Oblivious DNS over HTTPS
draft-pauly-dprive-oblivious-doh-11
Revision differences
Document history
Date | Rev. | By | Action |
---|---|---|---|
2022-04-22
|
11 | (System) | RFC Editor state changed to AUTH48-DONE from AUTH48 |
2022-04-08
|
11 | (System) | RFC Editor state changed to AUTH48 |
2022-03-28
|
11 | (System) | RFC Editor state changed to RFC-EDITOR from EDIT |
2022-02-24
|
11 | (System) | IANA Action state changed to RFC-Ed-Ack from Waiting on RFC Editor |
2022-02-23
|
11 | (System) | IANA Action state changed to Waiting on RFC Editor from In Progress |
2022-02-23
|
11 | (System) | IANA Action state changed to In Progress from Waiting on Authors |
2022-02-23
|
11 | (System) | IANA Action state changed to Waiting on Authors from In Progress |
2022-02-18
|
11 | (System) | RFC Editor state changed to EDIT |
2022-02-18
|
11 | (System) | IANA Action state changed to In Progress |
2022-02-18
|
11 | Adrian Farrel | ISE state changed to Sent to the RFC Editor from In IESG Review |
2022-02-18
|
11 | Adrian Farrel | Sent request for publication to the RFC Editor |
2022-02-18
|
11 | Adrian Farrel | Tag IESG Review Completed set. |
2022-02-17
|
11 | (System) | IANA Review state changed to Version Changed - Review Needed from IANA OK - Actions Needed |
2022-02-17
|
11 | Tommy Pauly | New version available: draft-pauly-dprive-oblivious-doh-11.txt |
2022-02-17
|
11 | (System) | New version approved |
2022-02-17
|
11 | (System) | Request for posting confirmation emailed to previous authors: Christopher Wood , Eric Kinnear , Patrick McManus , Tanya Verma , Tommy Pauly |
2022-02-17
|
11 | Tommy Pauly | Uploaded new revision |
2022-01-31
|
10 | Amanda Baber | IANA Review state changed to IANA OK - Actions Needed |
2022-01-31
|
10 | Amanda Baber | (Via drafts-eval@iana.org): IESG/Authors/ISE: The IANA Functions Operator has completed its review of draft-pauly-dprive-oblivious-doh-09. If any part of this review is inaccurate, please let us … (Via drafts-eval@iana.org): IESG/Authors/ISE: The IANA Functions Operator has completed its review of draft-pauly-dprive-oblivious-doh-09. If any part of this review is inaccurate, please let us know. We understand that when this document is sent to us for processing, we will perform a single registry action. IANA will add application/oblivious-dns-message to the media types registry at https://www.iana.org/assignments/media-types after the IESG approves a separate request to register the type. This request has been submitted as a management item for the 2/17 telechat. Thank you, Amanda Baber IANA Operations Manager |
2022-01-31
|
10 | Tommy Pauly | New version available: draft-pauly-dprive-oblivious-doh-10.txt |
2022-01-31
|
10 | (System) | New version approved |
2022-01-31
|
10 | (System) | Request for posting confirmation emailed to previous authors: Christopher Wood , Eric Kinnear , Patrick McManus , Tanya Verma , Tommy Pauly |
2022-01-31
|
10 | Tommy Pauly | Uploaded new revision |
2022-01-27
|
09 | Adrian Farrel | ISE state changed to In IESG Review from In ISE Review |
2022-01-27
|
09 | Adrian Farrel | IETF conflict review initiated - see conflict-review-pauly-dprive-oblivious-doh |
2022-01-27
|
09 | Adrian Farrel | draft-pauly-dprive-oblivious-doh has been presented to the ISE for publication as an Experimental RFC on the Independent Stream. ==Purpose== This document describes an experimental protocol that … draft-pauly-dprive-oblivious-doh has been presented to the ISE for publication as an Experimental RFC on the Independent Stream. ==Purpose== This document describes an experimental protocol that allows clients to hide their IP addresses from DNS resolvers via proxying encrypted DNS over HTTPS (DoH) messages. The protocol is termed "Oblivious DNS over HTTPS. The document contains a dedicated section (section 10) to discuss the scope of the experiment. == History== This document was discussed in DPRIVE and the question was asked about how to progress the work. The Independent Stream was suggested as an option, and in the absence of a strong push within the WG for adoption, the authors selected the Independent Stream. The document was sent to add@ietf.org by Eliot Lear on 2021-11-01 to raise some discussion points. The document was first brought to the ISE in April 2021 at version -06. Since then it has been revised several times to address review comments. ==Non-IETF Work== The Abstract, and the Introduction make the scope of this work clear, stating that the work is an experiment and was developed outside the IETF. ==Security Considerations== The whole document is relevant to Privacy and so security plays a big part. The authors have provided a substantial Security Considerations section to highlight some potential issues and some possible attacks. ==IANA== This document requests IANA to make an assignment of a Media Type from the registry of Multipurpose Internet Mail Extensions (MIME) and Media Types. The assignment policy for that registry is Specification Required with Expert Review. The designated experts for this registry are Ned Freed and Alexey Melnikov. The document contains an adequate request form with the appropriate details. The DEs have not been consulted yet. ==Reviews== This document has been reviewed for the ISE by Mark Nottingham and David Schinazi. The ISE also did a review. The reviews raised a number of points of substance and some editorials all of which have been addressed in updates to the document. Details of the reviews can be retrieved on request. ==Remaining Nits and Edits== There are some nits around the use of BCP 14 language that the authors will resolve in a new revision. ==Points of Discussion== In his email to add@ietf.org, Eliot Lear stated: > Just for the record, I think this draft leads to a situation where > miscreants can hide their tracks. > Section 10.1 of that document is weak. > This has the potential to leave web sites unable to determine who > is attacking them, and also prevents service providers from > backtracing such attacks. > > This demonstrates precisely why an appropriately strong applicability > statement is necessary in any ADD output. This was refuted by Tommy Pauly and independently by Eric Rescorla as: > If someone is attacking the Web site, they will need to actually send > packets to the site, which will either (1) contain their IP or (2) > will be proxied. > In the former case, they can determine who is attacking them and in > the latter case, they can proxy the DNS requests through the proxy and > don't need ODoH, which is primarily a performance improvement over > generic proxying. There was no further debate of this point. |
2022-01-27
|
09 | Adrian Farrel | ISE state changed to In ISE Review from Response to Review Needed |
2022-01-05
|
09 | (System) | Revised ID Needed tag cleared |
2022-01-05
|
09 | Tommy Pauly | New version available: draft-pauly-dprive-oblivious-doh-09.txt |
2022-01-05
|
09 | (System) | New version approved |
2022-01-05
|
09 | (System) | Request for posting confirmation emailed to previous authors: Christopher Wood , Eric Kinnear , Patrick McManus , Tanya Verma , Tommy Pauly |
2022-01-05
|
09 | (System) | Request for posting confirmation emailed to previous authors: Christopher Wood , Eric Kinnear , Patrick McManus , Tanya Verma , Tommy Pauly |
2022-01-05
|
09 | Tommy Pauly | Uploaded new revision |
2022-01-05
|
09 | Tommy Pauly | Uploaded new revision |
2022-01-05
|
08 | Adrian Farrel | Tag Revised I-D Needed set. Tag Awaiting Reviews cleared. |
2022-01-05
|
08 | Adrian Farrel | ISE state changed to Response to Review Needed from Finding Reviewers |
2021-12-07
|
08 | Adrian Farrel | Tag Awaiting Reviews set. |
2021-12-06
|
08 | Adrian Farrel | ISE state changed to Finding Reviewers from Response to Review Needed |
2021-12-03
|
08 | (System) | Revised ID Needed tag cleared |
2021-12-03
|
08 | Christopher Wood | New version available: draft-pauly-dprive-oblivious-doh-08.txt |
2021-12-03
|
08 | (System) | New version accepted (logged-in submitter: Christopher Wood) |
2021-12-03
|
08 | Christopher Wood | Uploaded new revision |
2021-11-26
|
07 | Adrian Farrel | Tag Revised I-D Needed set. |
2021-11-26
|
07 | Adrian Farrel | ISE state changed to Response to Review Needed from In ISE Review |
2021-11-26
|
07 | Adrian Farrel | ISE state changed to In ISE Review from Submission Received |
2021-09-02
|
07 | Tommy Pauly | New version available: draft-pauly-dprive-oblivious-doh-07.txt |
2021-09-02
|
07 | (System) | New version accepted (logged-in submitter: Tommy Pauly) |
2021-09-02
|
07 | Tommy Pauly | Uploaded new revision |
2021-05-01
|
06 | Adrian Farrel | Notification list changed to rfc-ise@rfc-editor.org because the document shepherd was set |
2021-05-01
|
06 | Adrian Farrel | Document shepherd changed to Adrian Farrel |
2021-05-01
|
06 | Adrian Farrel | Tag Polled for WG adoption but not adopted cleared. |
2021-05-01
|
06 | Adrian Farrel | ISE state changed to Submission Received |
2021-05-01
|
06 | Adrian Farrel | Some debate over whether this should be Experimental or Informational |
2021-05-01
|
06 | Adrian Farrel | Intended Status changed to Experimental from None |
2021-05-01
|
06 | Adrian Farrel | Moved from IETF Stream to Independent Submissions Stream on request of authors |
2021-05-01
|
06 | Adrian Farrel | Stream changed to ISE from IETF |
2021-04-01
|
06 | Brian Haberman | Tag Polled for WG adoption but not adopted set. |
2021-03-17
|
06 | Brian Haberman | IETF WG state changed to Call For Adoption By WG Issued |
2021-03-17
|
06 | Brian Haberman | Notification list changed to none |
2021-03-17
|
06 | Brian Haberman | Changed group to DNS PRIVate Exchange (DPRIVE) |
2021-03-17
|
06 | Brian Haberman | Changed stream to IETF |
2021-03-08
|
06 | Tommy Pauly | New version available: draft-pauly-dprive-oblivious-doh-06.txt |
2021-03-08
|
06 | (System) | New version accepted (logged-in submitter: Tommy Pauly) |
2021-03-08
|
06 | Tommy Pauly | Uploaded new revision |
2021-02-26
|
05 | Tim Wicinski | Added to session: IETF-110: dprive Tue-1300 |
2021-02-21
|
05 | Tommy Pauly | New version available: draft-pauly-dprive-oblivious-doh-05.txt |
2021-02-21
|
05 | (System) | New version accepted (logged-in submitter: Tommy Pauly) |
2021-02-21
|
05 | Tommy Pauly | Uploaded new revision |
2021-01-26
|
04 | Tommy Pauly | New version available: draft-pauly-dprive-oblivious-doh-04.txt |
2021-01-26
|
04 | (System) | New version accepted (logged-in submitter: Tommy Pauly) |
2021-01-26
|
04 | Tommy Pauly | Uploaded new revision |
2020-12-02
|
03 | Christopher Wood | New version available: draft-pauly-dprive-oblivious-doh-03.txt |
2020-12-02
|
03 | (System) | New version accepted (logged-in submitter: Christopher Wood) |
2020-12-02
|
03 | Christopher Wood | Uploaded new revision |
2020-10-09
|
02 | Christopher Wood | New version available: draft-pauly-dprive-oblivious-doh-02.txt |
2020-10-09
|
02 | (System) | New version accepted (logged-in submitter: Christopher Wood) |
2020-10-09
|
02 | Christopher Wood | Uploaded new revision |
2020-05-04
|
01 | (System) | Document has expired |
2019-11-09
|
01 | Tim Wicinski | Added to session: IETF-106: dprive Fri-1000 |
2019-11-01
|
01 | Tommy Pauly | New version available: draft-pauly-dprive-oblivious-doh-01.txt |
2019-11-01
|
01 | (System) | New version accepted (logged-in submitter: Tommy Pauly) |
2019-11-01
|
01 | Tommy Pauly | Uploaded new revision |
2019-10-04
|
00 | Tommy Pauly | New version available: draft-pauly-dprive-oblivious-doh-00.txt |
2019-10-04
|
00 | (System) | New version accepted (logged-in submitter: Tommy Pauly) |
2019-10-04
|
00 | Tommy Pauly | Uploaded new revision |