---------- Forwarded message ---------- From: Watson Ladd Date: Thu, Mar 29, 2018 at 1:27 PM Subject: SECDIR review of draft-hoffman-dns-in-json To: "" , saag@ietf.org, draft-hoffman-dns-in-json.all@tools.ietf.org Dear all, I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments. The summary of the review is ready with issues. I have some very strong reservations about defining a data format without some strong round-tripping guarantees and with as much flexibility as this one. The JSON format for DNS packets is intended to permit representation of malformed packets, and has a high degree of flexibility, with an intent that applications define profiles of it for themselves. There are considerable security implications to doing this not addressed in the Security Implications section, in addition to obvious interoperability issues. For example, if we have a filter for JSON representations of DNS packets, this filter must share the same semantics for the output JSON as the consumer, even in the face of such bizzarities as HEX and regular fields with different contents, malformed length fields, etc. etc. I expect that this can and will cause serious issues. I would suggest we not represent invalid packets and ensure all valid packets have a unique representation. Failing that the security consideration should at minimum be amended to include a discussion of these issues. A schema that can be used to validate DNS packets represented in JSON could also help address these problems. Sincerely, Watson Ladd -- "Man is born free, but everywhere he is in chains". --Rousseau.