[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[lsd0001] branch master updated: improve English/structure in Zone Priva
From: |
gnunet |
Subject: |
[lsd0001] branch master updated: improve English/structure in Zone Privacy section |
Date: |
Sat, 01 Jul 2023 01:02:01 +0200 |
This is an automated email from the git hooks/post-receive script.
grothoff pushed a commit to branch master
in repository lsd0001.
The following commit(s) were added to refs/heads/master by this push:
new 22804bb improve English/structure in Zone Privacy section
22804bb is described below
commit 22804bb256e55b25a0828e41a60947949d713ef9
Author: Christian Grothoff <christian@grothoff.org>
AuthorDate: Sat Jul 1 01:01:56 2023 +0200
improve English/structure in Zone Privacy section
---
draft-schanzen-gns.xml | 30 +++++++++++++++---------------
1 file changed, 15 insertions(+), 15 deletions(-)
diff --git a/draft-schanzen-gns.xml b/draft-schanzen-gns.xml
index d44f7f2..1d5fcab 100644
--- a/draft-schanzen-gns.xml
+++ b/draft-schanzen-gns.xml
@@ -2746,26 +2746,26 @@ NICK: john (supplemental)
<t>
GNS does not support authenticated denial of existence of names
within a zone.
- Record blocks are published in encrypted form using keys derived
from the
+ Record data is published in encrypted form using keys derived from
the
zone key and record label. Zone administrators should
- carefully consider if the label and zone key is public or if
- those should be used and considered as a shared secret.
- Unlike zone keys, labels can also be guessed by
- an attacker in the network observing queries and responses. Given
- a known and targeted zone key, the use of well known or easily
guessable
- labels effectively results in general disclosure of the records to
- the public.
- If the labels and hence the records should be kept secret except to
- those knowing a secret label and the zone in which to look, the
- label must be chosen accordingly. It is recommended to then use a
- label with sufficient entropy as to prevent guessing attacks.
+ carefully consider if a label and zone key are public, or if
+ one or both of these should be used as a shared secret to restrict
access
+ to the corresponding record data.
+ Unlike public zone keys, low-entropy labels can be guessed by an
attacker. If an attacker
+ knowns the public zone key, the use of well known or guessable
+ labels effectively threatens the disclosure of the corresponding
records.
</t>
<t>
- It should be noted that this attack on labels only applies if the
+ It should be noted that the guessing attack on labels only applies
if the
zone key is somehow disclosed to the adversary. GNS itself
does not disclose it during a lookup or when resource records are
- published as the zone keys are blinded beforehand. However,
- zone keys do become public during revocation.
+ published (as only the blinded zone keys are used on the network).
+ However, zone keys do become public during revocation.
+ </t>
+ <t>
+ It is thus <bcp14>RECOMMENDED</bcp14> to use a
+ label with sufficient entropy to prevent guessing attacks
+ if any data in a resource record set is sensitive.
</t>
</section>
<section anchor="sec_governance">
--
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [lsd0001] branch master updated: improve English/structure in Zone Privacy section,
gnunet <=