gnunet-svn
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[lsd0001] branch master updated: privacy

From: gnunet
Subject: [lsd0001] branch master updated: privacy
Date: Sun, 19 Dec 2021 11:52:37 +0100 
This is an automated email from the git hooks/post-receive script.

martin-schanzenbach pushed a commit to branch master
in repository lsd0001.

The following commit(s) were added to refs/heads/master by this push:
     new 7a44114  privacy
7a44114 is described below

commit 7a441146f41ac2eba8531e9ce5d16c1d7feacfa5
Author: Martin Schanzenbach <schanzen@gnunet.org>
AuthorDate: Sun Dec 19 11:52:33 2021 +0100

    privacy
---
 draft-schanzen-gns.xml | 19 +++++++++++++++++--
 1 file changed, 17 insertions(+), 2 deletions(-)

diff --git a/draft-schanzen-gns.xml b/draft-schanzen-gns.xml
index 9533bac..eda15fa 100644
--- a/draft-schanzen-gns.xml
+++ b/draft-schanzen-gns.xml
@@ -1920,7 +1920,7 @@ example.com = zk2
          ]]></artwork>
      </section>
      <section anchor="security" numbered="true" toc="default">
-       <name>Security Considerations</name>
+       <name>Security and Privacy Considerations</name>
        <section anchor="security_crypto" numbered="true" toc="default">
          <name>Cryptography</name>
          <t>
@@ -1977,6 +1977,20 @@ example.com = zk2
            data changes. For example. the expiration time may be increased
            by a single microsecond.
          </t>
+         <t>
+           Record blocks are published encrypted using keys derived from the
+           zone public key and record label. Zone administrators should
+           carefully consider if the label may be public or if it should be
+           used and considered as a shared secret. Labels can be guessed by
+           an attacker in the network observing queries and responses. Given
+           a targeted zone public key, the use of well known or easily 
guessable
+           labels effectively result in general disclosure of the records to
+           the public.
+           If the labels and hence the records should be kept secret except to
+           those knowing a secret label and the zone in which to look, the
+           label must be chosen accordingly. It is recommended to then use a
+           label with sufficient entropy as to prevent guessing attacks.
+         </t>
        </section>
        <section anchor="security_abuse" numbered="true" toc="default">
          <name>Abuse Mitigation</name>
@@ -2099,7 +2113,8 @@ example.com = zk2
        </ul>
        <t>
          The registration policy for this sub-registry is "First Come First
-         Served", as described in <xref target="RFC8126"/>.
+         Served". This policy is modeled on that described in <xref 
target="RFC8126"/>,
+         but describes the actions taken by GANA.
          GANA is requested to populate this registry as listed in 
          <xref target="figure_rrtypenums"/>.
        </t>

-- 
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.
reply via email to
[Prev in Thread] Current Thread [Next in Thread]