* WGs marked with an * asterisk has had at least one new draft made available during the last 5 days

Dprive Status Pages

DNS PRIVate Exchange (Active WG)
Int Area: Suresh Krishnan, Terry Manderson | 2014-Oct-17 —  

2017-10-06 charter

DNS PRIVate Exchange (dprive)


 Current Status: Active

     Brian Haberman <brian@innovationslab.net>
     Tim Wicinski <tjw.ietf@gmail.com>

 Internet Area Directors:
     Suresh Krishnan <suresh@kaloom.com>
     Terry Manderson <terry.manderson@icann.org>

 Internet Area Advisor:
     Terry Manderson <terry.manderson@icann.org>

 Mailing Lists:
     General Discussion: dns-privacy@ietf.org
     To Subscribe:       https://www.ietf.org/mailman/listinfo/dns-privacy
     Archive:            https://mailarchive.ietf.org/arch/browse/dns-privacy/

Description of Working Group:

  The DNS PRIVate Exchange (DPRIVE) Working Group develops mechanisms to
  provide confidentiality to DNS transactions, to address concerns
  surrounding pervasive monitoring (RFC 7258).

  The set of DNS requests that an individual makes can provide an
  attacker with a large amount of information about that individual.
  DPRIVE aims to deprive the attacker of this information. (The IETF
  defines pervasive monitoring as an attack [RFC7258])

  The primary focus of this Working Group is to develop mechanisms that
  provide confidentiality between DNS Clients and Iterative Resolvers,
  but it may also later consider mechanisms that provide confidentiality
  between Iterative Resolvers and Authoritative Servers, or provide
  end-to-end confidentiality of DNS transactions. Some of the results of
  this working group may be experimental. The Working Group will also
  develop an evaluation document to provide methods for measuring the
  performance against pervasive monitoring; and how well the goal is met.
  The Working Group will also develop a document providing example
  assessments for common use cases.

  DPRIVE is chartered to work on mechanisms that add confidentiality to
  the DNS. While it may be tempting to solve other DNS issues while
  adding confidentiality, DPRIVE is not the working group to do this.
  DPRIVE will not work on any integrity-only mechanisms.

  Examples of the sorts of risks that DPRIVE will address can be found
  in [draft-bortzmeyer-dnsop-dns-privacy], and include both passive
  wiretapping and more active attacks, such as MITM attacks. DPRIVE will
  address risks to end-users' privacy (for example, which websites an
  end user is accessing).

  Some of the main design goals (in no particular order) are:

  - Provide confidentiality to DNS transactions (for the querier).

  - Maintain backwards compatibility with legacy DNS implementations.

  - Require minimal application-level changes.

  - Require minimal additional configuration or effort from applications or users

Goals and Milestones:
  Done     - WG LC on an problem statement document
  Done     - WG selects one or more primary protocol directions
  Done     - WG LC on primary protocol directions

All charter page changes, including changes to draft-list, rfc-list and milestones:

Generated from PyHt script /wg/dprive/charters.pyht Latest update: 24 Oct 2012 16:51 GMT -