Re: [Add] [EXTERNAL] Re: Browser Administrative Authority
tirumal reddy <kondtir@gmail.com> Tue, 28 May 2019 10:15 UTC
Return-Path: <kondtir@gmail.com>
X-Original-To: add@ietfa.amsl.com
Delivered-To: add@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D0201120178 for <add@ietfa.amsl.com>; Tue, 28 May 2019 03:15:52 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.997
X-Spam-Level:
X-Spam-Status: No, score=-1.997 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zmqVJ-2zaEbf for <add@ietfa.amsl.com>; Tue, 28 May 2019 03:15:51 -0700 (PDT)
Received: from mail-it1-x12d.google.com (mail-it1-x12d.google.com [IPv6:2607:f8b0:4864:20::12d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D2B001200B5 for <add@ietf.org>; Tue, 28 May 2019 03:15:50 -0700 (PDT)
Received: by mail-it1-x12d.google.com with SMTP id m140so3058644itg.2 for <add@ietf.org>; Tue, 28 May 2019 03:15:50 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=M8+F7IoNY4J7B4rFMYUciwHMVppWYWBuS67AjWb29Lc=; b=t7zO1PJ75cKMJ0GG6qZpi1Pd7nZ8n/+536Fjh3WrRw+sF+J7u7sb0F8Nd0a6V/k9FS oNHanYa1oKEDn/2ZmXzTzcZUdJE1PS3aLCMad3N3Ewxk4vkotHRh6BwFOQUkZ4tPIvh4 8pRvxDi+tPW9R7ABYlAnQFgnvYTdr3QmJ+ewQvIUCpGkZvaiVoJwXFbRZ2zyBjwbQETv 41nSzkZIixwnteaA2ZRU1TYCoYBgg4MPZ9c1Kx0RFXXQ25qlq2NFw3BMsnFvVCl5PA8q g99EG029doAoCmnPnPtZVyahOY+ifUF4DnRjH3+DLcbG141ZtPkUq6Bs4yK4ukuxbb0f XEKA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=M8+F7IoNY4J7B4rFMYUciwHMVppWYWBuS67AjWb29Lc=; b=gvt0HVJxjcACnA4uXLVWYLJ28Jbz0tNUhxcpvNMkJl78KXcsJ/JiUQnIM3jjUBvnaz 8lonVKujCGxXhj5o17w4gdMKAQqpjVKpyr009A3MdjjNyXCHLdGhX9Uhg4oT1s+yRFzq iV15gEmfVvKkK3Tz2SEE02Mb4NyJzr/ttBRaMRLUKhsFt6ULj+ZRZRaYYDhpZqJeQgSD C1H067qez7WituoU0I/d/ctR1a/XCqOghekFHqXYQ4BZEAbJw4QBo1XZO8iPPLMWT7i8 bGjJzTBwLjm8N0ds+7IIFvInzd4nG4kloYp0JyCdN65dNEYoTwHH/VDQO96jaL1B2Y3L 0i6w==
X-Gm-Message-State: APjAAAWktL62B8qRfcVlexZDFf39u9tCXxuuz1hZgeBCu0GE4jLL5YkY kbk7l2LILOinqX9FnL+uH6eTYr3e+vQfjMs2mTk=
X-Google-Smtp-Source: APXvYqxUcr7tNswdDEskNt56rBSeJtNdYRgokSDtuuC0Dx+lujfOsk9pZZ4VGWpMZ7QEDvrpfG7J0wmfvjDB6g6z4m8=
X-Received: by 2002:a05:660c:546:: with SMTP id w6mr2444712itk.27.1559038550026; Tue, 28 May 2019 03:15:50 -0700 (PDT)
MIME-Version: 1.0
References: <182C9119-59F9-43FA-B116-4D45649B74B5@nbcuni.com> <410f4e4d-aee0-d679-b454-6576de90b21a@nomountain.net> <76EF5603-618C-4A73-A4F9-7489B73B0757@nbcuni.com> <9ad7aa89-d751-e4c6-dede-e9c22faf6d20@nomountain.net> <alpine.LRH.2.21.1905262020010.25783@bofh.nohats.ca> <3f2b3225-ad2e-75c8-0cd7-32679e20ebf7@huitema.net> <alpine.LRH.2.21.1905272242570.15000@bofh.nohats.ca>
In-Reply-To: <alpine.LRH.2.21.1905272242570.15000@bofh.nohats.ca>
From: tirumal reddy <kondtir@gmail.com>
Date: Tue, 28 May 2019 15:45:37 +0530
Message-ID: <CAFpG3gdqq47FPo089daYHV-QAT4F64oF5-HiyP7b310jR8FbFg@mail.gmail.com>
To: Paul Wouters <paul@nohats.ca>
Cc: Christian Huitema <huitema@huitema.net>, ADD Mailing list <add@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000f72f180589eff285"
Archived-At: <https://mailarchive.ietf.org/arch/msg/add/UDz-WpaCnrC1Gt8JPrk5YeC_GaY>
Subject: Re: [Add] [EXTERNAL] Re: Browser Administrative Authority
X-BeenThere: add@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Applications Doing DNS <add.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/add>, <mailto:add-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/add/>
List-Post: <mailto:add@ietf.org>
List-Help: <mailto:add-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/add>, <mailto:add-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 28 May 2019 10:15:53 -0000
On Tue, 28 May 2019 at 08:20, Paul Wouters <paul@nohats.ca> wrote: > On Sun, 26 May 2019, Christian Huitema wrote: > > >> As a user I cannot determine that if I once google for "canadian contact > >> lenses", who and why and where that info went. All I know is that 60% > >> of ads are suddently about contact lenses across my house, devices and > >> applications. And the only way out is to encrypt everything end to end, > >> with no midle man or ISP seeing anything. > > > I don't like surveillance any more than you do, but look at the example > > that you just gave. You are asking Google for information about a > > specific product, presumably over an encrypted connection to their > > search engine. Your ISP only sees an encrypted connection to > > "google.com". You may then click on some of the search results, at which > > point both Google, your ISP and all the trackers on the target web page > > know that you contacted https://www.contactlensescanada.com/. Then you > > complain that the surveillance apparatus is bombarding you with ads for > > contact lenses, and you blame the ISP for that. Seriously? > > I should have restrictd by last sentence a bit. I cannot determine who is > sharing my desire for contact lenses. It could be the ad platform, google, > facebook trackers, or anyone monitoring my DNS queries, such as my ISP. > > Arguably, I would have a better idea who is sharing that information if > my last mile was not getting a free look at all my DNS queries, as in > that case only a few https endpoints could know this information. > > Anyway, my point was that the ISP (carrier of hotspot) only uses their > view of my DNS to my detriment. Sending them encrypted to the ISP gains > me nothing. (exception for RBL enhanced DNS servers, but as long as they > are breaking DNSSEC, they cannot be distinguished from a malicious > attack) > Network security functions (NSF) are also deployed by ISPs to protect home networks and mobile subscribers, for instance NSF can perform DNS filtering to block malicious domains. You may want to look into the work happening in I2SNF https://datatracker.ietf.org/wg/i2nsf/about/ and SFC https://datatracker.ietf.org/wg/sfc/about/. Cheers, -Tiru > > Paul > > -- > Add mailing list > Add@ietf.org > https://www.ietf.org/mailman/listinfo/add >
- Re: [Add] Browser Administrative Authority Tom Ritter
- [Add] Browser Administrative Authority Deen, Glenn (NBCUniversal)
- Re: [Add] Browser Administrative Authority Adam Roach
- Re: [Add] Browser Administrative Authority Cook, Neil
- Re: [Add] Browser Administrative Authority Tommy Jensen
- Re: [Add] Browser Administrative Authority Tom Ritter
- Re: [Add] Browser Administrative Authority Tommy Jensen
- Re: [Add] [EXTERNAL] Re: Browser Administrative A… Deen, Glenn (NBCUniversal)
- Re: [Add] Browser Administrative Authority Melinda Shore
- Re: [Add] Browser Administrative Authority Cook, Neil
- Re: [Add] Browser Administrative Authority Stephen Farrell
- Re: [Add] [EXTERNAL] Re: Browser Administrative A… Deen, Glenn (NBCUniversal)
- Re: [Add] [EXTERNAL] Re: Browser Administrative A… Stephen Farrell
- Re: [Add] [EXTERNAL] Re: Browser Administrative A… Deen, Glenn (NBCUniversal)
- Re: [Add] [EXTERNAL] Re: Browser Administrative A… Deen, Glenn (NBCUniversal)
- Re: [Add] [EXTERNAL] Re: Browser Administrative A… Melinda Shore
- Re: [Add] [EXTERNAL] Re: Browser Administrative A… Paul Ebersman
- Re: [Add] [EXTERNAL] Re: Browser Administrative A… Erik Kline
- Re: [Add] [EXTERNAL] Re: Browser Administrative A… Stephen Farrell
- Re: [Add] [EXTERNAL] Re: Browser Administrative A… Paul Wouters
- Re: [Add] [EXTERNAL] Re: Browser Administrative A… Paul Wouters
- Re: [Add] [EXTERNAL] Re: Browser Administrative A… Christian Huitema
- Re: [Add] Browser Administrative Authority Vittorio Bertola
- Re: [Add] [EXTERNAL] Re: Browser Administrative A… Vittorio Bertola
- Re: [Add] [EXTERNAL] Re: Browser Administrative A… tirumal reddy
- [Add] publication of DoH Resolver policies Jim Reid
- Re: [Add] publication of DoH Resolver policies tirumal reddy
- Re: [Add] [EXTERNAL] Re: Browser Administrative A… Deen, Glenn (NBCUniversal)
- Re: [Add] [EXTERNAL] Re: Browser Administrative A… Paul Wouters
- Re: [Add] [EXTERNAL] Re: Browser Administrative A… Neil Cook
- Re: [Add] [EXTERNAL] Re: Browser Administrative A… tirumal reddy
- Re: [Add] [EXTERNAL] Re: Browser Administrative A… Paul Wouters
- Re: [Add] publication of DoH Resolver policies Livingood, Jason
- Re: [Add] publication of DoH Resolver policies Winfield, Alister
- Re: [Add] publication of DoH Resolver policies Petr Špaček
- Re: [Add] publication of DoH Resolver policies tirumal reddy
- Re: [Add] publication of DoH Resolver policies tirumal reddy
- Re: [Add] [EXTERNAL] Re: publication of DoH Resol… Winfield, Alister
- Re: [Add] [EXTERNAL] Re: publication of DoH Resol… tirumal reddy
- Re: [Add] Browser Administrative Authority Livingood, Jason
- Re: [Add] [EXTERNAL] Re: Browser Administrative A… Livingood, Jason
- Re: [Add] [EXTERNAL] Re: Browser Administrative A… Livingood, Jason
- Re: [Add] [EXTERNAL] Re: publication of DoH Resol… tirumal reddy