IETF Logo Mail Archive

Re: [Add] [EXTERNAL] Re: draft-grover-add-policy-detection-00

Rob Sayre <sayrer@gmail.com> Tue, 16 July 2019 16:10 UTC

Return-Path: <sayrer@gmail.com>
X-Original-To: add@ietfa.amsl.com
Delivered-To: add@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 08D9212087B for <add@ietfa.amsl.com>; Tue, 16 Jul 2019 09:10:39 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.997
X-Spam-Level:
X-Spam-Status: No, score=-1.997 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id VbBfYdLY8Quv for <add@ietfa.amsl.com>; Tue, 16 Jul 2019 09:10:37 -0700 (PDT)
Received: from mail-io1-xd43.google.com (mail-io1-xd43.google.com [IPv6:2607:f8b0:4864:20::d43]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6A633120879 for <add@ietf.org>; Tue, 16 Jul 2019 09:10:37 -0700 (PDT)
Received: by mail-io1-xd43.google.com with SMTP id g20so40778680ioc.12 for <add@ietf.org>; Tue, 16 Jul 2019 09:10:37 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=s2kkACFEiAaEFAW84b0dGctUBtXgRCxU6uVpXnYoRPU=; b=q+s4apAToKjEbTF8MN+bxTzVELEwoqZ+SSZYW/6sOAyD6kkmUZjxDo0bAGj27wKkqn AX2SKlvthxviDqUjmq4RioWLhhVshVmKfY6P61smJPbzFM1XlxgA0oZxLK7w/I/rP71K euwNDfsuml9Swvc/tXoKZAyn8uHlS+Yv3DGY6zQLeucvB9zYZUg0VmTqEFSJPHPnzVFT jyOTdzVa8QdX7U7nlICfmCATxPn0xJVmKK54nGtXno0/yS7a8smvLn7ZHLaNrQmdur9y rEP+6UrsWZvKNl3DPHT9PK1niM4LhftR5mnPbTqLuc+rLYwXRAMe+aCFcilQ0VuRZGYI RWZQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=s2kkACFEiAaEFAW84b0dGctUBtXgRCxU6uVpXnYoRPU=; b=tmLlKkd5ObliYyc50T80JhFlbnYttCMhTv0hnvQXYAgfACxShgtmpbpli+nDHfvtYu WFL1vt8MlQAFhmcl/yS+085eWsheWhipabUcgrgqssdc8BXb3js+7HtRAWQhk/baYNQy DYcFXeFy8NWnxs+lKGguRDOOQArAdbePZqHcHIJaeNsUCeuZVpKnDvzY82rt9vQ2A814 7MLLk18XaZciL9a3UQL0qcG1XvgRXkBzB4WDmyqZj2k5dOcRI9qBTD8QwNNuOQqmB2yM Nx34tQ+Lkm9yWni2xAyD/2V5S4cacOWrDm+Nhw08JvtGg++lRfg8aoOAKgGVjVfHUnnG vbIA==
X-Gm-Message-State: APjAAAWV6OAqpnzyw+gegUyzNQ4eezpkv/B6sryWjhfCcnmFtH2T4bta pLQGbYYfpX0gOasL0+sOB2m/B5JAislQT8dV+W0=
X-Google-Smtp-Source: APXvYqxeg9SY91Fqtyca1doYpTFFYV4JP4SpnIG1K6/D3ZftbDO3eZq7oDnmuyaj5wRg6V9bd0crib45JDG5IVkzIo4=
X-Received: by 2002:a6b:6d07:: with SMTP id a7mr9099377iod.254.1563293435449; Tue, 16 Jul 2019 09:10:35 -0700 (PDT)
MIME-Version: 1.0
References: <CAChr6SwEUz9MrdRA0bnv9f-oNi0oUHkfRKjd9-o6jwhuckLXdw@mail.gmail.com> <CAFWeb9LNdT=EYVKTsYDxcBCQKoQFNShKotYtWujt4U9GA-V1mg@mail.gmail.com> <CAFWeb9+eWKSKY9O2JLn9-0+Zq7hrD48F-y+Y4T-iRaaF0vtdOA@mail.gmail.com> <A45F4F74-D6C1-435A-A52F-C2DEA82E2999@sky.uk> <CAFWeb9JVBj+Yehup5q4v9X-7XDY+02frd-04AQGL2HoSLON2qA@mail.gmail.com> <CABcZeBMY9q9vKGse1svzbvXF_dSHA+9q06j4ugDVCZP9VT1koQ@mail.gmail.com> <CAChr6Sz5Rfz=UxOYuPguSvVK2HCX2ZoA1-FytW7+EOUxN8y46Q@mail.gmail.com> <CABcZeBNB7ASu2U3ZMBZ+OOxEhbSnhDXwFN3Lsex1uzVSDv3R=Q@mail.gmail.com>
In-Reply-To: <CABcZeBNB7ASu2U3ZMBZ+OOxEhbSnhDXwFN3Lsex1uzVSDv3R=Q@mail.gmail.com>
From: Rob Sayre <sayrer@gmail.com>
Date: Tue, 16 Jul 2019 09:10:24 -0700
Message-ID: <CAChr6SwEwRRX7BA6ZCeBuC93hFxbfi3d7G_3G3VA7Lm09yuneg@mail.gmail.com>
To: Eric Rescorla <ekr@rtfm.com>
Cc: Alec Muffett <alec.muffett@gmail.com>, add@ietf.org, "Dixon, Hugh" <Hugh.Dixon@sky.uk>
Content-Type: multipart/alternative; boundary="000000000000e657bc058dce9dc9"
Archived-At: <https://mailarchive.ietf.org/arch/msg/add/ue1Lzk0A38IAMjgudIjjW-9DsWw>
Subject: Re: [Add] [EXTERNAL] Re: draft-grover-add-policy-detection-00
X-BeenThere: add@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Applications Doing DNS <add.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/add>, <mailto:add-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/add/>
List-Post: <mailto:add@ietf.org>
List-Help: <mailto:add-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/add>, <mailto:add-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 16 Jul 2019 16:10:39 -0000

On Tue, Jul 16, 2019 at 8:38 AM Eric Rescorla <ekr@rtfm.com> wrote:

>
> They are often done, but not always. For instance:
>
> https://www.xfinity.com/support/articles/set-up-parental-controls-with-comcast-networking
> https://www.quad9.net/faq/#How_does_Quad9_protect_me_from_malicious_domains
>

I agree that some companies sell these products, but it doesn't seem like
they would work very well.

In any case, BCP 188 covers the issue we're describing quite well.

"The same techniques to achieve [Pervasive Monitoring] can be used
regardless of motivation.  Thus, we cannot defend against the most
nefarious actors while allowing monitoring by other actors no matter how
benevolent some might consider them to be, since the actions required of
the attacker are indistinguishable from other attacks."

Pervasive Monitoring Is an Attack
https://tools.ietf.org/html/rfc7258

thanks,
Rob

v2.23.0 | Report a Bug | By Email