Of interest to this WG, because some of the items that were previously discussed for DNSOP are now in the new WG.
--Paul Hoffman Begin forwarded message: > From: The IESG <iesg-secret...@ietf.org> > Subject: WG Action: Formed DNS PRIVate Exchange (dprive) > Date: October 17, 2014 at 8:29:04 AM PDT > To: IETF-Announce <ietf-annou...@ietf.org> > Cc: dprive WG <dns-priv...@ietf.org> > Reply-To: i...@ietf.org > > A new IETF working group has been formed in the Internet Area. For > additional information please contact the Area Directors or the WG > Chairs. > > DNS PRIVate Exchange (dprive) > ------------------------------------------------ > Current Status: Proposed WG > > Chairs: > Tim Wicinski <tjw.i...@gmail.com> > Warren Kumari <war...@kumari.net> > > Assigned Area Director: > Brian Haberman <br...@innovationslab.net> > > Mailing list > Address: dns-priv...@ietf.org > To Subscribe: https://www.ietf.org/mailman/listinfo/dns-privacy > Archive: http://www.ietf.org/mail-archive/web/dns-privacy/ > > Charter: > > The DNS PRIVate Exchange (DPRIVE) Working Group develops mechanisms to > provide confidentiality to DNS transactions, to address concerns > surrounding pervasive monitoring (RFC 7258). > > > The set of DNS requests that an individual makes can provide an > attacker with a large amount of information about that individual. > DPRIVE aims to deprive the attacker of this information. (The IETF > defines pervasive monitoring as an attack [RFC7258]) > > > The primary focus of this Working Group is to develop mechanisms that > provide confidentiality between DNS Clients and Iterative Resolvers, > but it may also later consider mechanisms that provide confidentiality > between Iterative Resolvers and Authoritative Servers, or provide > end-to-end confidentiality of DNS transactions. Some of the results of > this working group may be experimental. The Working Group will also > develop an evaluation document to provide methods for measuring the > performance against pervasive monitoring; and how well the goal is met. > The Working Group will also develop a document providing example > assessments for common use cases. > > > DPRIVE is chartered to work on mechanisms that add confidentiality to > the DNS. While it may be tempting to solve other DNS issues while > adding confidentiality, DPRIVE is not the working group to do this. > DPRIVE will not work on any integrity-only mechanisms. > > > Examples of the sorts of risks that DPRIVE will address can be found > in [draft-bortzmeyer-dnsop-dns-privacy], and include both passive > wiretapping and more active attacks, such as MITM attacks. DPRIVE will > address risks to end-users' privacy (for example, which websites an > end user is accessing). > > > > Some of the main design goals (in no particular order) are: > > > - Provide confidentiality to DNS transactions (for the querier). > > > - Maintain backwards compatibility with legacy DNS implementations. > > > - Require minimal application-level changes. > > > - Require minimal additional configuration or effort from applications or > users > > Milestones: > Dec 2014 - WG LC on an problem statement document > Mar 2015 - WG selects one or more primary protocol directions > Jul 2015 - WG LC on primary protocol directions > > _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop