Adoption for draft-mayrhofer-dprive-padding-profile.
 [...]
> Please also indicate if you are willing to contribute text, review, etc.

As i said in the meeting Friday, I support WG adoption of this document.
Implementors need guidance, and implementations should avoid being
fingerprintable.

nitpick: i think it should be called "dprive-padding-policy" instead of
dprive-padding-profile" so that it's harder to confuse with the
authentication profiles document.

> In addition, to satisfy RFC 6702 ("Promoting Compliance with
> Intellectual Property Rights (IPR)"):
> If you are personally aware of any IPR that applies to
> draft-mayrhofer-dprive-padding-profile, has this IPR been disclosed in
> compliance with IETF IPR rules? (See RFCs 3979, 4879, 3669, and 5378
> for more details.)

I'm unaware of any IPR that applies to this work.

--dkg


signature.asc
Description: PGP signature
___
dns-privacy mailing list
dns-privacy@ietf.org
https://www.ietf.org/mailman/listinfo/dns-privacy

Re: [dns-privacy] Call for Adoption: draft-mayrhofer-dprive-padding-profile

2016-11-18 Thread Francis Dupont 
 In your previous mail you wrote:

>  I support the adoption of this document, knowing that there is still a 
>  bunch of research that needs to be done before we can specify good 
>  profiles.

+1

francis.dup...@fdupont.fr

___
dns-privacy mailing list
dns-privacy@ietf.org
https://www.ietf.org/mailman/listinfo/dns-privacy

Re: [dns-privacy] Call for Adoption: draft-mayrhofer-dprive-padding-profile

2016-11-17 Thread Shane Kerr 
Warren,

At 2016-11-18 13:42:08 +0900
Warren Kumari  wrote:

> This starts a Call for Adoption for draft-mayrhofer-dprive-padding-profile.
> 
> The draft is available here:
> https://datatracker.ietf.org/doc/draft-mayrhofer-dprive-padding-profile/
> 
> Please review this draft to see if you think it is suitable for
> adoption by DPRIVE,
> and comments to the list, clearly stating your view.

I have read this draft and support its adoption by DPRIVE.

> Please also indicate if you are willing to contribute text, review, etc.

I am willing to contribute text, and review, and even etc. if necessary.



Note there was some discussion today in the working group about the
approach that this document takes. The concern is that this seems to be
a survey of possible techniques. Personally I think it makes sense to
have two documents:

1. A review of all possible approaches (the current document), and 
2. Recommendations for implementors (based on pending research and
   analysis).

If we really only want one document, then probably it should start with
recommendations and then include the review of techniques as an
appendix.



I also note two possible issues that I don't think were really
mentioned in the draft:

1. If TCP or some other underlying transport is used which collects DNS
   messages together into a smaller or greater number of packets, it
   may complicate things. At first glance, it seems like this would
   always make an attacker's job harder, but maybe an attacker can do
   things that I might not think of (inducing or otherwise controlling
   delay? forcing retries?). I don't know what to say about this, but
   maybe smarter people on this list have ideas?

2. Timing analysis is still possible even if every message is padded to
   64 kibibyte. Personally I think that this sort of analysis should
   NOT be considered in this draft (or drafts), but rather deferred to
   later work.



Finally, I noticed that someone mentioned that even with a obfuscated
session that the source & destination IP addresses of the servers
involved are still known. This is indeed a problem, but to solve it
means we would need to consider some of the approaches taken by the
various privacy networks like Tor, i2p, GNUnet, or the like.

We are so far from a world where we have any privacy in DNS that I
think we need to focus on the problems that we can actually come close
to solving in the near- or medium-term. But maybe it is worth
considering a research group in the IRTF?

Cheers,

--
Shane


pgpgE5yzMLn28.pgp
Description: OpenPGP digital signature
___
dns-privacy mailing list
dns-privacy@ietf.org
https://www.ietf.org/mailman/listinfo/dns-privacy

Re: [dns-privacy] Call for Adoption: draft-mayrhofer-dprive-padding-profile

2016-11-17 Thread Paul Hoffman 
I support the adoption of this document, knowing that there is still a 
bunch of research that needs to be done before we can specify good 
profiles.


--Paul Hoffman

___
dns-privacy mailing list
dns-privacy@ietf.org
https://www.ietf.org/mailman/listinfo/dns-privacy

[dns-privacy] Call for Adoption: draft-mayrhofer-dprive-padding-profile

2016-11-17 Thread Warren Kumari 
Dear DPRIVE WG,

This starts a Call for Adoption for draft-mayrhofer-dprive-padding-profile.

The draft is available here:
https://datatracker.ietf.org/doc/draft-mayrhofer-dprive-padding-profile/

Please review this draft to see if you think it is suitable for
adoption by DPRIVE,
and comments to the list, clearly stating your view.

Please also indicate if you are willing to contribute text, review, etc.

This call for adoption ends Fri 02-Dec-2016.

In addition, to satisfy RFC 6702 ("Promoting Compliance with
Intellectual Property Rights (IPR)"):
If you are personally aware of any IPR that applies to
draft-mayrhofer-dprive-padding-profile, has this IPR been disclosed in
compliance with IETF IPR rules? (See RFCs 3979, 4879, 3669, and 5378
for more details.)


Thanks,
Warren Kumari
(as DPRIVE WG co-chair)
-- 
I don't think the execution is relevant when it was obviously a bad
idea in the first place.
This is like putting rabid weasels in your pants, and later expressing
regret at having chosen those particular rabid weasels and that pair
of pants.
   ---maf

___
dns-privacy mailing list
dns-privacy@ietf.org
https://www.ietf.org/mailman/listinfo/dns-privacy