add privacy section

This commit is contained in:
Aaron Kaplan 2013-12-25 19:54:20 +01:00
parent 86896da51d
commit 85c5dd6c5b
2 changed files with 79 additions and 70 deletions

View file

@ -89,11 +89,12 @@ Table of Contents
3.7. Additional Fields Registry . . . . . . . . . . . . . . . . 7 3.7. Additional Fields Registry . . . . . . . . . . . . . . . . 7
4. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 7 4. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 7
5. IANA Considerations . . . . . . . . . . . . . . . . . . . . . . 7 5. IANA Considerations . . . . . . . . . . . . . . . . . . . . . . 7
6. Security Considerations . . . . . . . . . . . . . . . . . . . . 7 6. Privacy Considerations . . . . . . . . . . . . . . . . . . . . 7
7. References . . . . . . . . . . . . . . . . . . . . . . . . . . 7 7. Security Considerations . . . . . . . . . . . . . . . . . . . . 7
7.1. Normative References . . . . . . . . . . . . . . . . . . . 7 8. References . . . . . . . . . . . . . . . . . . . . . . . . . . 8
7.2. References . . . . . . . . . . . . . . . . . . . . . . . . 8 8.1. Normative References . . . . . . . . . . . . . . . . . . . 8
7.3. Informative References . . . . . . . . . . . . . . . . . . 9 8.2. References . . . . . . . . . . . . . . . . . . . . . . . . 8
8.3. Informative References . . . . . . . . . . . . . . . . . . 9
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 9 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 9
@ -107,7 +108,6 @@ Table of Contents
Dulaunoy, et al. Expires June 28, 2014 [Page 2] Dulaunoy, et al. Expires June 28, 2014 [Page 2]
Internet-Draft Passive DNS - Common Output Format December 2013 Internet-Draft Passive DNS - Common Output Format December 2013
@ -355,7 +355,27 @@ Internet-Draft Passive DNS - Common Output Format December 2013
This memo includes no request to IANA. This memo includes no request to IANA.
6. Security Considerations 6. Privacy Considerations
Passive DNS Servers collect DNS answers from multiple collecting
points ("sensors") which are located on the Internet-facing side of
DNS recursors. In this process, they intentionally omit the source
IP, source port, destination IP and destination port. Furthermore,
since multiple sensors feed into a passive DNS server, the resulting
data gets mixed together, reducing the likelyhood that Passive DNS
Servers are able to find out much about the actual person querying
the DNS records nor who actually sent the query. In this sense,
passive DNS Servers are similar to keeping an archive of all previous
phone books -- if public DNS records can be compared to phone
numbers, as they often are. Nevertheless, the authors encourage
Passive DNS implementors to take special care of privacy issues.
draft-bortzmeyer-dnsop-dns-privacy-01.txt is an excellent starting
point for this. Finally, the overall recommendations in RFC6973
[RFC6973] should be taken into consideration when designing any
application which uses Passive DNS data.
7. Security Considerations
In some cases, Passive DNS output might contain confidential In some cases, Passive DNS output might contain confidential
information and its access might be restricted. When a user is information and its access might be restricted. When a user is
@ -363,9 +383,17 @@ Internet-Draft Passive DNS - Common Output Format December 2013
sensitivity of the data must be considered. sensitivity of the data must be considered.
7. References 8. References
7.1. Normative References
Dulaunoy, et al. Expires June 28, 2014 [Page 7]
Internet-Draft Passive DNS - Common Output Format December 2013
8.1. Normative References
[RFC1034] Mockapetris, P., "Domain names - concepts and facilities", [RFC1034] Mockapetris, P., "Domain names - concepts and facilities",
STD 13, RFC 1034, November 1987. STD 13, RFC 1034, November 1987.
@ -385,14 +413,6 @@ Internet-Draft Passive DNS - Common Output Format December 2013
[RFC3912] Daigle, L., "WHOIS Protocol Specification", RFC 3912, [RFC3912] Daigle, L., "WHOIS Protocol Specification", RFC 3912,
September 2004. September 2004.
Dulaunoy, et al. Expires June 28, 2014 [Page 7]
Internet-Draft Passive DNS - Common Output Format December 2013
[RFC4627] Crockford, D., "The application/json Media Type for [RFC4627] Crockford, D., "The application/json Media Type for
JavaScript Object Notation (JSON)", RFC 4627, July 2006. JavaScript Object Notation (JSON)", RFC 4627, July 2006.
@ -403,7 +423,12 @@ Internet-Draft Passive DNS - Common Output Format December 2013
"Deprecating the "X-" Prefix and Similar Constructs in "Deprecating the "X-" Prefix and Similar Constructs in
Application Protocols", BCP 178, RFC 6648, June 2012. Application Protocols", BCP 178, RFC 6648, June 2012.
7.2. References [RFC6973] Cooper, A., Tschofenig, H., Aboba, B., Peterson, J.,
Morris, J., Hansen, M., and R. Smith, "Privacy
Considerations for Internet Protocols", RFC 6973,
July 2013.
8.2. References
[BAILIWICK] [BAILIWICK]
"Passive DNS Hardening", 2010, <https:// "Passive DNS Hardening", 2010, <https://
@ -416,6 +441,14 @@ Internet-Draft Passive DNS - Common Output Format December 2013
[DNSDB] "DNSDB API", 2013, <https://api.dnsdb.info/>. [DNSDB] "DNSDB API", 2013, <https://api.dnsdb.info/>.
Dulaunoy, et al. Expires June 28, 2014 [Page 8]
Internet-Draft Passive DNS - Common Output Format December 2013
[PDNSCERTAT] [PDNSCERTAT]
"pDNS presentation at 4th Centr R&D workshop Frankfurt Jun "pDNS presentation at 4th Centr R&D workshop Frankfurt Jun
5th 2012", 2012, <http://www.centr.org/system/files/ 5th 2012", 2012, <http://www.centr.org/system/files/
@ -441,15 +474,7 @@ Internet-Draft Passive DNS - Common Output Format December 2013
"Passive DNS Replication", 2005, <http://www.enyo.de/fw/ "Passive DNS Replication", 2005, <http://www.enyo.de/fw/
software/dnslogger/first2005-paper.pdf>. software/dnslogger/first2005-paper.pdf>.
8.3. Informative References
Dulaunoy, et al. Expires June 28, 2014 [Page 8]
Internet-Draft Passive DNS - Common Output Format December 2013
7.3. Informative References
[I-D.narten-iana-considerations-rfc2434bis] [I-D.narten-iana-considerations-rfc2434bis]
Narten, T. and H. Alvestrand, "Guidelines for Writing an Narten, T. and H. Alvestrand, "Guidelines for Writing an
@ -462,6 +487,24 @@ Internet-Draft Passive DNS - Common Output Format December 2013
July 2003. July 2003.
Dulaunoy, et al. Expires June 28, 2014 [Page 9]
Internet-Draft Passive DNS - Common Output Format December 2013
Authors' Addresses Authors' Addresses
Alexandre Dulaunoy Alexandre Dulaunoy
@ -497,14 +540,6 @@ Authors' Addresses
URI: https://www.farsightsecurity.com/ URI: https://www.farsightsecurity.com/
Dulaunoy, et al. Expires June 28, 2014 [Page 9]
Internet-Draft Passive DNS - Common Output Format December 2013
Henry Stern Henry Stern
Farsight Security, Inc. Farsight Security, Inc.
1741 Brunswick Street, Suite 500 1741 Brunswick Street, Suite 500
@ -521,40 +556,5 @@ Internet-Draft Passive DNS - Common Output Format December 2013
Dulaunoy, et al. Expires June 28, 2014 [Page 10] Dulaunoy, et al. Expires June 28, 2014 [Page 10]

View file

@ -17,6 +17,7 @@
<!ENTITY RFC3912 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.3912.xml"> <!ENTITY RFC3912 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.3912.xml">
<!ENTITY RFC6648 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.6648.xml"> <!ENTITY RFC6648 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.6648.xml">
<!ENTITY RFC2234 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.2234.xml"> <!ENTITY RFC2234 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.2234.xml">
<!ENTITY RFC6973 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.6973.xml">
<!ENTITY I-D.narten-iana-considerations-rfc2434bis SYSTEM "http://xml.resource.org/public/rfc/bibxml3/reference.I-D.narten-iana-considerations-rfc2434bis.xml"> <!ENTITY I-D.narten-iana-considerations-rfc2434bis SYSTEM "http://xml.resource.org/public/rfc/bibxml3/reference.I-D.narten-iana-considerations-rfc2434bis.xml">
]> ]>
@ -268,6 +269,13 @@ CR = %x0D
<t>This memo includes no request to IANA.</t> <t>This memo includes no request to IANA.</t>
</section> </section>
<section anchor="Privacy" title="Privacy Considerations">
<t>Passive DNS Servers collect DNS answers from multiple collecting points ("sensors") which are located on the Internet-facing side of DNS recursors. In this process, they intentionally omit the source IP, source port, destination IP and destination port. Furthermore, since multiple sensors feed into a passive DNS server, the resulting data gets mixed together, reducing the likelyhood that Passive DNS Servers are able to find out much about the actual person querying the DNS records nor who actually sent the query. In this sense, passive DNS Servers are similar to keeping an archive of all previous phone books -- if public DNS records can be compared to phone numbers, as they often are.
Nevertheless, the authors encourage Passive DNS implementors to take special care of privacy issues. <!-- FIXME: add reference / link --> draft-bortzmeyer-dnsop-dns-privacy-01.txt is an excellent starting point for this.
Finally, the overall recommendations in <xref target="RFC6973">RFC6973</xref> should be taken into consideration when designing any application which uses Passive DNS data.</t>
</section>
<section anchor="Security" title="Security Considerations"> <section anchor="Security" title="Security Considerations">
<t>In some cases, Passive DNS output might contain confidential information and its access might be restricted. When a user is querying multiple Passive DNS and aggregating the data, the sensitivity of the data must be considered.</t> <t>In some cases, Passive DNS output might contain confidential information and its access might be restricted. When a user is querying multiple Passive DNS and aggregating the data, the sensitivity of the data must be considered.</t>
</section> </section>
@ -300,6 +308,7 @@ CR = %x0D
&RFC3597; &RFC3597;
&RFC6648; &RFC6648;
&RFC2234; &RFC2234;
&RFC6973;
</references> </references>
<references> <references>
<reference anchor="WEINERPDNS" target="http://www.enyo.de/fw/software/dnslogger/first2005-paper.pdf"> <reference anchor="WEINERPDNS" target="http://www.enyo.de/fw/software/dnslogger/first2005-paper.pdf">