IETF Logo Mail Archive

Re: [Add] Fwd: New Version Notification for draft-mglt-abcd-doh-privacy-analysis-00.txt

Daniel Migault <daniel.migault@ericsson.com> Wed, 06 November 2019 21:25 UTC

Return-Path: <mglt.ietf@gmail.com>
X-Original-To: add@ietfa.amsl.com
Delivered-To: add@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 93A8A120120 for <add@ietfa.amsl.com>; Wed, 6 Nov 2019 13:25:51 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.567
X-Spam-Level:
X-Spam-Status: No, score=-1.567 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FREEMAIL_FORGED_FROMDOMAIN=0.082, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.25, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ddfi5tI707OC for <add@ietfa.amsl.com>; Wed, 6 Nov 2019 13:25:49 -0800 (PST)
Received: from mail-vs1-f47.google.com (mail-vs1-f47.google.com [209.85.217.47]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7B86F120047 for <add@ietf.org>; Wed, 6 Nov 2019 13:25:49 -0800 (PST)
Received: by mail-vs1-f47.google.com with SMTP id j85so16988611vsd.11 for <add@ietf.org>; Wed, 06 Nov 2019 13:25:49 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=Wds4NtZx6kdvk1eAjPFmVTig5/It+TLucBGgZjHz2TA=; b=j30vsXg5UxQlZd2LVaFDJxUudjGt+TbqDS5R6s59ehqcHVlZq/Y82Y3IfguqtSvQPq boVsm/rUhi+9Gqv4RdN7WtKO95dKA08PH/tD6kE7Vt75+PBPAOd7Q6Fu7Xvhv0r04ssy 4ezvKoAJUCvYQStkpiBGrSAAeWY0iMSD5xHpYlIIXosPjVf8KhUlkD35eMkoIgFUCD8f p3GJ42JUuTvI1tw/yGStEldFYKBf6TZ2yjARpFKVG2tDg22dLXtFntSg8Y3AdRYpyAs0 MCe6sAFsdbbIcQl7ErA3ZD+HSUlmuXiQA/rso8YnGWsbRifgOjQKMZZ5UQ/d/K/uu+5l GzaA==
X-Gm-Message-State: APjAAAVfGoKt5otLuN9iOZJWw3kTUCDknDRNwhoTJFd1D0Qf3xXjMtqu CWbqzr+qDVKIAx1hlCWjwQx9971IzdSUQWJlkNiGgoIzr9U=
X-Google-Smtp-Source: APXvYqxgTH65dsisvuNNAc5gSwz5yE1x6yiR/owEREK6JRgFwnhUdOK8NEkOSWcXQxhaeA3KEdoIqg6HRyA77ebPbkA=
X-Received: by 2002:a67:685:: with SMTP id 127mr23789vsg.169.1573075548377; Wed, 06 Nov 2019 13:25:48 -0800 (PST)
MIME-Version: 1.0
References: <157288444149.16545.17250458995529707952.idtracker@ietfa.amsl.com> <CADZyTk=5g7toa5QwaQ9tCO1d2iJ1-pF9W6RzOEi9MjrsnyLsFw@mail.gmail.com> <2f52a096-ae14-a9f8-1dbf-8931e3204ec7@cs.tcd.ie>
In-Reply-To: <2f52a096-ae14-a9f8-1dbf-8931e3204ec7@cs.tcd.ie>
From: Daniel Migault <daniel.migault@ericsson.com>
Date: Wed, 06 Nov 2019 16:25:37 -0500
Message-ID: <CADZyTkmYauCcq-V3Dk07yGkKLYwma2UM1Qja6b+1oXD4pOhOEQ@mail.gmail.com>
To: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Cc: Daniel Migault <daniel.migault=40ericsson.com@dmarc.ietf.org>, add@ietf.org
Content-Type: multipart/alternative; boundary="0000000000004415450596b4315d"
Archived-At: <https://mailarchive.ietf.org/arch/msg/add/SAGlHzOCTNSMHBoIVEKu8x3EpNU>
Subject: Re: [Add] Fwd: New Version Notification for draft-mglt-abcd-doh-privacy-analysis-00.txt
X-BeenThere: add@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Applications Doing DNS <add.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/add>, <mailto:add-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/add/>
List-Post: <mailto:add@ietf.org>
List-Help: <mailto:add-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/add>, <mailto:add-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 06 Nov 2019 21:25:52 -0000

Hi Stephen,

Thank you for the feed back and taking the time to read the draft.

To answer to your question, the purpose of this draft is to provide an
analysis of the privacy impact of the deployment of DoH. In that sense it
addresses two of your concerns -- "this is yet another one-sided
description of the issues."--, that is:
* 1) clarification of (potential) issues - and the context in which there
may be issues.
* 2) misleading communications

It seems, at least to me, two valid reasons for having the analysis as an
internet draft.

Regarding your comment, as the author whose english is not his native
language, I can guarantee there is no intention of carrying a pejorative
meaning nor that the document being one sided. For instance, the term
"threat" was used as in a similar way as in RFC6973 [1].

"""
   Although recipients, intermediaries, and enablers may not generally
   be considered as attackers, they may all pose privacy threats
   (depending on the context) because they are able to observe, collect,
   process, and transfer privacy-relevant data.
"""
The cambridge dictionnary [2] provides for threat "A threat of rain is in
today’s forecast." and I do not see any intention of being pejorative as
well.

Comments regarding the content of the draft are more than welcome as usual!

Yours,
Daniel


[1] https://tools.ietf.org/html/rfc6973#section-5.1.1
[2] https://dictionary.cambridge.org/dictionary/english/threat?q=threat+


On Wed, Nov 6, 2019 at 9:20 AM Stephen Farrell <stephen.farrell@cs.tcd.ie>
wrote:

>
> Hi Daniel,
>
> On 05/11/2019 20:40, Daniel Migault wrote:
> > Please find an analysis on DoH and privacy. The intent is to provide an
> > analysis. Any feed backs are welcome!
>
> My feedback:
>
> - I don't see how this adds to the discussion. ISTM this
> is yet another one-sided description of the issues. What do
> you think is the added benefit of having this text in an
> Internet-draft? Honestly, I don't get it.
>
> - In particular, I don't think your "conclusion" that "the
> overall picture of concentration shows that it represents
> a threat to the end user's privacy" can be justified based
> on the content. I'm assuming "represents a threat" is not
> just weasel-wording for "might be" which is trivially
> true. If you mean anything stronger than "might be" then
> that's not justified IMO and if you mean "might be" or
> anything weaker, then it looks like stretching to find
> a pejorative way to describe things.
>
> Cheers,
> S.
>
> PS: In saying the above, I do think there are dangers in
> how DoH deployments might increase centralisation. But I
> also think that one-sided descriptions of those dangers
> make the conversations more, and not less, difficult.
>
> >
> > Yours,
> > Daniel
> > ---------- Forwarded message ---------
> > From: <internet-drafts@ietf.org>
> > Date: Mon, Nov 4, 2019 at 11:20 AM
> > Subject: New Version Notification for
> > draft-mglt-abcd-doh-privacy-analysis-00.txt
> > To: Daniel Migault <mglt.ietf@gmail.com>
> >
> >
> >
> > A new version of I-D, draft-mglt-abcd-doh-privacy-analysis-00.txt
> > has been successfully submitted by Daniel Migault and posted to the
> > IETF repository.
> >
> > Name:           draft-mglt-abcd-doh-privacy-analysis
> > Revision:       00
> > Title:          A privacy analysis on DoH deployment
> > Document date:  2019-11-04
> > Group:          Individual Submission
> > Pages:          11
> > URL:
> >
> https://www.ietf.org/internet-drafts/draft-mglt-abcd-doh-privacy-analysis-00.txt
> > Status:
> > https://datatracker.ietf.org/doc/draft-mglt-abcd-doh-privacy-analysis/
> > Htmlized:
> > https://tools.ietf.org/html/draft-mglt-abcd-doh-privacy-analysis-00
> > Htmlized:
> >
> https://datatracker.ietf.org/doc/html/draft-mglt-abcd-doh-privacy-analysis
> >
> >
> > Abstract:
> >    This document provides an analysis on DoH impact on privacy
> >
> >
> >
> >
> > Please note that it may take a couple of minutes from the time of
> submission
> > until the htmlized version and diff are available at tools.ietf.org.
> >
> > The IETF Secretariat
> >
> >
> --
> Add mailing list
> Add@ietf.org
> https://www.ietf.org/mailman/listinfo/add
>

v2.23.0 | Report a Bug | By Email