On Wed, Jan 8, 2020, at 23:51, Eric Rescorla wrote: > On Tue, Jan 7, 2020 at 8:28 PM Rob Sayre <sayrer@xxxxxxxxx> wrote: > > Couldn't servers give out unique URI templates? > > DoH doesn't specify how the clients get the templates. At least for a > Firefox-style TRR program, what you describe can't happen because there > is a single fixed template. It is true that the potential for providing individualized endpoints for tracking purposes is an exposure. In discussing 7710bis, we identified this as a risk of DHCP specifically. IPv6 RAs by their nature generally don't have this problem, though I'm sure a network might be built in such a way as to add that capability. Provisioning domains do. In the new work we are likely to undertake, this is something we'll have to consider, but I don't see it as a huge issue: if you are deferring to another entity for discovery without prior expectations about what you will get, there are many ways to get into this sort of pickle. That is, in the context of pre-existing DNS discovery, I don't believe that this creates a new exposure to this style of attack. -- last-call mailing list last-call@xxxxxxxx https://www.ietf.org/mailman/listinfo/last-call
