< draft-ietf-add-dnr-06.txt   draft-ietf-add-dnr-07.txt >
ADD M. Boucadair, Ed. ADD M. Boucadair, Ed.
Internet-Draft Orange Internet-Draft Orange
Intended status: Standards Track T. Reddy, Ed. Intended status: Standards Track T. Reddy, Ed.
Expires: 23 September 2022 Akamai Expires: 15 October 2022 Akamai
D. Wing D. Wing
Citrix Citrix
N. Cook N. Cook
Open-Xchange Open-Xchange
T. Jensen T. Jensen
Microsoft Microsoft
22 March 2022 13 April 2022
DHCP and Router Advertisement Options for the Discovery of Network- DHCP and Router Advertisement Options for the Discovery of Network-
designated Resolvers (DNR) designated Resolvers (DNR)
draft-ietf-add-dnr-06 draft-ietf-add-dnr-07
Abstract Abstract
The document specifies new DHCP and IPv6 Router Advertisement options The document specifies new DHCP and IPv6 Router Advertisement options
to discover encrypted DNS servers (e.g., DNS-over-HTTPS, DNS-over- to discover encrypted DNS servers (e.g., DNS-over-HTTPS, DNS-over-
TLS, DNS-over-QUIC). Particularly, it allows to learn an TLS, DNS-over-QUIC). Particularly, it allows to learn an
authentication domain name together with a list of IP addresses and a authentication domain name together with a list of IP addresses and a
set of service parameters to reach such encrypted DNS servers. set of service parameters to reach such encrypted DNS servers.
Status of This Memo Status of This Memo
skipping to change at page 1, line 42 skipping to change at page 1, line 42
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/. Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on 23 September 2022. This Internet-Draft will expire on 15 October 2022.
Copyright Notice Copyright Notice
Copyright (c) 2022 IETF Trust and the persons identified as the Copyright (c) 2022 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents (https://trustee.ietf.org/ Provisions Relating to IETF Documents (https://trustee.ietf.org/
license-info) in effect on the date of publication of this document. license-info) in effect on the date of publication of this document.
Please review these documents carefully, as they describe your rights Please review these documents carefully, as they describe your rights
skipping to change at page 2, line 20 skipping to change at page 2, line 20
extracted from this document must include Revised BSD License text as extracted from this document must include Revised BSD License text as
described in Section 4.e of the Trust Legal Provisions and are described in Section 4.e of the Trust Legal Provisions and are
provided without warranty as described in the Revised BSD License. provided without warranty as described in the Revised BSD License.
Table of Contents Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2
2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 3 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 3
3. Overview . . . . . . . . . . . . . . . . . . . . . . . . . . 3 3. Overview . . . . . . . . . . . . . . . . . . . . . . . . . . 3
3.1. Configuration Data for Encrypted DNS . . . . . . . . . . 4 3.1. Configuration Data for Encrypted DNS . . . . . . . . . . 4
3.2. Handling Configuration Data Conflicts . . . . . . . . . . 5 3.2. Handling Configuration Data Conflicts . . . . . . . . . . 6
3.3. Connection Establishment . . . . . . . . . . . . . . . . 5 3.3. Connection Establishment . . . . . . . . . . . . . . . . 6
3.4. Multihoming Considerations . . . . . . . . . . . . . . . 6 3.4. Multihoming Considerations . . . . . . . . . . . . . . . 7
4. DHCPv6 Encrypted DNS Option . . . . . . . . . . . . . . . . . 6 4. DHCPv6 Encrypted DNS Option . . . . . . . . . . . . . . . . . 7
4.1. Option Format . . . . . . . . . . . . . . . . . . . . . . 6 4.1. Option Format . . . . . . . . . . . . . . . . . . . . . . 7
4.2. DHCPv6 Client Behavior . . . . . . . . . . . . . . . . . 8 4.2. DHCPv6 Client Behavior . . . . . . . . . . . . . . . . . 9
5. DHCPv4 Encrypted DNS Option . . . . . . . . . . . . . . . . . 8 5. DHCPv4 Encrypted DNS Option . . . . . . . . . . . . . . . . . 9
5.1. Option Format . . . . . . . . . . . . . . . . . . . . . . 8 5.1. Option Format . . . . . . . . . . . . . . . . . . . . . . 9
5.2. DHCPv4 Client Behavior . . . . . . . . . . . . . . . . . 10 5.2. DHCPv4 Client Behavior . . . . . . . . . . . . . . . . . 11
6. IPv6 RA Encrypted DNS Option . . . . . . . . . . . . . . . . 10 6. IPv6 RA Encrypted DNS Option . . . . . . . . . . . . . . . . 12
6.1. Option Format . . . . . . . . . . . . . . . . . . . . . . 10 6.1. Option Format . . . . . . . . . . . . . . . . . . . . . . 12
6.2. IPv6 Host Behavior . . . . . . . . . . . . . . . . . . . 12 6.2. IPv6 Host Behavior . . . . . . . . . . . . . . . . . . . 14
7. Security Considerations . . . . . . . . . . . . . . . . . . . 12 7. Security Considerations . . . . . . . . . . . . . . . . . . . 14
7.1. Spoofing Attacks . . . . . . . . . . . . . . . . . . . . 13 7.1. Spoofing Attacks . . . . . . . . . . . . . . . . . . . . 14
7.2. Deletion Attacks . . . . . . . . . . . . . . . . . . . . 14 7.2. Deletion Attacks . . . . . . . . . . . . . . . . . . . . 15
7.3. Passive Attacks . . . . . . . . . . . . . . . . . . . . . 14 7.3. Passive Attacks . . . . . . . . . . . . . . . . . . . . . 15
7.4. Wireless Security - Authentication Attacks . . . . . . . 14 7.4. Wireless Security - Authentication Attacks . . . . . . . 15
8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 14 8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 16
8.1. DHCPv6 Option . . . . . . . . . . . . . . . . . . . . . . 15 8.1. DHCPv6 Option . . . . . . . . . . . . . . . . . . . . . . 16
8.2. DHCPv4 Option . . . . . . . . . . . . . . . . . . . . . . 15 8.2. DHCPv4 Option . . . . . . . . . . . . . . . . . . . . . . 16
8.3. Neighbor Discovery Option . . . . . . . . . . . . . . . . 15 8.3. Neighbor Discovery Option . . . . . . . . . . . . . . . . 17
9. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 15 9. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 17
10. Contributing Authors . . . . . . . . . . . . . . . . . . . . 16 10. Contributing Authors . . . . . . . . . . . . . . . . . . . . 17
11. References . . . . . . . . . . . . . . . . . . . . . . . . . 16 11. References . . . . . . . . . . . . . . . . . . . . . . . . . 18
11.1. Normative References . . . . . . . . . . . . . . . . . . 16 11.1. Normative References . . . . . . . . . . . . . . . . . . 18
11.2. Informative References . . . . . . . . . . . . . . . . . 17 11.2. Informative References . . . . . . . . . . . . . . . . . 18
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 20 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 21
1. Introduction 1. Introduction
This document focuses on the support of encrypted DNS such as DNS- This document focuses on the support of encrypted DNS such as DNS-
over-HTTPS (DoH) [RFC8484], DNS-over-TLS (DoT) [RFC7858], or DNS- over-HTTPS (DoH) [RFC8484], DNS-over-TLS (DoT) [RFC7858], or DNS-
over-QUIC (DoQ) [I-D.ietf-dprive-dnsoquic] in local networks. over-QUIC (DoQ) [I-D.ietf-dprive-dnsoquic] in local networks.
In particular, the document specifies how a local encrypted DNS In particular, the document specifies how a local encrypted DNS
server can be discovered by connected hosts by means of DHCPv4 server can be discovered by connected hosts by means of DHCPv4
[RFC2132], DHCPv6 [RFC8415], and IPv6 Router Advertisement (RA) [RFC2132], DHCPv6 [RFC8415], and IPv6 Router Advertisement (RA)
[RFC4861] options. These options are designed to convey the [RFC4861] options. These options are designed to convey the
following information: the DNS Authentication Domain Name (ADN), a following information: the DNS Authentication Domain Name (ADN), a
list of IP addresses, and a set of service parameters. list of IP addresses, and a set of service parameters. This
procedure is called Discovery of Network-designated Resolvers (DNR).
The options defined in this document can be deployed in a variety of The options defined in this document can be deployed in a variety of
deployments (e.g., local networks with Customer Premises Equipment deployments (e.g., local networks with Customer Premises Equipment
(CPEs) that may or may not be managed by an Internet Service Provider (CPEs) that may or may not be managed by an Internet Service Provider
(ISP), local networks with or without DNS forwarders). It is out of (ISP), local networks with or without DNS forwarders). It is out of
the scope of this document to provide an inventory of such the scope of this document to provide an inventory of such
deployments. deployments.
2. Terminology 2. Terminology
skipping to change at page 3, line 32 skipping to change at page 3, line 33
"SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and
"OPTIONAL" in this document are to be interpreted as described in BCP "OPTIONAL" in this document are to be interpreted as described in BCP
14 [RFC2119] [RFC8174] when, and only when, they appear in all 14 [RFC2119] [RFC8174] when, and only when, they appear in all
capitals, as shown here. capitals, as shown here.
This document makes use of the terms defined in [RFC8499]. The This document makes use of the terms defined in [RFC8499]. The
following additional terms are used: following additional terms are used:
Do53: refers to unencrypted DNS. Do53: refers to unencrypted DNS.
DNR: refers to the Discovery of Network-designated Resolvers
procedure.
Encrypted DNS: refers to a scheme where DNS exchanges are Encrypted DNS: refers to a scheme where DNS exchanges are
transported over an encrypted channel. Examples of encrypted DNS transported over an encrypted channel. Examples of encrypted DNS
are DoT, DoH, or DoQ. are DoT, DoH, or DoQ.
Encrypted DNS options: refers to the options defined in Sections 4, Encrypted DNS options: refers to the options defined in Sections 4,
5, and 6. 5, and 6.
DHCP: refers to both DHCPv4 and DHCPv6. DHCP: refers to both DHCPv4 and DHCPv6.
3. Overview 3. Overview
skipping to change at page 5, line 10 skipping to change at page 5, line 18
Because distinct encrypted DNS protocols may be provisioned by a Because distinct encrypted DNS protocols may be provisioned by a
network (e.g., DoT, DoH, and DoQ) and that some of these protocols network (e.g., DoT, DoH, and DoQ) and that some of these protocols
may make use of customized port numbers instead of default ones, the may make use of customized port numbers instead of default ones, the
Encrypted DNS options are designed to return a set of service Encrypted DNS options are designed to return a set of service
parameters. These parameters are encoded following the same rules parameters. These parameters are encoded following the same rules
for encoding SvcParams in Section 2.1 of [I-D.ietf-dnsop-svcb-https]. for encoding SvcParams in Section 2.1 of [I-D.ietf-dnsop-svcb-https].
This encoding approach may increase the size of the options but it This encoding approach may increase the size of the options but it
has the merit to rely upon an existing IANA registry and, thus, to has the merit to rely upon an existing IANA registry and, thus, to
accommodate new encrypted DNS protocols and service parameters that accommodate new encrypted DNS protocols and service parameters that
may be defined in the future. For example, "dohpath" service may be defined in the future. At least the following service
parameter (Section 5.1 of [I-D.ietf-add-svcb-dns]) supplies a parameters are RECOMMENDED to be supported by a DNR implementation:
relative DoH URI Template.
alpn: Used to indicate the set of supported protocols (Section 7.1
of [I-D.ietf-dnsop-svcb-https]).
port: Used to indicate the target port number for the encrypted DNS
connection (Section 7.2 of [I-D.ietf-dnsop-svcb-https]).
ech: Used to enable Encrypted ClientHello (ECH) (Section 7.3 of
[I-D.ietf-dnsop-svcb-https]).
dohpath: Used to supply a relative DoH URI Template (Section 5.1 of
[I-D.ietf-add-svcb-dns]).
A single option is used to convey both the ADN and IP addresses A single option is used to convey both the ADN and IP addresses
because otherwise means to correlate an IP address with an ADN will because otherwise means to correlate an IP address with an ADN will
be required if, for example, more than one ADN is supported by the be required if, for example, more than one ADN is supported by the
network. network.
The DHCP options defined in Sections 4 and 5 follow the option The DHCP options defined in Sections 4 and 5 follow the option
ordering guidelines in Section 17 of [RFC7227]. ordering guidelines in Section 17 of [RFC7227]. Likewise, the RA
option (Section 6) adheres to the recommendations in Section 9 of
[RFC4861].
AliasMode (Section 2.4.2 of [I-D.ietf-dnsop-svcb-https]) is not ServiceMode (Section 2.4.3 of [I-D.ietf-dnsop-svcb-https]) SHOULD be
supported because such a mode will trigger additional Do53 queries used because the Encrypted DNS options are self-contained and do not
while the data can be supplied directly by DHCP servers. The reader require any additional DNS queries. The reader may refer to
may refer to [RFC7969] for an overview of advanced capabilities that [RFC7969] for an overview of advanced capabilities that are supported
are supported by DHCP servers to populate configuration data (e.g., by DHCP servers to populate configuration data (e.g., issue DNS
issue DNS queries). queries).
In contexts where putting additional complexity on requesting hosts
is acceptable, returning an ADN only can be considered. The supplied
ADN will be processed by a host following the procedure in Section 5
of [I-D.ietf-add-ddr]. Note that this mode may be subject to active
attacks, which can be mitigated by DNSSEC.
Other mechanisms may be considered in other contexts (e.g., secure
discovery) for the provisioning of encrypted DNS servers. It is
RECOMMENDED that at least the following DNR information is made
available to a requesting host:
* A service priority whenever the discovery mechanism does not rely
on implicit ordering if multiple instances of the encrypted DNS
are used.
* An authentication domain name.
* A list of IP addresses to locate the encrypted DNS server.
* A set of service parameters.
3.2. Handling Configuration Data Conflicts 3.2. Handling Configuration Data Conflicts
If the encrypted DNS is discovered by a host using both RA and DHCP, If the encrypted DNS is discovered by a host using both RA and DHCP,
the rules discussed in Section 5.3.1 of [RFC8106] MUST be followed. the rules discussed in Section 5.3.1 of [RFC8106] MUST be followed.
DHCP/RA options to discover encrypted DNS servers (including, DoH URI DHCP/RA options to discover encrypted DNS servers (including, DoH URI
Templates) takes precedence over DDR [I-D.ietf-add-ddr] since DDR Templates) takes precedence over Discovery of Designated Resolvers
uses Do53 to an external DNS resolver, which is susceptible to both (DDR) [I-D.ietf-add-ddr] since DDR uses Do53 to an external DNS
internal and external attacks whereas DHCP/RA is typically protected resolver, which is susceptible to both internal and external attacks
using the mechanisms discussed in Section 7.1. whereas DHCP/RA is typically protected using the mechanisms discussed
in Section 7.1.
3.3. Connection Establishment 3.3. Connection Establishment
If the local DNS client supports one of the discovered Encrypted DNS If the local DNS client supports one of the discovered Encrypted DNS
protocols identified by Application Layer Protocol Negotiation (ALPN) protocols identified by Application Layer Protocol Negotiation (ALPN)
protocol identifiers, the DNS client establishes an encrypted DNS protocol identifiers, the DNS client establishes an encrypted DNS
session following the order of the discovered servers. The client session following the order of the discovered servers. The client
follows the mechanism discussed in Section 8 of [RFC8310] to follows the mechanism discussed in Section 8 of [RFC8310] to
authenticate the DNS server certificate using the authentication authenticate the DNS server certificate using the authentication
domain name conveyed in the Encrypted DNS options. ALPN-related domain name conveyed in the Encrypted DNS options. ALPN-related
skipping to change at page 6, line 24 skipping to change at page 7, line 24
4. DHCPv6 Encrypted DNS Option 4. DHCPv6 Encrypted DNS Option
4.1. Option Format 4.1. Option Format
The format of the DHCPv6 Encrypted DNS option is shown in Figure 1. The format of the DHCPv6 Encrypted DNS option is shown in Figure 1.
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| OPTION_V6_DNR | Option-length | | OPTION_V6_DNR | Option-length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Service Priority | Addr Length | | Service Priority | ADN Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
~ ipv6-address(es) ~
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| ADN Length | |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +
~ authentication-domain-name ~ ~ authentication-domain-name ~
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Addr Length | |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
~ ipv6-address(es) ~
| +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| | |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
~ Service Parameters (SvcParams) ~ ~ Service Parameters (SvcParams) ~
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 1: DHCPv6 Encrypted DNS Option Figure 1: DHCPv6 Encrypted DNS Option
The fields of the option shown in Figure 1 are as follows: The fields of the option shown in Figure 1 are as follows:
Option-code: OPTION_V6_DNR (TBA1, see Section 8.1) Option-code: OPTION_V6_DNR (TBA1, see Section 8.1)
Option-length: Length of the enclosed data in octets. Option-length: Length of the enclosed data in octets. The option
length is ('ADN Length' + 4) when only an ADN is included in the
option.
Service Priority: The priority of this OPTION_V6_DNR instance Service Priority: The priority of this OPTION_V6_DNR instance
compared to other instances. This field is encoded following the compared to other instances. This field is encoded following the
rules specified in Section 2.4.1 of [I-D.ietf-dnsop-svcb-https]. rules specified in Section 2.4.1 of [I-D.ietf-dnsop-svcb-https].
AliasMode (Section 2.4.2 of [I-D.ietf-dnsop-svcb-https]) is not
supported. As such, this field MUST NOT be set to 0.
Addr Length: Length of enclosed IPv6 addresses in octets. It MUST
be a multiple of 16.
ipv6-address(es) (variable length): Indicates one or more IPv6
addresses to reach the encrypted DNS server. An address can be
link-local, ULA, or GUA. The format of this field is shown in
Figure 2.
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| |
| ipv6-address |
| |
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| ... |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 2: Format of the IPv6 Addresses Field
ADN Length: Length of the authentication-domain-name field in ADN Length: Length of the authentication-domain-name field in
octets. octets.
authentication-domain-name (variable length): A fully qualified authentication-domain-name (variable length): A fully qualified
domain name of the encrypted DNS server. This field is formatted domain name of the encrypted DNS server. This field is formatted
as specified in Section 10 of [RFC8415]. as specified in Section 10 of [RFC8415].
An example of the authentication-domain-name encoding is shown in An example of the authentication-domain-name encoding is shown in
Figure 3. This example conveys the FQDN "doh1.example.com.", and Figure 2. This example conveys the FQDN "doh1.example.com.", and
the resulting Option-length field is 18. the resulting Option-length field is 18.
+------+------+------+------+------+------+------+------+------+ +------+------+------+------+------+------+------+------+------+
| 0x04 | d | o | h | 1 | 0x07 | e | x | a | | 0x04 | d | o | h | 1 | 0x07 | e | x | a |
+------+------+------+------+------+------+------+------+------+ +------+------+------+------+------+------+------+------+------+
| m | p | l | e | 0x03 | c | o | m | 0x00 | | m | p | l | e | 0x03 | c | o | m | 0x00 |
+------+------+------+------+------+------+------+------+------+ +------+------+------+------+------+------+------+------+------+
Figure 3: An Example of the DNS authentication-domain-name Figure 2: An Example of the DNS authentication-domain-name
Encoding Encoding
Addr Length: Length of enclosed IPv6 addresses in octets. It MUST
be a multiple of 16 for ServiceMode.
ipv6-address(es) (variable length): Indicates one or more IPv6
addresses to reach the encrypted DNS server. An address can be
link-local, ULA, or GUA. The format of this field is shown in
Figure 3.
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| |
| ipv6-address |
| |
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| ... |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 3: Format of the IPv6 Addresses Field
Service Parameters (SvcParams) (variable length): Specifies a set of Service Parameters (SvcParams) (variable length): Specifies a set of
service parameters that are encoded following the rules in service parameters that are encoded following the rules in
Section 2.1 of [I-D.ietf-dnsop-svcb-https]. Service parameters Section 2.1 of [I-D.ietf-dnsop-svcb-https]. Service parameters
may include, for example, a list of ALPN protocol identifiers or may include, for example, a list of ALPN protocol identifiers or
alternate port numbers. The service parameters MUST NOT include alternate port numbers. The service parameters MUST NOT include
"ipv4hint" or "ipv6hint" SvcParams as they are superseded by the "ipv4hint" or "ipv6hint" SvcParams as they are superseded by the
included IP addresses. included IP addresses.
If no port service parameter is included, this indicates that If no port service parameter is included, this indicates that
default port numbers should be used. As a reminder, the default default port numbers should be used. As a reminder, the default
skipping to change at page 8, line 14 skipping to change at page 9, line 18
The length of this field is ('Option-length' - 6 - 'ADN Length' - The length of this field is ('Option-length' - 6 - 'ADN Length' -
'Addr Length'). 'Addr Length').
4.2. DHCPv6 Client Behavior 4.2. DHCPv6 Client Behavior
To discover an encrypted DNS server, the DHCPv6 client MUST include To discover an encrypted DNS server, the DHCPv6 client MUST include
OPTION_V6_DNR in an Option Request Option (ORO), as in Sections OPTION_V6_DNR in an Option Request Option (ORO), as in Sections
18.2.1, 18.2.2, 18.2.4, 18.2.5, 18.2.6, and 21.7 of [RFC8415]. 18.2.1, 18.2.2, 18.2.4, 18.2.5, 18.2.6, and 21.7 of [RFC8415].
The DHCP client MUST be prepared to receive multiple instances of the The DHCPv6 client MUST be prepared to receive multiple instances of
OPTION_V6_DNR option; each option is to be treated as a separate the OPTION_V6_DNR option; each option is to be treated as a separate
encrypted DNS server. These instances SHOULD be processed following encrypted DNS server. These instances SHOULD be processed following
their service priority (i.e., smaller service priority indicates a their service priority (i.e., smaller service priority indicates a
higher preference). higher preference).
The DHCPv6 client MUST silently discard multicast and host loopback The DHCPv6 client MUST silently discard multicast and host loopback
addresses conveyed in OPTION_V6_DNR. addresses conveyed in OPTION_V6_DNR.
5. DHCPv4 Encrypted DNS Option 5. DHCPv4 Encrypted DNS Option
5.1. Option Format 5.1. Option Format
The format of the DHCPv4 Encrypted DNS option is illustrated in The format of the DHCPv4 Encrypted DNS option is illustrated in
Figure 4. Figure 4.
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| TBA2 | Length | | TBA2 | Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Service Priority | | Service Priority |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Addr Length | |
+-+-+-+-+-+-+-+-+ +
~ IPv4 Address(es) ~
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| ADN Length | | | ADN Length | |
+-+-+-+-+-+-+-+-+ + +-+-+-+-+-+-+-+-+ |
~ authentication-domain-name ~ ~ authentication-domain-name ~
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Addr Length | |
+-+-+-+-+-+-+-+-+ |
~ IPv4 Address(es) ~
| +-+-+-+-+-+-+-+-+
| | |
+-+-+-+-+-+-+-+-+ |
~Service Parameters (SvcParams) ~ ~Service Parameters (SvcParams) ~
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 4: DHCPv4 Encrypted DNS Option Figure 4: DHCPv4 Encrypted DNS Option
The fields of the option shown in Figure 4 are as follows: The fields of the option shown in Figure 4 are as follows:
Code: OPTION_V4_DNR (TBA2, see Section 8.2). Code: OPTION_V4_DNR (TBA2, see Section 8.2).
Length: Indicates the length of the enclosed data in octets. Length: Indicates the length of the enclosed data in octets. The
option length is ('ADN Length' + 3) when only an ADN is included
in the option.
Service Priority: The priority of this OPTION_V4_DNR instance Service Priority: The priority of this OPTION_V4_DNR instance
compared to other instances. This field is encoded following the compared to other instances. This field is encoded following the
rules specified in Section 2.4.1 of [I-D.ietf-dnsop-svcb-https]. rules specified in Section 2.4.1 of [I-D.ietf-dnsop-svcb-https].
It MUST NOT be set to 0.
Addr Length: Indicates the length of included IPv4 addresses in
octets. It MUST be a multiple of 4.
IPv4 Address(es) (variable length): Indicates one or more IPv4
addresses to reach the encrypted DNS server. Both private and
public IPv4 addresses can be included in this field. The format
of this field is shown in Figure 5. This format assumes that an
IPv4 address is encoded as a1.a2.a3.a4.
0 8 16 24 32 40 48
+-----+-----+-----+-----+-----+-----+--
| a1 | a2 | a3 | a4 | a1 | a2 | ...
+-----+-----+-----+-----+-----+-----+--
IPv4 Address 1 IPv4 Address 2 ...
Figure 5: Format of the IPv4 Addresses Field
ADN Length: Indicates the length of the authentication-domain-name ADN Length: Indicates the length of the authentication-domain-name
in octets. in octets.
authentication-domain-name (variable length): Includes the authentication-domain-name (variable length): Includes the
authentication domain name of the encrypted DNS server. This authentication domain name of the encrypted DNS server. This
field is formatted as specified in Section 10 of [RFC8415]. The field is formatted as specified in Section 10 of [RFC8415]. The
format of this field is shown in Figure 6. The values s1, s2, s3, format of this field is shown in Figure 5. The values s1, s2, s3,
etc. represent the domain name labels in the domain name encoding. etc. represent the domain name labels in the domain name encoding.
+-----+-----+-----+-----+-----+-- +-----+-----+-----+-----+-----+--
| s1 | s2 | s3 | s4 | s5 | ... | s1 | s2 | s3 | s4 | s5 | ...
+-----+-----+-----+-----+-----+-- +-----+-----+-----+-----+-----+--
authentication-domain-name authentication-domain-name
Figure 6: Format of the Authentication Domain Name Field Figure 5: Format of the Authentication Domain Name Field
Addr Length: Indicates the length of included IPv4 addresses in
octets. It MUST be a multiple of 4 for ServiceMode.
IPv4 Address(es) (variable length): Indicates one or more IPv4
addresses to reach the encrypted DNS server. Both private and
public IPv4 addresses can be included in this field. The format
of this field is shown in Figure 6. This format assumes that an
IPv4 address is encoded as a1.a2.a3.a4.
0 8 16 24 32 40 48
+-----+-----+-----+-----+-----+-----+--
| a1 | a2 | a3 | a4 | a1 | a2 | ...
+-----+-----+-----+-----+-----+-----+--
IPv4 Address 1 IPv4 Address 2 ...
Figure 6: Format of the IPv4 Addresses Field
Service Paramters (SvcParams) (variable length): Specifies a set of Service Paramters (SvcParams) (variable length): Specifies a set of
service parameters that are encoded following the rules in service parameters that are encoded following the rules in
Section 2.1 of [I-D.ietf-dnsop-svcb-https]. Service parameters Section 2.1 of [I-D.ietf-dnsop-svcb-https]. Service parameters
may include, for example, a list of ALPN protocol identifiers or may include, for example, a list of ALPN protocol identifiers or
alternate port numbers. The service parameters MUST NOT include alternate port numbers. The service parameters MUST NOT include
"ipv4hint" or "ipv6hint" SvcParams as they are superseded by the "ipv4hint" or "ipv6hint" SvcParams as they are superseded by the
included IP addresses. included IP addresses.
If no port service parameter is included, this indicates that If no port service parameter is included, this indicates that
skipping to change at page 11, line 8 skipping to change at page 12, line 22
This section defines a new Neighbor Discovery option [RFC4861]: IPv6 This section defines a new Neighbor Discovery option [RFC4861]: IPv6
RA Encrypted DNS option. This option is useful in contexts similar RA Encrypted DNS option. This option is useful in contexts similar
to those discussed in Section 1.1 of [RFC8106]. to those discussed in Section 1.1 of [RFC8106].
The format of the IPv6 RA Encrypted DNS option is illustrated in The format of the IPv6 RA Encrypted DNS option is illustrated in
Figure 7. Figure 7.
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| TBA3 | Length | Addr Length | | TBA3 | Length | Service Priority |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Lifetime | | Lifetime |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
~ ipv6-address(es) ~
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| ADN Length | | | ADN Length | |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
~ authentication-domain-name ~ ~ authentication-domain-name ~
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| SvcParams Length | | | Addr Length | |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
~ ipv6-address(es) ~
| +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| | SvcParams Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
~ Service Parameters (SvcParams) ~ ~ Service Parameters (SvcParams) ~
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 7: RA Encrypted DNS Option Figure 7: RA Encrypted DNS Option
The fields of the option shown in Figure 7 are as follows: The fields of the option shown in Figure 7 are as follows:
Type: 8-bit identifier of the Encrypted DNS Option as assigned by Type: 8-bit identifier of the Encrypted DNS option as assigned by
IANA (TBA3, see Section 8.3). IANA (TBA3, see Section 8.3).
Length: 8-bit unsigned integer. The length of the option (including Length: 8-bit unsigned integer. The length of the option (including
the Type and Length fields) is in units of 8 octets. the Type and Length fields) is in units of 8 octets.
Addr Length: 16-bit unsigned integer. This field indicates the Service Priority: The priority of this Encrypted DNS option instance
length of enclosed IPv6 addresses in octets. It MUST be a compared to other instances. This field is encoded following the
multiple of 16. rules specified in Section 2.4.1 of [I-D.ietf-dnsop-svcb-https].
Lifetime: 32-bit unsigned integer. The maximum time in seconds Lifetime: 32-bit unsigned integer. The maximum time in seconds
(relative to the time the packet is received) over which the (relative to the time the packet is received) over which the
discovered Authentication Domain Name is valid. discovered Authentication Domain Name is valid.
The value of Lifetime SHOULD by default be at least 3 * The value of Lifetime SHOULD by default be at least 3 *
MaxRtrAdvInterval, where MaxRtrAdvInterval is the maximum RA MaxRtrAdvInterval, where MaxRtrAdvInterval is the maximum RA
interval as defined in [RFC4861]. interval as defined in [RFC4861].
A value of all one bits (0xffffffff) represents infinity. A value of all one bits (0xffffffff) represents infinity.
A value of zero means that this Authentication Domain Name MUST no A value of zero means that this Authentication Domain Name MUST no
longer be used. longer be used.
ADN Length: 16-bit unsigned integer. This field indicates the
length of the authentication-domain-name field in octets.
authentication-domain-name (variable length): The domain name of the
encrypted DNS server. This field is formatted as specified in
Section 10 of [RFC8415].
Addr Length: 16-bit unsigned integer. This field indicates the
length of enclosed IPv6 addresses in octets. It MUST be a
multiple of 16 for ServiceMode.
ipv6-address(es) (variable length): One or more IPv6 addresses of ipv6-address(es) (variable length): One or more IPv6 addresses of
the encrypted DNS server. An address can be link-local, ULA, or the encrypted DNS server. An address can be link-local, ULA, or
GUA. GUA.
All of the addresses share the same Lifetime value. Similar to All of the addresses share the same Lifetime value. Similar to
[RFC8106], if it is desirable to have different Lifetime values [RFC8106], if it is desirable to have different Lifetime values
per IP address, multiple Encrypted DNS options may be used. per IP address, multiple Encrypted DNS options may be used.
The format of this field is shown in Figure 2. The format of this field is shown in Figure 3.
ADN Length: 16-bit unsigned integer. This field indicates the
length of the authentication-domain-name field in octets.
authentication-domain-name (variable length): The domain name of the
encrypted DNS server. This field is formatted as specified in
Section 10 of [RFC8415].
SvcParams Length: 16-bit unsigned integer. This field indicates the SvcParams Length: 16-bit unsigned integer. This field indicates the
length of the Service Parameters field in octets. length of the Service Parameters field in octets.
Service Paramters (SvcParams) (variable length): Specifies a set of Service Paramters (SvcParams) (variable length): Specifies a set of
service parameters that are encoded following the rules in service parameters that are encoded following the rules in
Section 2.1 of [I-D.ietf-dnsop-svcb-https]. Service parameters Section 2.1 of [I-D.ietf-dnsop-svcb-https]. Service parameters
may include, for example, a list of ALPN protocol identifiers or may include, for example, a list of ALPN protocol identifiers or
alternate port numbers. The service parameters MUST NOT include alternate port numbers. The service parameters MUST NOT include
"ipv4hint" or "ipv6hint" SvcParams as they are superseded by the "ipv4hint" or "ipv6hint" SvcParams as they are superseded by the
included IP addresses. included IP addresses.
If no port service parameter is included, this indicates that If no port service parameter is included, this indicates that
default port numbers should be used. default port numbers should be used.
The option MUST be padded with zeros so that the full enclosed data The option MUST be padded with zeros so that the full enclosed data
is a multiple of 8 octets (Section 4.6 of [RFC4861]). is a multiple of 8 octets (Section 4.6 of [RFC4861]).
Multiple Encrypted DNS options may be returned to an IPv6 host.
Similar to [RFC8106], these options are ordered in the preference for
use by the IPv6 host.
6.2. IPv6 Host Behavior 6.2. IPv6 Host Behavior
The procedure for DNS configuration is the same as it is with any The procedure for DNS configuration is the same as it is with any
other Neighbor Discovery option [RFC4861]. In addition, the host other Neighbor Discovery option [RFC4861]. In addition, the host
follows the procedure described in Section 5.3.1 of [RFC8106]. follows the procedure described in Section 5.3.1 of [RFC8106] with
the formatting requirements in Section 6.1 substituted for the length
validation.
The host MUST be prepared to receive multiple Encrypted DNS options
in RAs. These instances SHOULD be processed following their service
priority (i.e., smaller service priority indicates a higher
preference).
The host MUST silently discard multicast and host loopback addresses The host MUST silently discard multicast and host loopback addresses
conveyed in the Encrypted DNS options. conveyed in the Encrypted DNS options.
7. Security Considerations 7. Security Considerations
7.1. Spoofing Attacks 7.1. Spoofing Attacks
DHCP/RA messages are not encrypted or protected against modification DHCP/RA messages are not encrypted or protected against modification
within the LAN. Unless mitigated (described below), the content of within the LAN. Unless mitigated (described below), the content of
DHCP and RA messages can be spoofed or modified by active attackers, DHCP and RA messages can be spoofed or modified by active attackers,
such as compromised devices within the local network. An active such as compromised devices within the local network. An active
attacker (Section 3.3 of [RFC3552]) can spoof the DHCP/RA response to attacker (Section 3.3 of [RFC3552]) can spoof the DHCP/RA response to
provide the attacker's Encrypted DNS server. Note that such an provide the attacker's Encrypted DNS server. Note that such an
attacker can launch other attacks as discussed in Section 22 of attacker can launch other attacks as discussed in Section 22 of
[RFC8415]. The attacker can get a domain name with a domain- [RFC8415]. The attacker can get a domain name with a domain-
skipping to change at page 16, line 8 skipping to change at page 17, line 28
Table 2 Table 2
9. Acknowledgements 9. Acknowledgements
Many thanks to Christian Jacquenet and Michael Richardson for the Many thanks to Christian Jacquenet and Michael Richardson for the
review. review.
Thanks to Stephen Farrell, Martin Thomson, Vittorio Bertola, Stephane Thanks to Stephen Farrell, Martin Thomson, Vittorio Bertola, Stephane
Bortzmeyer, Ben Schwartz, Iain Sharp, and Chris Box for the comments. Bortzmeyer, Ben Schwartz, Iain Sharp, and Chris Box for the comments.
Thanks to Mark Nottingham for the feedback on HTTP redirection. Thanks to Mark Nottingham for the feedback on HTTP redirection that
was discussed in previous versions of this specification.
The use of DHCP to retrieve an authentication domain name was The use of DHCP to retrieve an authentication domain name was
discussed in Section 7.3.1 of [RFC8310] and discussed in Section 7.3.1 of [RFC8310] and
[I-D.pusateri-dhc-dns-driu]. [I-D.pusateri-dhc-dns-driu].
Thanks to Bernie Volz for the review of the DHCP part. Thanks to Bernie Volz for the review of the DHCP part.
10. Contributing Authors 10. Contributing Authors
Nicolai Leymann Nicolai Leymann
skipping to change at page 18, line 8 skipping to change at page 19, line 30
<https://papers.mathyvanhoef.com/dragonblood.pdf>. <https://papers.mathyvanhoef.com/dragonblood.pdf>.
[Evil-Twin] [Evil-Twin]
The Unicode Consortium, "Evil twin (wireless networks)", The Unicode Consortium, "Evil twin (wireless networks)",
<https://en.wikipedia.org/wiki/ <https://en.wikipedia.org/wiki/
Evil_twin_(wireless_networks)>. Evil_twin_(wireless_networks)>.
[I-D.ietf-add-ddr] [I-D.ietf-add-ddr]
Pauly, T., Kinnear, E., Wood, C. A., McManus, P., and T. Pauly, T., Kinnear, E., Wood, C. A., McManus, P., and T.
Jensen, "Discovery of Designated Resolvers", Work in Jensen, "Discovery of Designated Resolvers", Work in
Progress, Internet-Draft, draft-ietf-add-ddr-05, 31 Progress, Internet-Draft, draft-ietf-add-ddr-06, 4 April
January 2022, <https://www.ietf.org/archive/id/draft-ietf- 2022, <https://www.ietf.org/archive/id/draft-ietf-add-ddr-
add-ddr-05.txt>. 06.txt>.
[I-D.ietf-add-svcb-dns] [I-D.ietf-add-svcb-dns]
Schwartz, B., "Service Binding Mapping for DNS Servers", Schwartz, B., "Service Binding Mapping for DNS Servers",
Work in Progress, Internet-Draft, draft-ietf-add-svcb-dns- Work in Progress, Internet-Draft, draft-ietf-add-svcb-dns-
02, 1 February 2022, <https://www.ietf.org/archive/id/ 02, 1 February 2022, <https://www.ietf.org/archive/id/
draft-ietf-add-svcb-dns-02.txt>. draft-ietf-add-svcb-dns-02.txt>.
[I-D.ietf-dprive-dnsoquic] [I-D.ietf-dprive-dnsoquic]
Huitema, C., Dickinson, S., and A. Mankin, "DNS over Huitema, C., Dickinson, S., and A. Mankin, "DNS over
Dedicated QUIC Connections", Work in Progress, Internet- Dedicated QUIC Connections", Work in Progress, Internet-
 End of changes. 41 change blocks. 
130 lines changed or deleted 186 lines changed or added

This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/