IETF Logo Mail Archive

Re: [Add] What to do in this potential working group

Jari Arkko <jari.arkko@piuha.net> Thu, 22 August 2019 07:57 UTC

Return-Path: <jari.arkko@piuha.net>
X-Original-To: add@ietfa.amsl.com
Delivered-To: add@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4FE331201E0 for <add@ietfa.amsl.com>; Thu, 22 Aug 2019 00:57:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.898
X-Spam-Level:
X-Spam-Status: No, score=-1.898 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_NONE=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id nKZYc6R4v8jF for <add@ietfa.amsl.com>; Thu, 22 Aug 2019 00:57:22 -0700 (PDT)
Received: from p130.piuha.net (p130.piuha.net [193.234.218.130]) by ietfa.amsl.com (Postfix) with ESMTP id 09DF11200C7 for <add@ietf.org>; Thu, 22 Aug 2019 00:57:22 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by p130.piuha.net (Postfix) with ESMTP id B31F16601F5; Thu, 22 Aug 2019 10:57:19 +0300 (EEST)
Received: from p130.piuha.net ([127.0.0.1]) by localhost (p130.piuha.net [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Z_aHyKKQvjCD; Thu, 22 Aug 2019 10:57:17 +0300 (EEST)
Received: from [127.0.0.1] (p130.piuha.net [IPv6:2001:14b8:1829::130]) by p130.piuha.net (Postfix) with ESMTPS id A83DA66012C; Thu, 22 Aug 2019 10:57:17 +0300 (EEST)
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 10.3 \(3273\))
From: Jari Arkko <jari.arkko@piuha.net>
In-Reply-To: <alpine.DEB.2.20.1908220921190.4312@tvnag.unkk.fr>
Date: Thu, 22 Aug 2019 10:57:17 +0300
Cc: Adam Roach <adam@nostrum.com>, add@ietf.org
Content-Transfer-Encoding: quoted-printable
Message-Id: <87C8E6E6-2DEE-4637-9C86-65B27615611C@piuha.net>
References: <A1128702-1E19-4657-9740-E84AE09992F2@piuha.net> <CABcZeBMfOTjq-8hDDoKMtJvfHUA5nC8o60zuk-2Xe-ZhfwriJQ@mail.gmail.com> <766112E1-F532-4C6B-8CA8-A096671E02EE@piuha.net> <CA+9kkMAfuOwJu8_qJTuhAY4mUwR+tVUxr+k3QFHBk3byV672Ow@mail.gmail.com> <E83D9594-E7CB-4DAC-8EDC-333E9B0964F1@piuha.net> <279abf8c-198b-5da8-1cb9-4f86bf1f37c7@nostrum.com> <D547C79F-771D-41CC-B86E-3B08140FB7BC@piuha.net> <alpine.DEB.2.20.1908220921190.4312@tvnag.unkk.fr>
To: Daniel Stenberg <daniel@haxx.se>
X-Mailer: Apple Mail (2.3273)
Archived-At: <https://mailarchive.ietf.org/arch/msg/add/uMKjPglLf_aOGG3CtZN9ud7LNeA>
Subject: Re: [Add] What to do in this potential working group
X-BeenThere: add@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Applications Doing DNS <add.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/add>, <mailto:add-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/add/>
List-Post: <mailto:add@ietf.org>
List-Help: <mailto:add-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/add>, <mailto:add-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 22 Aug 2019 07:57:24 -0000

Daniel,

I agree of course that there are different situations, and that in some cases DHCP default is the wrong option as well. I know in my mom’s case it would have been the right answer, however. But the architectural point I wanted to raise was that regardless of the differences in any specific selection of a server, there seems to be a clear downside to having everyone select the same server. The data source that this creates is far too valuable to be put in one place.

I do have another point as well. We’re not limited to two options — there’s more choice than “trust your network/evil-local-dns-filter” and “trust the quad-n/large-content-provider/nsa”. If people really are serious about improving security and privacy, how about, for instance, creating a collaborative group of content providers, ISPs, and other organisations that wish to provide clean, unfiltered, and not commercially mined DNS service, and have clients use that in some distributed fashion?

I’m obviously handwaving the solution a bit, but my point is — if we want to make an improvement, then it should be an incumbent on us to do a full solution. Shipping my mom’s queries to a single entity /w possible risk of surveillance and other leaks is a recipe for insufficient design, IMHO. If we want an improvement, sell me a solution that I actually want, one that does improve my privacy and resilience against filtering.

Jari

v2.23.0 | Report a Bug | By Email