IETF Logo Mail Archive

Re: [Add] [Ext] Draft Posting: CNAME Discovery of Local DoH Resolvers

Tony Rutkowski <rutkowski.tony@gmail.com> Wed, 01 July 2020 22:56 UTC

Return-Path: <rutkowski.tony@gmail.com>
X-Original-To: add@ietfa.amsl.com
Delivered-To: add@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 64F4B3A0F1C for <add@ietfa.amsl.com>; Wed, 1 Jul 2020 15:56:25 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Level:
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xGFrPdVlYXBQ for <add@ietfa.amsl.com>; Wed, 1 Jul 2020 15:56:23 -0700 (PDT)
Received: from mail-qt1-x830.google.com (mail-qt1-x830.google.com [IPv6:2607:f8b0:4864:20::830]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id ACEAB3A0F1A for <add@ietf.org>; Wed, 1 Jul 2020 15:56:23 -0700 (PDT)
Received: by mail-qt1-x830.google.com with SMTP id u17so19848106qtq.1 for <add@ietf.org>; Wed, 01 Jul 2020 15:56:23 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=subject:to:references:from:message-id:date:user-agent:mime-version :in-reply-to:content-transfer-encoding:content-language; bh=rxFoAmS2jx9kbpdr0+4P1p2lonkuCFaS1IMYxVLH+Bw=; b=Er45oCn7fECG72pI6YnK+XphStXJwETNZolsYgnZM2Ub4JQeI++X7IUIE3hAAS5+pZ G6vfUnO71BsGS8QR7v6j11HXyBzsC9UITLW4pW2SjIH8isLzjrC7AAzBOyREfSer+V0D WH4wVdi0YWNSd3xZimSIb0xXzMBocyJY0rr61SW1W771k5k8V4UZ43Nf7NryHCtL8LiI xd66hi15sJZ9VOfaDLCsIfNSJZ4Ns03gcbfKcecfaog5ukfxBk2f52FVPDzkMhFMzE73 YOlhM0JXqNlGdJnFacV9YdgjnCpZfQ3bGsIa1MgD/s6rqs523oNpEp6iGbIKdLCF6TUY 5yVw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-transfer-encoding :content-language; bh=rxFoAmS2jx9kbpdr0+4P1p2lonkuCFaS1IMYxVLH+Bw=; b=qCx4roEdwSbnoeX8oF/z7D+64v+Oi2ILKnsNzVY4ukg0L+pMr56tXVt+H2hqD58IDp 24LwIkO2b9Z2g+xlSm1gBbx7EEHqdS1XErRC1FC/s94c59Co/SyHz6q/7O4sS4cEo/jX jg7LeaqDCZcT06QKyYFMlj/Qm8J8e2jol9KNAOqHudYqMki1v4TeMWx8u2JTDLT++B9m fZGB696wWXS55HcyAakAmCadZ/l7HVQ0rNunutxBY4P/oNnTalOjsWJ6edJjI4hQ8OqX s0R0BxsmryQi/iInFjnMcAHH5Ll+zoqTueQlq5TU+GPUB6vHjOc85nkhw9nABD87HL1o mV3Q==
X-Gm-Message-State: AOAM531ZHRv6sJkgMMIcsHh2Dnyav8/enZoXVIonE2NEHrx9zZ8hFnPX C0NiLdPQOaU8X3plR6OodBBInOScMd4=
X-Google-Smtp-Source: ABdhPJw9mEsmoq83QfAyuMCjVx8lt30wAQvvQlvVYT0T4MsZ4UT6ZUzbJ9h9Ip+46pp0PoVzJlzdew==
X-Received: by 2002:aed:247a:: with SMTP id s55mr3917079qtc.247.1593644182549; Wed, 01 Jul 2020 15:56:22 -0700 (PDT)
Received: from [192.168.1.249] (pool-70-106-222-98.clppva.fios.verizon.net. [70.106.222.98]) by smtp.gmail.com with ESMTPSA id t35sm7135145qth.79.2020.07.01.15.56.22 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Wed, 01 Jul 2020 15:56:22 -0700 (PDT)
To: Paul Vixie <paul@redbarn.org>, ADD Mailing list <add@ietf.org>
References: <CABcZeBPTkWeB40wpTowKvEJ-gXA3AL2e-BE+C_FC7Js7-D0DZQ@mail.gmail.com> <7554989.GgB1jQp9Bc@linux-9daj> <1518.1593641342@localhost> <10843339.pZq1X2qCAG@linux-9daj>
From: Tony Rutkowski <rutkowski.tony@gmail.com>
Message-ID: <b67b6603-8d54-6ca6-5523-ca94286da065@gmail.com>
Date: Wed, 01 Jul 2020 18:56:22 -0400
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:68.0) Gecko/20100101 Thunderbird/68.10.0
MIME-Version: 1.0
In-Reply-To: <10843339.pZq1X2qCAG@linux-9daj>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Transfer-Encoding: 7bit
Content-Language: en-US
Archived-At: <https://mailarchive.ietf.org/arch/msg/add/PA9RjOESOMBBcNCXGVAxBNVKcqM>
Subject: Re: [Add] [Ext] Draft Posting: CNAME Discovery of Local DoH Resolvers
X-BeenThere: add@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Applications Doing DNS <add.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/add>, <mailto:add-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/add/>
List-Post: <mailto:add@ietf.org>
List-Help: <mailto:add-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/add>, <mailto:add-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 01 Jul 2020 22:56:25 -0000

Hi Paul,

Any view on a matter raised at the recent IAB session - to what extent 
are the behaviors here anticompetitive?

--amr

On 7/1/2020 6:29 PM, Paul Vixie wrote:
> On Wednesday, 1 July 2020 22:09:02 UTC Michael Richardson wrote:
>> Paul Vixie <paul@redbarn.org> wrote:
>>      > do you see that problem as specific to IoT, or disjoint from RDNS
>>      > settings? (i do not.)
>>
>> In the IoT case, we need a good, autonomic mechanism to deploy network
>> configuration to devices in ways that they really understand.
>> (Such as your proxy-HTTP setting, which I entirely approve of).
>>
>> Getting the wrong RDNS settings on an IoT device means that it probably does
>> not function well (or maybe at all), and it becomes very difficult to do
>> RFC8520.  (see my draft-richardson-opsawg-mud-iot-dns-considerations-02 )
> speaking as someone who had to create a local responder for 8.8.8.8 in order
> to get my chromecast to believe it had internet connectivity, i think we
> should consider that in the IoT world, there will never be profit from the
> delivery and sale of these devices, only from the services they can offer, and
> the phone-home telemetry they can monetize. google's chromecast already
> ignores the RDNS settings it gets from my DHCP service. therefore, "wrong" is
> in the eye of the beholder, and the interests of IoT buyers are unaligned with
> the interests of IoT sellers. we should consider this negotiation a "hostile"
> one.
>
>> Getting the wrong RDNS settings on a *desktop* browser is a qualitatively
>> different thing in my opinion.  It probably operates, but for some
>> uses/users it may be a problem, either because of the click-trail it
>> leaves, or because of the censorship that the user experiences.
>>
>> I think that this is particularly acute for *desktop* browsers, as they do
>> not in general have the luxury of just picking a different coffee shop.
>> The people who use them are generally vulnerable in a variety of different
>> ways.
> at the moment, i challenge your specificity here. laptops and smartphones and
> datapads all behave the way you're describing for desktops here.
>
> in the future, i will challenge any specificity on this topic, since all nodes
> whether embedded or operated will have the same capabilities and constraints.
>
>> It is *important* for the browser to be able to clearly indicate what level
>> of privacy is being experienced.
> i expect that you can get universal agreement on that point. in any case, +1.
>

v2.23.0 | Report a Bug | By Email