On Fri, 04 Jul 2014 20:04:02 -0700 Paul Vixie <[email protected]> wrote:
> first, dns data itself is public -- the data is there for anybody to > query for it, if you know what to query for. only the question, > questioner, and time can be kept secret. answers are only worth > keeping secret because they identify the question, questioner, and > time. Hi Paul, This may traditionally be true and ideally in the coherent name space world be true, but is not necessarily true. Thanks to views and other so-called DNS tricks, particularly those that in essence or a weak form of authentication (or even stronger form such as when attaching TSIG to them), answers that may never otherwise be seen by some subset of clients, or perhaps more correctly synthesized for some clients, may be candidates for enhanced secrecy. I wouldn't necessarily optimize for or argue to support such uses, just pointing out that they do exist in some corner cases. > by implication, then, the remainder of possible problem statement > material is "hide question from on-wire surveillance", there being no > way to hide the questioner or the time. to further narrow this, the > prospective on-wire surveillance has to be from third parties who are > not also operators of on-path dns protocol agents, because any second > party could be using on-wire surveillance as part of their logging > solution, and by (2) above there is no way to hide from them. so we're > left with "hide question from on-wire surveillance by third parties." This sounds like DNSCurve's approach. John _______________________________________________ Int-area mailing list [email protected] https://www.ietf.org/mailman/listinfo/int-area
