Op 06-11-2019 om 17:27 schreef Philip Homburg:
>> Philip Homburg pointed out that, although impractical to determine the
>> Client IP before Client Cookie construction, it is feasible for a Client
>> to detect it when it learns a Server Cookie from a specific Server.  It
>> can subsequently be tried to be reused for the same Server which will
>> fail if the Client IP has changed.
>>
>> This new (and practically implementable) requirement does not only
>> enhance privacy and make DNS Cookies work with the IPv6 Privacy
>> Extensions (by preventing tracking), it also makes them work in other
>> environments where Client source IP can change frequently, such as in
>> setups with multiple outgoing gateways.
> 
> Note that my preference was a pseudo-random client cookie. 
> 
> I can see two issues with the current approach:
> 1) I'm not sure this actually fixes the IPv6 privacy extensions problem.
>    The same client cookie can be used on different addresses if the 
>    server doesn't support cookies and the client at some point forgets
>    that the server doesn't support cookies (and sends the server the
>    same client cookie after a new privacy address is generated).
> 
> 2) As an extension of the previous, if no server supports cookies, then the
>    client will not change the Client Secret and continues to use the same
>    client cookie after it moves to new location.

Ack!

I see e need to adapt Client Construction section again. Also, these
considerations should be well expressed in a privacy and security
section as well.

_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop

Reply via email to