Re: [Add] Fwd: New Version Notification for draft-mglt-abcd-doh-privacy-analysis-00.txt

[Tommy Jensen <Jensen.Thomas@microsoft.com>]

Hey Daniel,

Adding onto Stephen's comments (+1 to not sure what the goal of this document is), I'll point out a reoccurrence of the common but false assumption that DoH always means browsers and always means centralization:

draft>> DoH changes this paradigm in the way that an application can circumvent the policy set by the end user, without the end user being aware of it.  Firstly, the encryption is performed by the application and as such does not provide any visibility to the operating system.

DoH doesn't change this paradigm at all, as it isn't a protocol just for apps (see the Adaptive DNS proposal for an example of a platform providing DoH). This problem (apps doing their own DNS and circumventing system configured policy) existed before and continues to exist with classic DNS; it just so happened that the traffic was plain text so any network sniffing software could observe and possibly modify or block it. I consider that an unfortunate side effect of plain text protocols, not a feature we should be working to preserve. It's not like apps doing their own DNS queries today are visible to most users today, who don't know what packet inspection is.

I think if we drive widespread adoption of encrypted DNS protocols by platforms and ISPs, we'll have better luck convincing well-behaved applications to defer to platform configurations than any other approach. After all, why build per-app experiences if the platform experience is already "good" in the eyes of the privacy conscious? This will address the concern of centralization of the DNS as well (which is not an inherent DoH problem, but an inherent "default provider for all customers of X app/platform" problem).

As far as ill-behaved applications go, they were going to do whatever they wanted anyway, and pushing DoH adoption doesn't give them powers they didn't already have. At some point, the problem becomes one of the user needing to decide what apps they trust which we cannot help with via protocol design.

Thanks,
Tommy
________________________________
From: Add <add-bounces@ietf.org> on behalf of Stephen Farrell <stephen.farrell@cs.tcd.ie>
Sent: Wednesday, November 6, 2019 6:20 AM
To: Daniel Migault <daniel.migault=40ericsson.com@dmarc.ietf.org>; add@ietf.org <add@ietf.org>
Subject: Re: [Add] Fwd: New Version Notification for draft-mglt-abcd-doh-privacy-analysis-00.txt


Hi Daniel,

On 05/11/2019 20:40, Daniel Migault wrote:
> Please find an analysis on DoH and privacy. The intent is to provide an
> analysis. Any feed backs are welcome!

My feedback:

- I don't see how this adds to the discussion. ISTM this
is yet another one-sided description of the issues. What do
you think is the added benefit of having this text in an
Internet-draft? Honestly, I don't get it.

- In particular, I don't think your "conclusion" that "the
overall picture of concentration shows that it represents
a threat to the end user's privacy" can be justified based
on the content. I'm assuming "represents a threat" is not
just weasel-wording for "might be" which is trivially
true. If you mean anything stronger than "might be" then
that's not justified IMO and if you mean "might be" or
anything weaker, then it looks like stretching to find
a pejorative way to describe things.

Cheers,
S.

PS: In saying the above, I do think there are dangers in
how DoH deployments might increase centralisation. But I
also think that one-sided descriptions of those dangers
make the conversations more, and not less, difficult.

>
> Yours,
> Daniel
> ---------- Forwarded message ---------
> From: <internet-drafts@ietf.org>
> Date: Mon, Nov 4, 2019 at 11:20 AM
> Subject: New Version Notification for
> draft-mglt-abcd-doh-privacy-analysis-00.txt
> To: Daniel Migault <mglt.ietf@gmail.com>
>
>
>
> A new version of I-D, draft-mglt-abcd-doh-privacy-analysis-00.txt
> has been successfully submitted by Daniel Migault and posted to the
> IETF repository.
>
> Name:           draft-mglt-abcd-doh-privacy-analysis
> Revision:       00
> Title:          A privacy analysis on DoH deployment
> Document date:  2019-11-04
> Group:          Individual Submission
> Pages:          11
> URL:
> https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ietf.org%2Finternet-drafts%2Fdraft-mglt-abcd-doh-privacy-analysis-00.txt&amp;data=02%7C01%7CJensen.Thomas%40microsoft.com%7Ce85f2b5a2eec4a50d4de08d762c47bcc%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637086471402836031&amp;sdata=w7GwUhz%2BIVSB5VW%2BtyEKvAUjTTh%2BNhq12tpVbM5Zw0o%3D&amp;reserved=0
> Status:
> https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdatatracker.ietf.org%2Fdoc%2Fdraft-mglt-abcd-doh-privacy-analysis%2F&amp;data=02%7C01%7CJensen.Thomas%40microsoft.com%7Ce85f2b5a2eec4a50d4de08d762c47bcc%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637086471402836031&amp;sdata=XmWL4PabqWROpOd1YmGsKfQ9ucjP16tanC5PnTuewAw%3D&amp;reserved=0
> Htmlized:
> https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Ftools.ietf.org%2Fhtml%2Fdraft-mglt-abcd-doh-privacy-analysis-00&amp;data=02%7C01%7CJensen.Thomas%40microsoft.com%7Ce85f2b5a2eec4a50d4de08d762c47bcc%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637086471402836031&amp;sdata=tpXDCA5qibyJU0%2FBcvkCHxRoKhWTZYi9s4fln0MQLx8%3D&amp;reserved=0
> Htmlized:
> https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdatatracker.ietf.org%2Fdoc%2Fhtml%2Fdraft-mglt-abcd-doh-privacy-analysis&amp;data=02%7C01%7CJensen.Thomas%40microsoft.com%7Ce85f2b5a2eec4a50d4de08d762c47bcc%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637086471402836031&amp;sdata=l4GflUzS14Z68kdSWxLzCjIYKoHWtY%2BwxFxCO5FY%2FEY%3D&amp;reserved=0
>
>
> Abstract:
>    This document provides an analysis on DoH impact on privacy
>
>
>
>
> Please note that it may take a couple of minutes from the time of submission
> until the htmlized version and diff are available at tools.ietf.org.
>
> The IETF Secretariat
>
>