[Cryptography] Novelty versus reuse

Bill Woodcock woody at pch.net
Tue Jun 29 17:54:58 EDT 2021 

> On Monday, June 28th, 2021 at 10:10 AM, Bill Woodcock <woody at pch.net> wrote:
>> So, I’m not a cryptographer. At all. Could any of y’all who actually are help me understand why this:
>> draft-irtf-cfrg-rsa-blind-signatures-00
>> …is preferable for authenticating DoH clients to DoH servers, rather than using, say, realm auth, or client certificates? In, you know, explain-like-I’m-five language?
>> 
>> I get that realm auth and client certs are really old, but what would make them less appropriate for this task, and is the RSA blind signature thing standardized enough in other contexts that it’s no more work to implement on an HTTPS connection than a client cert or realm auth would be?
> 
> On Jun 29, 2021, at 11:42 PM, Lee Clagett <forum at leeclagett.com> wrote:
> Is this for their new "oblivious dns over https" ?

No, it’s for split-horizon… one client gets one answer, a different client gets a different answer, but you have to be able to persistently and reliably identify and distinguish the clients from each other, and you need the clients to not be trivially spoofed, so someone can’t impersonate a different client to get a different answer or false-flag a different user. The server already knows who the clients are, because it issued them the credentials associated with the different groups that get the different answers, there’s no anonymity.

There isn’t a protocol or anything, it’s just user organizations wanting their DNS providers to be able to implement split-horizon for their users.  It used to be that you had users sitting in an office, and if they were physically sitting in an office, they were deemed “secure” and they got the “inside-the-firewall” answer, whereas if they were at home, they were “insecure” and got the “outside-the-firewall” answer. Then came VPNs, so people could work from home, and tunnel their traffic back to the office, getting the inside answer.  Then came the Internet-of-Shit, ensuring that anything connected to the home network would immediately become infected, which made VPNs kinda useless, but because only a few executives got to use them, infinite thrust made the pigs fly.  Then came COVID, and suddenly everybody was working from home, and “endpoint security” became a thing.  So, now the DNS has to support “endpoint security” which means yet more DNS-camel, and we’re all trying to figure out how best to respond to it.  We figured TLS client cert would be sufficient, and started down that path, but now Cloudflare has published this draft, so I’m trying to figure out, as a non-expert, if there’s any merit to doing it this way, rather than just using TLS client certs, which everybody already understands, warts and all.

                                -Bill

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: Message signed with OpenPGP
URL: <https://www.metzdowd.com/pipermail/cryptography/attachments/20210629/7280bc5f/attachment.sig>

More information about the cryptography mailing list