Paul Vixie wrote:

> red wrote:
>
>
>>For NL it was b) and only b), and it was also recognised that,
>>indeed, it is a whois and not a DNS problem.

>
>
> (where "b)" was non-enumeration.)
>
> non-enumeration as a baseline for what confidentiality means is instructive.
> the folks i've spoken to who care about this characterize it as "if you know
> the domain name exists you should be able to retrieve data about it, else not."
> and when faced with the "rrtype" question, they universally amend it to say
> "and if you know what rrtypes exist you should be able to ask for rdata, else
> not."
>
> so, confidentiality doesn't have to mean "if you know something that only a
> friend or customer or supplier would normally know then you can retrieve
> data about this domain, else not".
>
> but it probably would mean "if you're not the initiator but you happen to be
> able to monitor the transaction in flight, you should not learn any names or
> data". this is the second tricky part after non-enumerability, and seems to
> imply a full DH preauth between each initiator/responder pair. yow!


Hmmm, not necessarily DH. And, indeed, DH would not prevent active attacks.

Cheers,

Ben.

--
http://www.apache-ssl.org/ben.html http://www.thebunker.net/

"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff

--
to unsubscribe send a message to namedroppers-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: