IETF Logo Mail Archive

Re: [Add] [EXTERNAL] Re: draft-grover-add-policy-detection-00

Jim Reid <jim@rfc1035.com> Tue, 16 July 2019 17:25 UTC

Return-Path: <jim@rfc1035.com>
X-Original-To: add@ietfa.amsl.com
Delivered-To: add@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3996A120ABD for <add@ietfa.amsl.com>; Tue, 16 Jul 2019 10:25:55 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.897
X-Spam-Level:
X-Spam-Status: No, score=-1.897 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id i5dkMrv6sPyn for <add@ietfa.amsl.com>; Tue, 16 Jul 2019 10:25:53 -0700 (PDT)
Received: from shaun.rfc1035.com (smtp.v6.rfc1035.com [IPv6:2001:4b10:100:7::25]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 75FB9120AC7 for <add@ietf.org>; Tue, 16 Jul 2019 10:25:53 -0700 (PDT)
Received: from [10.10.206.14] (unknown [161.12.34.245]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by shaun.rfc1035.com (Postfix) with ESMTPSA id AB1502421249; Tue, 16 Jul 2019 17:25:50 +0000 (UTC)
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (Mac OS X Mail 11.5 \(3445.9.1\))
From: Jim Reid <jim@rfc1035.com>
In-Reply-To: <c9c83673-c12e-0093-3873-0f2c03155fa5@brokendns.net>
Date: Tue, 16 Jul 2019 18:25:49 +0100
Cc: add@ietf.org
Content-Transfer-Encoding: quoted-printable
Message-Id: <53A70CFB-4191-41F9-A33E-047E0F092B66@rfc1035.com>
References: <CAChr6SwEUz9MrdRA0bnv9f-oNi0oUHkfRKjd9-o6jwhuckLXdw@mail.gmail.com> <CAFWeb9LNdT=EYVKTsYDxcBCQKoQFNShKotYtWujt4U9GA-V1mg@mail.gmail.com> <CAFWeb9+eWKSKY9O2JLn9-0+Zq7hrD48F-y+Y4T-iRaaF0vtdOA@mail.gmail.com> <A45F4F74-D6C1-435A-A52F-C2DEA82E2999@sky.uk> <CAFWeb9JVBj+Yehup5q4v9X-7XDY+02frd-04AQGL2HoSLON2qA@mail.gmail.com> <CABcZeBMY9q9vKGse1svzbvXF_dSHA+9q06j4ugDVCZP9VT1koQ@mail.gmail.com> <CAChr6Sz5Rfz=UxOYuPguSvVK2HCX2ZoA1-FytW7+EOUxN8y46Q@mail.gmail.com> <CABcZeBNB7ASu2U3ZMBZ+OOxEhbSnhDXwFN3Lsex1uzVSDv3R=Q@mail.gmail.com> <c9c83673-c12e-0093-3873-0f2c03155fa5@brokendns.net>
To: Michael Sinatra <michael@brokendns.net>
X-Mailer: Apple Mail (2.3445.9.1)
Archived-At: <https://mailarchive.ietf.org/arch/msg/add/D1jkd0Q9u7E5Q0q2a-A19jzlTGk>
Subject: Re: [Add] [EXTERNAL] Re: draft-grover-add-policy-detection-00
X-BeenThere: add@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Applications Doing DNS <add.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/add>, <mailto:add-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/add/>
List-Post: <mailto:add@ietf.org>
List-Help: <mailto:add-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/add>, <mailto:add-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 16 Jul 2019 17:26:00 -0000


> On 16 Jul 2019, at 17:33, Michael Sinatra <michael@brokendns.net> wrote:
> 
> Unless we find ways of making DoH compatible with institutional controls, the banhammer will come down and we will end up in an arguably worse spot (think proxy decryption of all HTTPS, banning of certain browsers, blocking of well-known services, etc.).  Personally, I don't want that to happen, but I fear it will if we don't make DoH more flexible by default.

Obligatory nit-picking:

What you're actually talking about here is one deployment/application of DoH, not the protocol itself. The basic protocol is fine (pretty much). It's how the protocol gets used that can create problems. DoH doesn't have to or need to become "compatible with institutional controls". It's the applications and services which use DoH might have to do that.

FWIW, I agree with what you say if "DoH" was replaced with "DoH deployment".

v2.23.0 | Report a Bug | By Email