IETF Logo Mail Archive

Re: [Add] [Ext] Draft Posting: CNAME Discovery of Local DoH Resolvers

Ted Lemon <mellon@fugue.com> Wed, 01 July 2020 23:29 UTC

Return-Path: <mellon@fugue.com>
X-Original-To: add@ietfa.amsl.com
Delivered-To: add@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 12F0C3A11C7 for <add@ietfa.amsl.com>; Wed, 1 Jul 2020 16:29:47 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.898
X-Spam-Level:
X-Spam-Status: No, score=-1.898 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=fugue-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id FSeht1K42MJQ for <add@ietfa.amsl.com>; Wed, 1 Jul 2020 16:29:45 -0700 (PDT)
Received: from mail-qk1-x72a.google.com (mail-qk1-x72a.google.com [IPv6:2607:f8b0:4864:20::72a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 972053A11C5 for <add@ietf.org>; Wed, 1 Jul 2020 16:29:45 -0700 (PDT)
Received: by mail-qk1-x72a.google.com with SMTP id k18so23962292qke.4 for <add@ietf.org>; Wed, 01 Jul 2020 16:29:45 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fugue-com.20150623.gappssmtp.com; s=20150623; h=from:message-id:mime-version:subject:date:in-reply-to:cc:to :references; bh=vYFZDARWYC0JGJiBa4vhJsCsJASlecc+VrGRBy4sxWM=; b=wgswSi2QrzXCK6I4Lf0qqptEXiDJAOWBC1uNtiy7Z23oH2TkdXFNX/769Osj1XGyXq rbyji9W3OIOxYRvEJR2Nvng3bvDy0UkqyG4Fe17CFussb74ycu/T28t1x49/JIBT0Rxo YGRCuc0Gr8KJmd2l5qafKiVI8VfPoVfd3WoEN+GRFsRUqst7LQhdWGfHwnJw2+RmU10G NQlmAiJDhNa6ypFpXt9LgDE/PFgJFZbwFgg2JIrNZtND7enuzzer8ufOegMnrwH/vMl8 Ul0pih2Z33/VTALoX81oLuqcgrZjBrDX+DUV5GQuKj3uY0r6SnT4wDVYDKjx1XTWYx/K cbAw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:message-id:mime-version:subject:date :in-reply-to:cc:to:references; bh=vYFZDARWYC0JGJiBa4vhJsCsJASlecc+VrGRBy4sxWM=; b=HT+BVPMmYH+aGySNaEfW98rHb4kJ/CSpNO9AjEm2PAH8oJ8aMz+x4JMV6xsAJo6aCt hZDBA/mL6GOcs8lmRvyXHOqs3KdgOVKV+u5ogjxiAf9s/zRQq1gfWPiV04u1lxvyYWZQ EohHBCY1SGnzNVUpj1sPGyjJGxpaeydKgEBLcw4xqr/08UAxdtlrkYBnWqrMaqCqL2md qyc/Jbnk3eeZHgPf3dJGaX3pxe22DVZVa/CSTvXfMa5+VWorTpaiXBVHByPiiYJRNXvS TADqQyt4yu6jNv/SPFUovfVDv5p3mhDVlfuU9xk+Ty2OkvX+nnrfXd36Vmpg04TmDEyz 6/eQ==
X-Gm-Message-State: AOAM532oKiMed6IxvdB9++AiM5n/HUC5x1IpXYwILgh7PWp9IXo0J8Y2 oPYmBVqygrpHe0ntUyuVRKRIClKDz1g=
X-Google-Smtp-Source: ABdhPJwVHnKz90xe33DQOf1YyH2AXdr59NokOGx8f02J59dXDSdxQuNqeS3bTSQaJwEARFpw0KRlyg==
X-Received: by 2002:a37:51c6:: with SMTP id f189mr27901450qkb.339.1593646184460; Wed, 01 Jul 2020 16:29:44 -0700 (PDT)
Received: from ?IPv6:2601:18b:300:36ee:7591:cd25:b0c:85a5? ([2601:18b:300:36ee:7591:cd25:b0c:85a5]) by smtp.gmail.com with ESMTPSA id c189sm6980989qkb.8.2020.07.01.16.29.43 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Wed, 01 Jul 2020 16:29:43 -0700 (PDT)
From: Ted Lemon <mellon@fugue.com>
Message-Id: <0B017DC6-A623-40C2-A964-A2A50146F2FF@fugue.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_1102D616-EC99-43CD-8647-C91EB5AE49E6"
Mime-Version: 1.0 (Mac OS X Mail 13.4 \(3608.120.23.2.1\))
Date: Wed, 01 Jul 2020 19:29:42 -0400
In-Reply-To: <1593646775.dG1Bvp8sRD@linux-9daj>
Cc: ADD Mailing list <add@ietf.org>
To: Paul Vixie <paul@redbarn.org>
References: <CABcZeBPTkWeB40wpTowKvEJ-gXA3AL2e-BE+C_FC7Js7-D0DZQ@mail.gmail.com> <10843339.pZq1X2qCAG@linux-9daj> <3477110E-E456-430F-8E47-0B0217FBF2B9@fugue.com> <1593646775.dG1Bvp8sRD@linux-9daj>
X-Mailer: Apple Mail (2.3608.120.23.2.1)
Archived-At: <https://mailarchive.ietf.org/arch/msg/add/ILu20i3ZXizADFiozgmj8iJ89ME>
Subject: Re: [Add] [Ext] Draft Posting: CNAME Discovery of Local DoH Resolvers
X-BeenThere: add@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Applications Doing DNS <add.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/add>, <mailto:add-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/add/>
List-Post: <mailto:add@ietf.org>
List-Help: <mailto:add-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/add>, <mailto:add-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 01 Jul 2020 23:29:47 -0000

On Jul 1, 2020, at 7:02 PM, Paul Vixie <paul@redbarn.org> wrote:
> On Wednesday, 1 July 2020 22:51:03 UTC Ted Lemon wrote:
>> ... Did the company that sold you your
>> incandescent light bulb need to snoop on your network to make a profit?
> 
> yes.

I’m confused. Your _incandescent_ light bulb?

>> No.
> 
> it's good to know the bailiwick of our disagreement.

FWIW, I don’t think we disagree: if you have IoT devices that reach out to the cloud to work, I think blocking their access to the cloud makes perfect sense.  However, if all you block is their DNS, that’s not going to go very far toward restricting their access to the cloud.  It’ll work great for devices made by companies who are reasonably trustworthy, but not for devices that are made by companies that are crooked, nor compromised devices.

v2.23.0 | Report a Bug | By Email