IETF Logo Mail Archive

Re: [Add] point of deploying DoH in access network (Re: meeting hum: should the IETF take up this work?)

Tony Finch <dot@dotat.at> Fri, 02 August 2019 09:52 UTC

Return-Path: <dot@dotat.at>
X-Original-To: add@ietfa.amsl.com
Delivered-To: add@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3369D120088 for <add@ietfa.amsl.com>; Fri, 2 Aug 2019 02:52:22 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.199
X-Spam-Level:
X-Spam-Status: No, score=-4.199 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_NONE=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9PfwT0At59SE for <add@ietfa.amsl.com>; Fri, 2 Aug 2019 02:52:19 -0700 (PDT)
Received: from ppsw-30.csi.cam.ac.uk (ppsw-30.csi.cam.ac.uk [131.111.8.130]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C67F512004E for <add@ietf.org>; Fri, 2 Aug 2019 02:52:19 -0700 (PDT)
X-Cam-AntiVirus: no malware found
X-Cam-ScannerInfo: http://help.uis.cam.ac.uk/email-scanner-virus
Received: from grey.csi.cam.ac.uk ([131.111.57.57]:45368) by ppsw-30.csi.cam.ac.uk (ppsw.cam.ac.uk [131.111.8.136]:25) with esmtps (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) id 1htUEQ-000weZ-fp (Exim 4.92.1) (return-path <dot@dotat.at>); Fri, 02 Aug 2019 10:52:14 +0100
Date: Fri, 02 Aug 2019 10:52:14 +0100
From: Tony Finch <dot@dotat.at>
To: 神明達哉 <jinmei@wide.ad.jp>
cc: Stephane Bortzmeyer <bortzmeyer@nic.fr>, "add@ietf.org" <add@ietf.org>, Barry Leiba <barryleiba.mailing.lists@gmail.com>, "STARK, BARBARA H" <bs7652@att.com>, Rob Sayre <sayrer@gmail.com>
In-Reply-To: <CAJE_bqf=9r5yvCMY+CGuXMQBCNY+a-RFQTzjJ83wOtawhUHR0g@mail.gmail.com>
Message-ID: <alpine.DEB.2.20.1908021048100.11612@grey.csi.cam.ac.uk>
References: <CAChr6Sx9TEt6CMzRRrdb-HwT_k987oW=4yF1FCbDF17zkaE2Vg@mail.gmail.com> <2D09D61DDFA73D4C884805CC7865E6114E23910C@GAALPA1MSGUSRBF.ITServices.sbc.com> <20190724171549.GD29051@laperouse.bortzmeyer.org> <CAJE_bqf=9r5yvCMY+CGuXMQBCNY+a-RFQTzjJ83wOtawhUHR0g@mail.gmail.com>
User-Agent: Alpine 2.20 (DEB 67 2015-01-07)
MIME-Version: 1.0
Content-Type: multipart/mixed; BOUNDARY="1870870841-303312886-1564739534=:11612"
Archived-At: <https://mailarchive.ietf.org/arch/msg/add/Gk-MPyNzlwxvGcLJzHbJTX3gFCU>
Subject: Re: [Add] point of deploying DoH in access network (Re: meeting hum: should the IETF take up this work?)
X-BeenThere: add@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Applications Doing DNS <add.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/add>, <mailto:add-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/add/>
List-Post: <mailto:add@ietf.org>
List-Help: <mailto:add-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/add>, <mailto:add-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 02 Aug 2019 09:52:22 -0000

神明達哉 <jinmei@wide.ad.jp> wrote:
> Stephane Bortzmeyer <bortzmeyer@nic.fr> wrote:
> >
> > I'm tempted to say that I don't see the point for an access network to
> > deploy DoH.
>
> I've been wondering about this, too.

University not access network, but providing encrypted DNS to my users
means DoT for most cases and DoH for Firefox users. There's also the vague
notion from the early days of DoH that javascript in the browser might
make DNS queries but I haven't seen any evidence of that or even any
signs of interest in the idea.

Tony.
-- 
f.anthony.n.finch  <dot@dotat.at>  http://dotat.at/
West Viking: Northerly 3 to 5. Slight or moderate. Mainly fair. Good,
occasionally poor at first.

v2.23.0 | Report a Bug | By Email