| draft-ietf-dnsop-qname-minimisation-05.txt | draft-ietf-dnsop-qname-minimisation-06.txt | |||
|---|---|---|---|---|
| Domain Name System Operations (dnsop) Working Group S. Bortzmeyer | Domain Name System Operations (dnsop) Working Group S. Bortzmeyer | |||
| Internet-Draft AFNIC | Internet-Draft AFNIC | |||
| Intended status: Experimental August 1, 2015 | Intended status: Experimental October 5, 2015 | |||
| Expires: February 2, 2016 | Expires: April 7, 2016 | |||
| DNS query name minimisation to improve privacy | DNS query name minimisation to improve privacy | |||
| draft-ietf-dnsop-qname-minimisation-05 | draft-ietf-dnsop-qname-minimisation-06 | |||
| Abstract | Abstract | |||
| This document describes one of the techniques that could be used to | This document describes one of the techniques that could be used to | |||
| improve DNS privacy (see [I-D.ietf-dprive-problem-statement]), a | improve DNS privacy (see [RFC7626]), a technique called "QNAME | |||
| technique called "QNAME minimisation", where the DNS resolver no | minimisation", where the DNS resolver no longer sends the full | |||
| longer sends the full original QNAME to the upstream name server. | original QNAME to the upstream name server. | |||
| Status of This Memo | Status of This Memo | |||
| This Internet-Draft is submitted in full conformance with the | This Internet-Draft is submitted in full conformance with the | |||
| provisions of BCP 78 and BCP 79. | provisions of BCP 78 and BCP 79. | |||
| Internet-Drafts are working documents of the Internet Engineering | Internet-Drafts are working documents of the Internet Engineering | |||
| Task Force (IETF). Note that other groups may also distribute | Task Force (IETF). Note that other groups may also distribute | |||
| working documents as Internet-Drafts. The list of current Internet- | working documents as Internet-Drafts. The list of current Internet- | |||
| Drafts is at http://datatracker.ietf.org/drafts/current/. | Drafts is at http://datatracker.ietf.org/drafts/current/. | |||
| Internet-Drafts are draft documents valid for a maximum of six months | Internet-Drafts are draft documents valid for a maximum of six months | |||
| and may be updated, replaced, or obsoleted by other documents at any | and may be updated, replaced, or obsoleted by other documents at any | |||
| time. It is inappropriate to use Internet-Drafts as reference | time. It is inappropriate to use Internet-Drafts as reference | |||
| material or to cite them other than as "work in progress." | material or to cite them other than as "work in progress." | |||
| This Internet-Draft will expire on February 2, 2016. | This Internet-Draft will expire on April 7, 2016. | |||
| Copyright Notice | Copyright Notice | |||
| Copyright (c) 2015 IETF Trust and the persons identified as the | Copyright (c) 2015 IETF Trust and the persons identified as the | |||
| document authors. All rights reserved. | document authors. All rights reserved. | |||
| This document is subject to BCP 78 and the IETF Trust's Legal | This document is subject to BCP 78 and the IETF Trust's Legal | |||
| Provisions Relating to IETF Documents | Provisions Relating to IETF Documents | |||
| (http://trustee.ietf.org/license-info) in effect on the date of | (http://trustee.ietf.org/license-info) in effect on the date of | |||
| publication of this document. Please review these documents | publication of this document. Please review these documents | |||
| skipping to change at page 2, line 26 | skipping to change at page 2, line 26 | |||
| 10. References . . . . . . . . . . . . . . . . . . . . . . . . . 8 | 10. References . . . . . . . . . . . . . . . . . . . . . . . . . 8 | |||
| 10.1. Normative References . . . . . . . . . . . . . . . . . . 8 | 10.1. Normative References . . . . . . . . . . . . . . . . . . 8 | |||
| 10.2. Informative References . . . . . . . . . . . . . . . . . 8 | 10.2. Informative References . . . . . . . . . . . . . . . . . 8 | |||
| 10.3. URIs . . . . . . . . . . . . . . . . . . . . . . . . . . 9 | 10.3. URIs . . . . . . . . . . . . . . . . . . . . . . . . . . 9 | |||
| Appendix A. An algorithm to find the zone cut . . . . . . . . . 9 | Appendix A. An algorithm to find the zone cut . . . . . . . . . 9 | |||
| Appendix B. Alternatives . . . . . . . . . . . . . . . . . . . . 10 | Appendix B. Alternatives . . . . . . . . . . . . . . . . . . . . 10 | |||
| Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 11 | Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 11 | |||
| 1. Introduction and background | 1. Introduction and background | |||
| The problem statement is exposed in | The problem statement is exposed in [RFC7626]. The terminology | |||
| [I-D.ietf-dprive-problem-statement]. The terminology ("QNAME", | ("QNAME", "resolver", etc) is also defined in this companion | |||
| "resolver", etc) is also defined in this companion document. This | document. This specific solution is not intended to fully solve the | |||
| specific solution is not intended to fully solve the DNS privacy | DNS privacy problem; instead, it should be viewed as one tool amongst | |||
| problem; instead, it should be viewed as one tool amongst many. | many. | |||
| It follows the principle explained in section 6.1 of [RFC6973]: the | It follows the principle explained in section 6.1 of [RFC6973]: the | |||
| less data you send out, the fewer privacy problems you'll get. | less data you send out, the fewer privacy problems you'll get. | |||
| Under current practice, when a resolver receives the query "What is | Under current practice, when a resolver receives the query "What is | |||
| the AAAA record for www.example.com?", it sends to the root (assuming | the AAAA record for www.example.com?", it sends to the root (assuming | |||
| a cold resolver, whose cache is empty) the very same question. | a cold resolver, whose cache is empty) the very same question. | |||
| Sending the full QNAME to the authoritative name server is a | Sending the full QNAME to the authoritative name server is a | |||
| tradition, not a protocol requirement. This tradition | tradition, not a protocol requirement. This tradition comes | |||
| comes[mockapetris-history] from a desire to optimize the number of | [mockapetris-history] from a desire to optimize the number of | |||
| requests, when the same name server is authoritative for many zones | requests, when the same name server is authoritative for many zones | |||
| in a given name (something which was more common in the old days, | in a given name (something which was more common in the old days, | |||
| where the same name servers served .com and the root) or when the | where the same name servers served .com and the root) or when the | |||
| same name server is both recursive and authoritative (something which | same name server is both recursive and authoritative (something which | |||
| is strongly discouraged now). Whatever the merits of this choice at | is strongly discouraged now). Whatever the merits of this choice at | |||
| this time, the DNS is quite different now. | this time, the DNS is quite different now. | |||
| 2. QNAME minimisation | 2. QNAME minimisation | |||
| The idea is to minimise the amount of data sent from the DNS resolver | The idea is to minimise the amount of data sent from the DNS resolver | |||
| skipping to change at page 4, line 5 | skipping to change at page 4, line 4 | |||
| Note that DNSSEC-validating resolvers already have access to this | Note that DNSSEC-validating resolvers already have access to this | |||
| information, since they have to know the zone cut (the DNSKEY record | information, since they have to know the zone cut (the DNSKEY record | |||
| set is just below, the DS record set just above). | set is just below, the DS record set just above). | |||
| 3. Possible issues | 3. Possible issues | |||
| QNAME minimisation is legal, since the original DNS RFC do not | QNAME minimisation is legal, since the original DNS RFC do not | |||
| mandate sending the full QNAME. So, in theory, it should work | mandate sending the full QNAME. So, in theory, it should work | |||
| without any problems. However, in practice, some problems may occur | without any problems. However, in practice, some problems may occur | |||
| (see an analysis in [huque-qnamemin]). | (see an analysis in [huque-qnamemin] and an interesting discussion in | |||
| [huque-qnamestorify]). | ||||
| Some broken name servers do not react properly to qtype=NS requests. | Some broken name servers do not react properly to qtype=NS requests. | |||
| For instance, some authoritative name servers embedded in load | For instance, some authoritative name servers embedded in load | |||
| balancers reply properly to A queries but send REFUSED to NS queries. | balancers reply properly to A queries but send REFUSED to NS queries. | |||
| This behaviour is a gross protocol violation, and there is no need to | This behaviour is a gross protocol violation, and there is no need to | |||
| stop improving the DNS because of such brokenness. However, QNAME | stop improving the DNS because of such brokenness. However, QNAME | |||
| minimisation may still work with such domains since they are only | minimisation may still work with such domains since they are only | |||
| leaf domains (no need to send them NS requests). Such setup breaks | leaf domains (no need to send them NS requests). Such setup breaks | |||
| more than just QNAME minimisation. It breaks negative answers, since | more than just QNAME minimisation. It breaks negative answers, since | |||
| the servers don't return the correct SOA, and it also breaks anything | the servers don't return the correct SOA, and it also breaks anything | |||
| skipping to change at page 8, line 10 | skipping to change at page 8, line 10 | |||
| advantages (besides privacy) to QNAME minimisation. Thanks to | advantages (besides privacy) to QNAME minimisation. Thanks to | |||
| Phillip Hallam-Baker for the fallback on A queries, to deal with | Phillip Hallam-Baker for the fallback on A queries, to deal with | |||
| broken servers. Thanks to Robert Edmonds for an interesting anti- | broken servers. Thanks to Robert Edmonds for an interesting anti- | |||
| pattern. | pattern. | |||
| 10. References | 10. References | |||
| 10.1. Normative References | 10.1. Normative References | |||
| [RFC1034] Mockapetris, P., "Domain names - concepts and facilities", | [RFC1034] Mockapetris, P., "Domain names - concepts and facilities", | |||
| STD 13, RFC 1034, November 1987. | STD 13, RFC 1034, DOI 10.17487/RFC1034, November 1987, | |||
| <http://www.rfc-editor.org/info/rfc1034>. | ||||
| [RFC1035] Mockapetris, P., "Domain names - implementation and | [RFC1035] Mockapetris, P., "Domain names - implementation and | |||
| specification", STD 13, RFC 1035, November 1987. | specification", STD 13, RFC 1035, DOI 10.17487/RFC1035, | |||
| November 1987, <http://www.rfc-editor.org/info/rfc1035>. | ||||
| [RFC6973] Cooper, A., Tschofenig, H., Aboba, B., Peterson, J., | [RFC6973] Cooper, A., Tschofenig, H., Aboba, B., Peterson, J., | |||
| Morris, J., Hansen, M., and R. Smith, "Privacy | Morris, J., Hansen, M., and R. Smith, "Privacy | |||
| Considerations for Internet Protocols", RFC 6973, July | Considerations for Internet Protocols", RFC 6973, DOI | |||
| 2013. | 10.17487/RFC6973, July 2013, | |||
| <http://www.rfc-editor.org/info/rfc6973>. | ||||
| [I-D.ietf-dprive-problem-statement] | [RFC7626] Bortzmeyer, S., "DNS Privacy Considerations", RFC 7626, | |||
| Bortzmeyer, S., "DNS privacy considerations", draft-ietf- | DOI 10.17487/RFC7626, August 2015, | |||
| dprive-problem-statement-06 (work in progress), June 2015. | <http://www.rfc-editor.org/info/rfc7626>. | |||
| 10.2. Informative References | 10.2. Informative References | |||
| [RFC2181] Elz, R. and R. Bush, "Clarifications to the DNS | [RFC2181] Elz, R. and R. Bush, "Clarifications to the DNS | |||
| Specification", RFC 2181, July 1997. | Specification", RFC 2181, DOI 10.17487/RFC2181, July 1997, | |||
| <http://www.rfc-editor.org/info/rfc2181>. | ||||
| [RFC6982] Sheffer, Y. and A. Farrel, "Improving Awareness of Running | [RFC6982] Sheffer, Y. and A. Farrel, "Improving Awareness of Running | |||
| Code: The Implementation Status Section", RFC 6982, July | Code: The Implementation Status Section", RFC 6982, DOI | |||
| 2013. | 10.17487/RFC6982, July 2013, | |||
| <http://www.rfc-editor.org/info/rfc6982>. | ||||
| [I-D.wkumari-dnsop-hammer] | [I-D.wkumari-dnsop-hammer] | |||
| Kumari, W., Arends, R., Woolf, S., and D. Migault, "Highly | Kumari, W., Arends, R., Woolf, S., and D. Migault, "Highly | |||
| Automated Method for Maintaining Expiring Records", draft- | Automated Method for Maintaining Expiring Records", draft- | |||
| wkumari-dnsop-hammer-01 (work in progress), July 2014. | wkumari-dnsop-hammer-01 (work in progress), July 2014. | |||
| [I-D.vixie-dnsext-resimprove] | [I-D.vixie-dnsext-resimprove] | |||
| Vixie, P., Joffe, R., and F. Neves, "Improvements to DNS | Vixie, P., Joffe, R., and F. Neves, "Improvements to DNS | |||
| Resolvers for Resiliency, Robustness, and Responsiveness", | Resolvers for Resiliency, Robustness, and Responsiveness", | |||
| draft-vixie-dnsext-resimprove-00 (work in progress), June | draft-vixie-dnsext-resimprove-00 (work in progress), June | |||
| End of changes. 13 change blocks. | ||||
| 25 lines changed or deleted | 31 lines changed or added | |||
This html diff was produced by rfcdiff 1.42. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||