Re: [Add] Fwd: New Version Notification for draft-reddy-dprive-dprive-privacy-policy-00.txt
Paul Wouters <paul@nohats.ca> Wed, 09 October 2019 14:05 UTC
Return-Path: <paul@nohats.ca>
X-Original-To: add@ietfa.amsl.com
Delivered-To: add@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 98F05120154 for <add@ietfa.amsl.com>; Wed, 9 Oct 2019 07:05:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.998
X-Spam-Level:
X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, SPF_HELO_NONE=0.001, SPF_NONE=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=nohats.ca
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8IWTqaNfXIWU for <add@ietfa.amsl.com>; Wed, 9 Oct 2019 07:05:12 -0700 (PDT)
Received: from mx.nohats.ca (mx.nohats.ca [IPv6:2a03:6000:1004:1::68]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 340A8120142 for <add@ietf.org>; Wed, 9 Oct 2019 07:05:12 -0700 (PDT)
Received: from localhost (localhost [IPv6:::1]) by mx.nohats.ca (Postfix) with ESMTP id 46pGFK367jz3WV; Wed, 9 Oct 2019 16:05:09 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nohats.ca; s=default; t=1570629909; bh=Pwdyib2yrfenJy+Fp0nXFPvJXn8IOp0GWbXj9jcXPIg=; h=Date:From:To:cc:Subject:In-Reply-To:References; b=kboVBsVXwP7BAewrjQGffplxDn1Ve7PLg8I0e1Mc1t8DZevQTeTxlPvbcXRuBe+mY XyOWqXZft3RVSpqSYhR3qYQzSQwyHQ58XyFMEIydsseywP60N47brK1yWLsG/UM+kp mndeocoJS1lWc6PQ5huG3hB/YqRSWp+6NjrC9iJk=
X-Virus-Scanned: amavisd-new at mx.nohats.ca
Received: from mx.nohats.ca ([IPv6:::1]) by localhost (mx.nohats.ca [IPv6:::1]) (amavisd-new, port 10024) with ESMTP id DmzUrHNvYT7B; Wed, 9 Oct 2019 16:05:07 +0200 (CEST)
Received: from bofh.nohats.ca (bofh.nohats.ca [76.10.157.69]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx.nohats.ca (Postfix) with ESMTPS; Wed, 9 Oct 2019 16:05:07 +0200 (CEST)
Received: by bofh.nohats.ca (Postfix, from userid 1000) id C804E607F1DF; Wed, 9 Oct 2019 10:05:06 -0400 (EDT)
Received: from localhost (localhost [127.0.0.1]) by bofh.nohats.ca (Postfix) with ESMTP id C68BD23FE47; Wed, 9 Oct 2019 10:05:06 -0400 (EDT)
Date: Wed, 09 Oct 2019 10:05:06 -0400
From: Paul Wouters <paul@nohats.ca>
To: tirumal reddy <kondtir@gmail.com>
cc: ADD Mailing list <add@ietf.org>
In-Reply-To: <CAFpG3ge=zF0W1PzZjc=ysxVzir4tMVa=8ZHs5qyxg4NbE73SPw@mail.gmail.com>
Message-ID: <alpine.LRH.2.21.1910090954170.30131@bofh.nohats.ca>
References: <157009854908.16293.4269133049514081713.idtracker@ietfa.amsl.com> <CAFpG3gdpYASvfz_ey=fsh6+8LQ11EJGyU-dVxH7_1QmVeiAQKg@mail.gmail.com> <alpine.LRH.2.21.1910051351420.26913@bofh.nohats.ca> <CAFpG3gfLLkdZt-b+r=8RY8a+yoJx2tzQOevnOLkNQSm9g9QuDw@mail.gmail.com> <alpine.LRH.2.21.1910070925260.8046@bofh.nohats.ca> <CAFpG3ge=zF0W1PzZjc=ysxVzir4tMVa=8ZHs5qyxg4NbE73SPw@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/add/l2Xf-9LMC7R-kKlZXsul79c3Tmo>
Subject: Re: [Add] Fwd: New Version Notification for draft-reddy-dprive-dprive-privacy-policy-00.txt
X-BeenThere: add@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Applications Doing DNS <add.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/add>, <mailto:add-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/add/>
List-Post: <mailto:add@ietf.org>
List-Help: <mailto:add-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/add>, <mailto:add-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 09 Oct 2019 14:05:15 -0000
On Tue, 8 Oct 2019, tirumal reddy wrote: > How and how would any enforcement system work for a variety of DNS > providers all over the world? ISPs? hotels? coffeeshops? Mobile > providers? Will there be an industry standard org? How will this > not devolve into government sanctioned mandatory DNS providers on > my mobile device? > > Users may or may not trust the attached network and the DNS server provided by the network (e.g, a public > network). It is similar to the way users disable VPN in specific trusted networks (e.g., Enterprise network) > and VPN is enabled by default in all other networks. The user can already do that, without any help from the local network. If someone configures a VPN or a DoT/DoH, they do not need the local network for anything except passing a captive portal. I don't understand what you are adding here. Trust relationships of networks are: 1) I don't need to trust them, so I don't 2) I am forced to trust them, so I do. In the case of an enterprise network like 2) they can already pre-install the CA certs I need to trust on connecting to the network (see the IETF network do something similar there) > No. If the privacy requirements of the endpoint are not met, the DNS client can discard using the discovered > DNS server in the attached network, and connect to a public DNS resolver meeting the endpoint privacy > preserving data policy requirements. Again, it is the other way around. Users should not need or want to trust the local network. My laptop mostly connects to completely unknown networks with zero trust _or_ a trusted enterprise network. What are these networks that a user should "trust to filter or log their DNS for them" ? > The proposed mechanism also helps the DNS client to automatically learn updates to the privacy claims by a DNS > server and avoids the need for users to periodically manually review the privacy statement. Again, this is fixing a problem that I do not think exists. Why should I trust or not trust this network with DNS to begin with? Their privacy policy update will not change that for me. Either, they were already too weak for me to trust, so I don't care about their DNS privacy policy update, or I trusted them already, in which case it seems I trust them more than my own trusted DNS - AKA I'm forced to trust them (an enterprise network). > The privacy policy information helps make the decision whether the DNS provider can be trusted or not. No it does not. It can only tell me when I for sure cannot trust them. Since I did not audit their logging, I can never be sure to trust them. It's like saying a privacy policy will select whether I use HTTP:// or HTTPS://. That is not the question. The question is why would I ever use HTTP:// ? > I'm still not convinced this statement is wrong. And additionally can > see some serious harmful effects into mandatory censorship if this kind > of system becomes mandatory on people's devices. > > I disagree, the proposal helps the user to choose a DNS server that best supports the desired privacy > policies. I either have a really good DNS provider that I fully trust up my sleeve, or I don't. If I do, I don't need the local network one. If I don't, I have no choice but the use the local network one. > DNS clients do not need to fallback to clear text DNS, and can use the DoT/DoH server provided by > the local network. Then why should I ever take a risk that this local network has a privacy policy that does not actually match its implementation? > Further, it also provides a mechanism to securely signal to the DNS client that the > attached network performs DNS filtering. You cannot signal securely unless I have a trust anchor already on my device that would be used. If this is a CA-type store of hundreds of trust anchors, I cannot really trust them for this decision over a personally selected known safe choice. If it is enterprise specific, we already have mechanisms in place for securely obtaining updated DNS mechanisms. Like via VPN using RFC 8598. Paul
- [Add] Fwd: New Version Notification for draft-red… tirumal reddy
- Re: [Add] Fwd: New Version Notification for draft… Paul Wouters
- Re: [Add] Fwd: New Version Notification for draft… tirumal reddy
- Re: [Add] Fwd: New Version Notification for draft… Michael Richardson
- Re: [Add] Fwd: New Version Notification for draft… Paul Wouters
- Re: [Add] Fwd: New Version Notification for draft… Michael Richardson
- Re: [Add] Fwd: New Version Notification for draft… tirumal reddy
- Re: [Add] Fwd: New Version Notification for draft… Paul Wouters
- Re: [Add] Fwd: New Version Notification for draft… tirumal reddy
- Re: [Add] Fwd: New Version Notification for draft… Paul Wouters
- Re: [Add] Fwd: New Version Notification for draft… Michael Richardson
- Re: [Add] Fwd: New Version Notification for draft… Paul Wouters
- Re: [Add] Fwd: New Version Notification for draft… tirumal reddy