IETF Logo Mail Archive

Re: [Add] What to do in this potential working group

Tommy Jensen <Jensen.Thomas@microsoft.com> Wed, 21 August 2019 13:41 UTC

Return-Path: <Jensen.Thomas@microsoft.com>
X-Original-To: add@ietfa.amsl.com
Delivered-To: add@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 79B07120963 for <add@ietfa.amsl.com>; Wed, 21 Aug 2019 06:41:45 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=microsoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id H1sz6U9G2Thy for <add@ietfa.amsl.com>; Wed, 21 Aug 2019 06:41:42 -0700 (PDT)
Received: from NAM06-DM3-obe.outbound.protection.outlook.com (mail-dm3nam06on071a.outbound.protection.outlook.com [IPv6:2a01:111:f400:fe56::71a]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5AEC912002F for <add@ietf.org>; Wed, 21 Aug 2019 06:41:42 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=c16R3r1r/7G+1iQkLILZ8Im4x8KjengkM4P+Ka8LtYDTxzNEXU6uaSd9y0G9PnVmQ1l+0CgbZ+15KewJyTTTtP5fvilFrkOPtAM3kevJY10YhIf8v7ijHRaC7P52HukZkfkIcr5uA5iB1EGcyYyMk8YJ/pUdIoCqt3UROnzs8Znd/E+ZLKCEBPqqZ85PVtVoJ67FGkha86WyNj8TQ67WvQsoMbHssl6rNhUly2rqsrz81Xm3M5Mdi5lNBJScXNO+rkSOkAxMiEeNjcYbGU2AnSD5EGW5scFtT7NB9cupf1FgCq/InrkF3ROW+/DuS/GN4r0Hy7FM4ozK7Gc4CuP1aA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=ptZe1KVLjX6e/kLnkyVKC/4/Bh3qbAsutAKiCdIQYWQ=; b=hu9CeTWGDAiMPkPnv3HSZ7I+fZxDjMl+Iv/5Hpolw1U7oxorYY8+U2h1kcBlcu/u05uqIoPDA15TD/pRhl43SlcgFC+qyPUvAKLBPGpeUmPSJ/SNxsZhkgeCB8StR7gdSKTEuGPORdoU8jrp3+N8mEWe/ErZTeABD4Fzqy1G6GyJWJ1j50M4PpUPPRfLCyWLUzOMnOdH1KHm5tDSimj1rpzTZHINxMklTZdvvHYz8Hdt5jKPCTQuZd99MfRUBlSJveE/em24SxY2JoiK/kDefnDLluHfY+gi+2sduI9tLWE9FXKhPsx1RHwAWlD2gcI5Iks7FTaWRGsQSoO5bSFfTA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=microsoft.com; dmarc=pass action=none header.from=microsoft.com; dkim=pass header.d=microsoft.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=ptZe1KVLjX6e/kLnkyVKC/4/Bh3qbAsutAKiCdIQYWQ=; b=JzikCQEY0WEE7pRXP+o0Nn6fGKegETORDf/zXFuVzmSyvQvgFUCGokjmMXj6JDDC6DND4y25risby206BjXQ4pJtZTOR28ipOa/J1C4TVP8dx5coYU5r1BPT4YyDitOkCCz/CxGgzicoJzNKsiV+3ndkRdKNmetKzdUkDbvkMoY=
Received: from CO2PR00MB0069.namprd00.prod.outlook.com (10.166.215.135) by CO2PR00MB0216.namprd00.prod.outlook.com (10.166.214.140) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2232.0; Wed, 21 Aug 2019 13:41:33 +0000
Received: from CO2PR00MB0069.namprd00.prod.outlook.com ([fe80::fde6:4e4f:4f2f:2cae]) by CO2PR00MB0069.namprd00.prod.outlook.com ([fe80::fde6:4e4f:4f2f:2cae%9]) with mapi id 15.20.2238.000; Wed, 21 Aug 2019 13:41:33 +0000
From: Tommy Jensen <Jensen.Thomas@microsoft.com>
To: "Eric Vyncke (evyncke)" <evyncke@cisco.com>, Jari Arkko <jari.arkko@piuha.net>
CC: ADD Mailing list <add@ietf.org>
Thread-Topic: [Add] What to do in this potential working group
Thread-Index: AQHVV5IgfN2/dHLA30mC7zQtvTMK5KcFRa+AgAAo9ICAAB6tgIAADsvX
Date: Wed, 21 Aug 2019 13:41:32 +0000
Message-ID: <CO2PR00MB0069BAEABBD9BD202B146461FAAA0@CO2PR00MB0069.namprd00.prod.outlook.com>
References: <A1128702-1E19-4657-9740-E84AE09992F2@piuha.net> <CABcZeBMfOTjq-8hDDoKMtJvfHUA5nC8o60zuk-2Xe-ZhfwriJQ@mail.gmail.com> <766112E1-F532-4C6B-8CA8-A096671E02EE@piuha.net>, <079D125A-B2F0-41B3-A6F6-CAAFA7F51E6D@cisco.com>
In-Reply-To: <079D125A-B2F0-41B3-A6F6-CAAFA7F51E6D@cisco.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=Jensen.Thomas@microsoft.com;
x-originating-ip: [2601:600:a080:7f23:f82a:7616:fed5:c4c2]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 3b65c407-d5bb-44f0-0a6b-08d7263d4794
x-ms-office365-filtering-ht: Tenant
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600158)(711020)(4605104)(1401327)(4618075)(2017052603328)(7193020); SRVR:CO2PR00MB0216;
x-ms-traffictypediagnostic: CO2PR00MB0216:
x-ms-exchange-purlcount: 1
x-microsoft-antispam-prvs: <CO2PR00MB0216FA4F782D1520B32AAF82FAAA0@CO2PR00MB0216.namprd00.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:9508;
x-forefront-prvs: 0136C1DDA4
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(4636009)(346002)(136003)(396003)(39860400002)(376002)(366004)(189003)(199004)(7736002)(6506007)(229853002)(8676002)(66574012)(6116002)(478600001)(236005)(8936002)(6436002)(5660300002)(606006)(52536014)(71190400001)(8990500004)(81166006)(81156014)(966005)(14454004)(10090500001)(14444005)(256004)(2906002)(102836004)(7696005)(76116006)(11346002)(66946007)(6246003)(33656002)(66476007)(486006)(25786009)(476003)(99286004)(110136005)(53546011)(66446008)(64756008)(71200400001)(9686003)(53936002)(10290500003)(55016002)(22452003)(54896002)(46003)(74316002)(86362001)(76176011)(66556008)(4326008)(316002)(186003)(446003)(6306002); DIR:OUT; SFP:1102; SCL:1; SRVR:CO2PR00MB0216; H:CO2PR00MB0069.namprd00.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: microsoft.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: telfhPDehLMlNJCDbxZ3j6VkQbHjRDkOwP5qgAO2bpmIHO6SiGQGPyCnN8IjkZyQgUvVp7HLSitdVPrK7fxnRGa6te0NUl7fBKRL+b2HGprGon7wmpWaU6AXgpigO6eYxXcDIbFAdnZaP2HpjtB+8c4fOmPD5Z45hyuA0eC8KjbTABGSkgZGF93F5Lq6kw4p+9LrhoWEno03OL5k/KkboLObkkXY/ZzfPubaBCUNyB3UyxO8fKmqa5z01CICKuV9YE32n3H1vp89bmhoal8d8RjOZ/I017JEQqz3U4L8gwOZbZyT0MGEGnA1vMYiFdNtukEtPZ9BOT7CgPbiPpUUn8acVwnwjswTTOv8gi1AaLkeC3h9PDZpkoSI9BnMWSn6M07gk0WxQpCOsmUV0w2Yz8ThLEtay0moJG5zux6uYEY=
x-ms-exchange-transport-forked: True
Content-Type: multipart/alternative; boundary="_000_CO2PR00MB0069BAEABBD9BD202B146461FAAA0CO2PR00MB0069namp_"
MIME-Version: 1.0
X-OriginatorOrg: microsoft.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 3b65c407-d5bb-44f0-0a6b-08d7263d4794
X-MS-Exchange-CrossTenant-originalarrivaltime: 21 Aug 2019 13:41:32.8520 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: KHFd4oqOMfUvIIL6vTTiNMw/yUu745QxaVtPCsyDZj/v4d4IkN7Hf/bwpRtM98ifkUof4A/TJGAG9mzNpyYCtQ==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CO2PR00MB0216
Archived-At: <https://mailarchive.ietf.org/arch/msg/add/suV-kby3gabMGVtcnsHN8l7eOjE>
Subject: Re: [Add] What to do in this potential working group
X-BeenThere: add@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Applications Doing DNS <add.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/add>, <mailto:add-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/add/>
List-Post: <mailto:add@ietf.org>
List-Help: <mailto:add-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/add>, <mailto:add-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 21 Aug 2019 13:41:46 -0000

I’d like to point out one other point in the context of centralized data being a drawback: data breaches. Every company is susceptible to them, and centralized data requires fewer breaches to occur in a given time window to gain access to the entire data set. This, unlike the data mining potential, doesn’t require nefarious intent by the data holder.

Thanks,
Tommy
________________________________
From: Add <add-bounces@ietf.org> on behalf of Eric Vyncke (evyncke) <evyncke@cisco.com>
Sent: Wednesday, August 21, 2019 5:44 AM
To: Jari Arkko <jari.arkko@piuha.net>
Cc: ADD Mailing list <add@ietf.org>
Subject: Re: [Add] What to do in this potential working group

Let me chime for once in this heated discussion as an individual Internet user: Jari, you are 100% right (except perhaps the order of your list, I would have put the critical part on the top as companies can go bankrupt)

-éric

On 21/08/2019, 12:55, "Add on behalf of Jari Arkko" <add-bounces@ietf.org on behalf of jari.arkko@piuha.net> wrote:

    Ekr,

    I fully realise that there will be differences of viewpoints when it comes to the trustworthiness of individual DNS service providers.

    But I was trying to make a different point. While we may disagree which provider I’d like to use for the DNS service, I think it would be quite reasonable for us to agree that if all of us put our all our queries in one place (whatever that is) that this causes severe problems:

    - That place becomes immensely valuable from a commercial data mining perspective. There’s a risk that it will at least at some point be used for data mining, despite whatever the intentions of the people who set this system up now is.

    - That place becomes immensely interesting to for governments to tap. There’s a risk that this tapping is either already happening or will be happening going forward, despite best intentions of the people who set it up or who manage it.

    - That places becomes critical infrastructure and a weak point that we do not need in the Internet.

    As a result, I would like to suggest that the IETF actually concludes the above and recommends against this practice.

    For whatever it is worth, I can understand some motivations for doing something like this e.g. in browsers. Some good reasons and potentially also some not so good reasons. But even with that background, it is difficult for me to imagine a worse act for the Internet than making browsers call home for every action of the user. The privacy impacts for the users are unimaginably bad.

    A few years ago we realised that surveillance organisations were looking at people's traffic, and we managed to change the Internet to protect this traffic with cryptographic means. I think it is to think about the next step, and ensure that we don’t create an Internet architecture that puts everyone’s data at central location.

    Obviously, encrypted DNS is still hugely important, as are global DNS services. However, the deployment model of using one (or a small number of) providers is just wrong. That would be fixable.

    Jari

    --
    Add mailing list
    Add@ietf.org
    https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ietf.org%2Fmailman%2Flistinfo%2Fadd&amp;data=02%7C01%7CJensen.Thomas%40microsoft.com%7C247f87f759f74ee1a6f708d726356c91%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637019883216567214&amp;sdata=chzaUKs41KYywrMc5A352%2ByvtNWAspAKy3tkVz5iT%2Bw%3D&amp;reserved=0


--
Add mailing list
Add@ietf.org
https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ietf.org%2Fmailman%2Flistinfo%2Fadd&amp;data=02%7C01%7CJensen.Thomas%40microsoft.com%7C247f87f759f74ee1a6f708d726356c91%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637019883216567214&amp;sdata=chzaUKs41KYywrMc5A352%2ByvtNWAspAKy3tkVz5iT%2Bw%3D&amp;reserved=0

v2.23.0 | Report a Bug | By Email