IETF Logo Mail Archive

Re: [Add] Mozilla's DoH resolver policy

Wes Hardaker <wjhns1@hardakers.net> Fri, 12 April 2019 16:02 UTC

Return-Path: <wjhns1@hardakers.net>
X-Original-To: add@ietfa.amsl.com
Delivered-To: add@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D55FC1202E0 for <add@ietfa.amsl.com>; Fri, 12 Apr 2019 09:02:35 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_PASS=-0.001] autolearn=unavailable autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id WM3hBzRaTmnq for <add@ietfa.amsl.com>; Fri, 12 Apr 2019 09:02:33 -0700 (PDT)
Received: from mail.hardakers.net (mail.hardakers.net [168.150.192.181]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8F30C1200E6 for <add@ietf.org>; Fri, 12 Apr 2019 09:02:32 -0700 (PDT)
Received: from localhost (unknown [10.0.0.3]) by mail.hardakers.net (Postfix) with ESMTPA id AB71B206EE; Fri, 12 Apr 2019 09:02:31 -0700 (PDT)
From: Wes Hardaker <wjhns1@hardakers.net>
To: Peter Saint-Andre <stpeter@mozilla.com>
Cc: Vittorio Bertola <vittorio.bertola=40open-xchange.com@dmarc.ietf.org>, Ralf Weber <dns@fl1ger.de>, Martin Thomson <mt@lowentropy.net>, add@ietf.org
References: <297C80CE-F017-4F4A-80E2-79941E8B9E02@icann.org> <b64761dc-dfab-e4e1-4bfb-82d607efa590@riseup.net> <alpine.LRH.2.21.1904101324530.9940@bofh.nohats.ca> <64aeff58-6d68-4c4f-b991-2b2f62d193a0@www.fastmail.com> <90A5C5C4-373C-4B39-80C2-C115CD23CB4D@fl1ger.de> <994839978.18707.1554973716877@appsuite.open-xchange.com> <af5f5c76-0095-65a0-39d1-d29d4bb0e906@mozilla.com>
Date: Fri, 12 Apr 2019 09:02:31 -0700
In-Reply-To: <af5f5c76-0095-65a0-39d1-d29d4bb0e906@mozilla.com> (Peter Saint-Andre's message of "Thu, 11 Apr 2019 10:02:45 -0600")
Message-ID: <ybl36mn8b54.fsf@w7.hardakers.net>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/26.1 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain
Archived-At: <https://mailarchive.ietf.org/arch/msg/add/LgLmF7dzjkWg14D0fkKi7UdnQXw>
Subject: Re: [Add] Mozilla's DoH resolver policy
X-BeenThere: add@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Applications Doing DNS <add.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/add>, <mailto:add-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/add/>
List-Post: <mailto:add@ietf.org>
List-Help: <mailto:add-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/add>, <mailto:add-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 12 Apr 2019 16:02:36 -0000

Peter Saint-Andre <stpeter@mozilla.com> writes:

> We (Mozilla) do not want to encourage centralization, which is why we
> have published criteria for becoming a trusted recursive resolver within
> Firefox.

There are problem with this:

1) Regardless of how many items you have listed, most of your users will
take the default.  Have you considered randomly selecting defaults for
each user?  If they all pass your policy test, then this should be
acceptable?

2) Regardless of how many items you have listed, and which one a
particular user may select, you're still providing centralization from
their point of view.  It doesn't matter how many in the list there are
if all a given users queries still arrive at the same place.  That's
still centralization.  Have you considered randomly rotating all queries
through every item in the list, or turning the list into a series of
checkboxes instead of a single-choice radio dialog to avoid centralizing
my privacy (which suddenly becomes less private)?

-- 
Wes Hardaker
USC/ISI

v2.23.0 | Report a Bug | By Email