commit 90e4cfc05fcaa4a1312ae3823d5c78b68b4a0972
parent 994294bf7206c0807065bbb730a316ca43cf7c68
Author: Martin Schanzenbach <schanzen@gnunet.org>
Date: Tue, 8 Mar 2022 22:48:08 +0100
rename label guessing to zone privacy; add authenticated denial
Diffstat:
1 file changed, 4 insertions(+), 3 deletions(-)
diff --git a/draft-schanzen-gns.xml b/draft-schanzen-gns.xml
@@ -2458,7 +2458,7 @@ NICK: john (Supplemental)
</t>
</section>
<section anchor="security_dht" numbered="true" toc="default">
- <name>Impact of DHTs as Underlying Storage</name>
+ <name>DHTs as Storage</name>
<t>
This document does not specify the properties of the underlying
storage which is required by any GNS implementation.
@@ -2514,8 +2514,9 @@ NICK: john (Supplemental)
</ol>
</section>
<section anchor="privacy_labels" numbered="true" toc="default">
- <name>Label Guessing</name>
+ <name>Zone Privacy</name>
<t>
+ GNS does not support authenticated denial of existence.
Record blocks are published in encrypted form using keys derived from the
zone key and record label. Zone administrators should
carefully consider if the label and zone key may be public or if
@@ -2523,7 +2524,7 @@ NICK: john (Supplemental)
Unlike zone keys, labels can also be guessed by
an attacker in the network observing queries and responses. Given
a known and targeted zone key, the use of well known or easily guessable
- labels effectively result in general disclosure of the records to
+ labels effectively results in general disclosure of the records to
the public.
If the labels and hence the records should be kept secret except to
those knowing a secret label and the zone in which to look, the
