IETF Logo Mail Archive

Re: [Add] fixing coffee shop brokenness with DoH

Joseph Lorenzo Hall <joe@cdt.org> Wed, 24 July 2019 14:03 UTC

Return-Path: <jhall@cdt.org>
X-Original-To: add@ietfa.amsl.com
Delivered-To: add@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0A61012032A for <add@ietfa.amsl.com>; Wed, 24 Jul 2019 07:03:58 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.998
X-Spam-Level:
X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cdt.org
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Qq1EGDkdV0WZ for <add@ietfa.amsl.com>; Wed, 24 Jul 2019 07:03:56 -0700 (PDT)
Received: from mail-io1-xd33.google.com (mail-io1-xd33.google.com [IPv6:2607:f8b0:4864:20::d33]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0669512033C for <add@ietf.org>; Wed, 24 Jul 2019 07:03:51 -0700 (PDT)
Received: by mail-io1-xd33.google.com with SMTP id f4so89827608ioh.6 for <add@ietf.org>; Wed, 24 Jul 2019 07:03:50 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cdt.org; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=Trv1y6VOhENWa50rcMgZHUaDTB6VrNen0VZw94eMR6c=; b=lZ+OO0qstgz3XAdhKg+r8fFXxi/rW5zEBdw+nGRJ2JhBAKSxDpwCqrX7r8O5gHOJQQ 5AKYaKdKnFdx40ZPKuZpaOsN5EfxcL4Nw+ZUJT2WH0XozM0kE7//f48XvtDGc15jSWyd zsFjT6pYuL6uhBtR8rYayiBzrVnwnohXJiv2g=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=Trv1y6VOhENWa50rcMgZHUaDTB6VrNen0VZw94eMR6c=; b=t0Q0DNvFwR3zvCxg2ItT5eyUmB7K7kRkPZ/l6BmOYDu6Ep3ymMtExSpetRI386VtZP WjGCMFTOxIWfagBM+sMf3KkbORIxUbAaTd2eC3c2o49iSV4YHJ+tVpZT0Dci/QHfIvqD 7IAG/RxnykkI0Iq9T1CFaGo/lw9q+lMiZ/gpc4u7B20A/wwacwSQMtUJBbkIQ7rQqhFl rBeNm4ACejiYCM9tO0PyJnuNfKLRx1XiJyiszkRnPzKCUXYTQlu3Rx8laKmSoMCdXgLQ WoAPx2GXjbdQfaQLUzZxYG0krkd4vL/MLRhJOBRenlvC6/c1tsOOHRqs65k2OgEypaGf ESuQ==
X-Gm-Message-State: APjAAAXeLaG8FiiLPw7H4yZXaLjv4k2rc9yVmQfmKNNMUIw1MTbWBwGs xBZmm13JKJDbeYEIdZdafyepqN/ZWnMkOgXlbBO+niYmvbj2ZA==
X-Google-Smtp-Source: APXvYqztKYOlHVYa7FhTysAamJsUZknng/sXRmqJ6axu2w6OIEKxwGBBMeVDuLYA+0MKSHhQR8NXX8VvFc6nD987o0g=
X-Received: by 2002:a6b:5115:: with SMTP id f21mr27648294iob.173.1563977029795; Wed, 24 Jul 2019 07:03:49 -0700 (PDT)
MIME-Version: 1.0
References: <CAChr6Sx9TEt6CMzRRrdb-HwT_k987oW=4yF1FCbDF17zkaE2Vg@mail.gmail.com> <2D09D61DDFA73D4C884805CC7865E6114E23910C@GAALPA1MSGUSRBF.ITServices.sbc.com> <14DF8769-A817-4C06-9140-80198518244F@akamai.com> <CAChr6SzH1EycAr5n+dK5BQcG=0Zsw66qE=8Rptvq7SEoEvQQ=Q@mail.gmail.com> <E5A0DAE2-A718-41EA-B490-58ABD0F31CF2@rfc1035.com> <CAChr6SzvUZS4Ru_SttiZgWtjwBuLrzc_fdewq9w-Ts+Rq_oNHw@mail.gmail.com> <9E8BD2C4-D750-4B8C-BA34-AC4425F2951D@gmail.com> <CAChr6Szo+1x6BnU2XH2A0o7CTQrQhFVPYezR7KQVLw-nWToULg@mail.gmail.com> <MN2PR21MB12134C6B57220E1B8BF5C811FAC60@MN2PR21MB1213.namprd21.prod.outlook.com> <CABtrr-Ue6rAom3ubJc_tPbn37T8HPGPabzX=CxT9UmiicbUtXQ@mail.gmail.com> <520325278.24189.1563973538937@appsuite-gw1.open-xchange.com>
In-Reply-To: <520325278.24189.1563973538937@appsuite-gw1.open-xchange.com>
From: Joseph Lorenzo Hall <joe@cdt.org>
Date: Wed, 24 Jul 2019 10:03:38 -0400
Message-ID: <CABtrr-U-Pm0hG1W_c8fOzEzofGUYdKf3f_ErMx=Q2riUHaDTAQ@mail.gmail.com>
To: Vittorio Bertola <vittorio.bertola@open-xchange.com>
Cc: "add@ietf.org" <add@ietf.org>
Content-Type: multipart/alternative; boundary="0000000000004c8624058e6dc75e"
Archived-At: <https://mailarchive.ietf.org/arch/msg/add/GteBOWO1f46_zhFjZTXx99uX-sw>
Subject: Re: [Add] fixing coffee shop brokenness with DoH
X-BeenThere: add@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Applications Doing DNS <add.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/add>, <mailto:add-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/add/>
List-Post: <mailto:add@ietf.org>
List-Help: <mailto:add-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/add>, <mailto:add-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 24 Jul 2019 14:04:03 -0000

On Wed, Jul 24, 2019 at 9:05 AM Vittorio Bertola <
vittorio.bertola@open-xchange.com> wrote:

>
> Il 24 luglio 2019 12:19 Joseph Lorenzo Hall <joe@cdt.org> ha scritto:
>
>
>
>
> On Tue, Jul 23, 2019 at 22:26 Tommy Jensen <Jensen.Thomas=
> 40microsoft.com@dmarc..ietf.org <40microsoft.com@dmarc.ietf.org>> wrote:
>
> > Are people selling DNS logs to ad tech companies? Is that the ecosystem
> being disrupted?
>
> Given how many valid points have been brought up in the last few weeks
> about the drawbacks of centralized app-configured DNS, I don’t think the
> glib tone is constructive.
>
>
> Tone aside, to some users, centralization is a benefit in that they don't
> have a bunch of unknown privacy policies applying to the resolution of the
> names they need. For example, the privacy policy of 1.1.1.1 is pretty
> amazing from the perspective of data retention, secondary uses, etc. (e.g.,
> I know my resolutions will be removed from their logs within 24 hours).
>
> This may seem small but it seems to be lost in the centralization/choice
> discussion.
>
> What you seem to want above, however, is not made possible by
> centralization, but by user choice, i.e. the user being able to tell all
> the applications to use a specific resolver that has a privacy policy they
> like. Centralization might make your choice easier, since you have less
> privacy policies to compare, but might also make it impossible for you to
> find one that you actually like - the fewer they are, the easier it is for
> them to form a cartel and impose conditions that are only good for them.
>
>
These are good points... in the case I'm talking about it's definitely
having user choice, having understandable privacy policies (to people like
me, not end-users necessarily), and having usable ways of turning this on
(e.g., the 1.1.1.1 app from Cloudflare or the Intra app from Google for
older Android to use DoT).


> (I will also note that all this focus on privacy policies is a U.S. bias -
> in Europe, all resolvers have a pretty restrictive basic privacy policy
> which is mandated by the requirements of the GDPR, though of course there
> still are differences that deserve giving users a choice.)
>

So true... We're actively working on generic data protection laws in the
USA, wish us luck! best, Joe

v2.23.0 | Report a Bug | By Email