ietf-openpgp
[Top] [All Lists]

Re: [openpgp] [dane] The DANE draft

2015-08-05 12:43:24
On 5 Aug 2015, at 8:25, Stephen Farrell wrote:

On 05/08/15 16:12, Paul Hoffman wrote:
Wearing my author hat: I don't care between b32 and hashing. Both are
equally easy to document. However:

On 5 Aug 2015, at 4:28, Stephen Farrell wrote:

So sorry to continue an argument but shouldn't this experiment be
a more conservative about privacy just in case it ends up wildly
successful?

How is using the hash more conservative about privacy, except in zones
that are signed with NSEC instead of the more common NSEC3? If you
assume zones signed with NSEC3, both options are equally susceptible to
dictionary-based guessing attacks, given that the effort to create
search dictionaries for the billion of common LHS names is pretty low
even for hashes.

Tempora. That on-path attacker has a far easier time reversing the
b32 than anything based on the hash. Even with DPRIVE, we don't know
how to handle the recursive to authoritative part.

Thanks, I was only thinking of off-path attackers.

I agree that, if we are concerned with on-path watchers, hashes would preserve much more privacy than Base32 encodings.

--Paul Hoffman

_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp