WG Action: Formed DNS PRIVate Exchange (dprive)
The IESG <iesg-secretary@ietf.org> Fri, 17 October 2014 15:29 UTC
Return-Path: <iesg-secretary@ietf.org>
X-Original-To: ietf-announce@ietfa.amsl.com
Delivered-To: ietf-announce@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4C7261A1B28; Fri, 17 Oct 2014 08:29:07 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -101.9
X-Spam-Level:
X-Spam-Status: No, score=-101.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, USER_IN_WHITELIST=-100] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id gqdXPIQuM8c6; Fri, 17 Oct 2014 08:29:05 -0700 (PDT)
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id F29B41A1B2E; Fri, 17 Oct 2014 08:29:04 -0700 (PDT)
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
Subject: WG Action: Formed DNS PRIVate Exchange (dprive)
X-Test-IDTracker: no
X-IETF-IDTracker: 5.6.4
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <20141017152904.29303.66769.idtracker@ietfa.amsl.com>
Date: Fri, 17 Oct 2014 08:29:04 -0700
Archived-At: http://mailarchive.ietf.org/arch/msg/ietf-announce/GckzHu08QzGZoG7dWTbtHIxIfD0
Cc: dprive WG <dns-privacy@ietf.org>
X-BeenThere: ietf-announce@ietf.org
X-Mailman-Version: 2.1.15
Reply-To: ietf@ietf.org
List-Id: "IETF announcement list. No discussions." <ietf-announce.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf-announce>, <mailto:ietf-announce-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf-announce/>
List-Post: <mailto:ietf-announce@ietf.org>
List-Help: <mailto:ietf-announce-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf-announce>, <mailto:ietf-announce-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 17 Oct 2014 15:29:07 -0000
A new IETF working group has been formed in the Internet Area. For additional information please contact the Area Directors or the WG Chairs. DNS PRIVate Exchange (dprive) ------------------------------------------------ Current Status: Proposed WG Chairs: Tim Wicinski <tjw.ietf@gmail.com> Warren Kumari <warren@kumari.net> Assigned Area Director: Brian Haberman <brian@innovationslab.net> Mailing list Address: dns-privacy@ietf.org To Subscribe: https://www.ietf.org/mailman/listinfo/dns-privacy Archive: http://www.ietf.org/mail-archive/web/dns-privacy/ Charter: The DNS PRIVate Exchange (DPRIVE) Working Group develops mechanisms to provide confidentiality to DNS transactions, to address concerns surrounding pervasive monitoring (RFC 7258). The set of DNS requests that an individual makes can provide an attacker with a large amount of information about that individual. DPRIVE aims to deprive the attacker of this information. (The IETF defines pervasive monitoring as an attack [RFC7258]) The primary focus of this Working Group is to develop mechanisms that provide confidentiality between DNS Clients and Iterative Resolvers, but it may also later consider mechanisms that provide confidentiality between Iterative Resolvers and Authoritative Servers, or provide end-to-end confidentiality of DNS transactions. Some of the results of this working group may be experimental. The Working Group will also develop an evaluation document to provide methods for measuring the performance against pervasive monitoring; and how well the goal is met. The Working Group will also develop a document providing example assessments for common use cases. DPRIVE is chartered to work on mechanisms that add confidentiality to the DNS. While it may be tempting to solve other DNS issues while adding confidentiality, DPRIVE is not the working group to do this. DPRIVE will not work on any integrity-only mechanisms. Examples of the sorts of risks that DPRIVE will address can be found in [draft-bortzmeyer-dnsop-dns-privacy], and include both passive wiretapping and more active attacks, such as MITM attacks. DPRIVE will address risks to end-users' privacy (for example, which websites an end user is accessing). Some of the main design goals (in no particular order) are: - Provide confidentiality to DNS transactions (for the querier). - Maintain backwards compatibility with legacy DNS implementations. - Require minimal application-level changes. - Require minimal additional configuration or effort from applications or users Milestones: Dec 2014 - WG LC on an problem statement document Mar 2015 - WG selects one or more primary protocol directions Jul 2015 - WG LC on primary protocol directions