Re: [Add] Fwd: New Version Notification for draft-reddy-dprive-dprive-privacy-policy-00.txt
tirumal reddy <kondtir@gmail.com> Tue, 08 October 2019 15:27 UTC
Return-Path: <kondtir@gmail.com>
X-Original-To: add@ietfa.amsl.com
Delivered-To: add@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D5FA11200B1 for <add@ietfa.amsl.com>; Tue, 8 Oct 2019 08:27:00 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.997
X-Spam-Level:
X-Spam-Status: No, score=-1.997 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pYzQdVjchG2e for <add@ietfa.amsl.com>; Tue, 8 Oct 2019 08:26:58 -0700 (PDT)
Received: from mail-io1-xd32.google.com (mail-io1-xd32.google.com [IPv6:2607:f8b0:4864:20::d32]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CEC5C120096 for <add@ietf.org>; Tue, 8 Oct 2019 08:26:57 -0700 (PDT)
Received: by mail-io1-xd32.google.com with SMTP id v2so37316894iob.10 for <add@ietf.org>; Tue, 08 Oct 2019 08:26:57 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=+RIo3VDxXjpPIkIeefCOQHurldSenYjymSjTAOwYFMU=; b=CeJkOCGeksB+FuSuA44HQNFNflm7qq2rkm+n8HE33w7flLI83oeGL7bgQ6RKhD4Jti 5KoNN44bXULivvbZAbAp2Z0oX9JUzWGkoaDz5jCOXfQvkgWZwsu8paT6df0aBjCdWCp7 c+89jQ/n+RLejKzCa+ky3EgwDJn8mxFPSx4hwyhCvQgtA/rPAy3fn+oNXBQONtb8evO+ mSDAZhUkjfUYS9+EOLULJ5qENUAzGF6qA5NFXlclmSaftU91nZ8xD+CJhxxYbcQ4Kcpf rmdWO/NB5dqo7B8Ma26qrkzUDfiNW6V0Ue4EtrGLJYZ0aM0YprzNlKevK8tvl5qJJGf1 dxVw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=+RIo3VDxXjpPIkIeefCOQHurldSenYjymSjTAOwYFMU=; b=KzackobEQHUMzUcdDIjmuVEphts7MKCmAFHvMmgoeB8EokA1Ip8F8aKygcXsnoq914 wvd642EJ1uac+UVdN/jYArAis5cx2sQURIEabAWsNUyBMN4RjKJTFIc1t6EDIw2JO8uP LjzR0SCeoMfkK0AxfsAYM3cSbRWL+SvYct6ofZdb34ljnYlr91aaBW2yDQvtqbDgt4t7 SkbZL7NYHHva39lcVF8y3ku0ApvZr3vkgkz6zXxfHny1/30ItIb4x1csslohcicQf78H ZMZ6W5HZrg9yV5vU5rd1L0ADslOprzy/qkgVxrveISxhlvLGW3n36NJd3AbH1lhvhSw+ W/tw==
X-Gm-Message-State: APjAAAXeChG4Zgzu+3tE04tB8tmpL2uD50vrAmVz3HSwJRqWp2hQUaB6 NJG5YNkcA4p9Fie5bUEQMFRg2CoMp6AeNNrvUWu2Tcl7tjY=
X-Google-Smtp-Source: APXvYqzAQW7LTFPYyeN8INt7qM1Xc2nG6hmRkDTRJLJ9SPi3vHjG7BTUCWKom9wnzFnoIM8ElsAI5lh8R/MeiBDMDk0=
X-Received: by 2002:a05:6638:294:: with SMTP id c20mr32511147jaq.77.1570548417033; Tue, 08 Oct 2019 08:26:57 -0700 (PDT)
MIME-Version: 1.0
References: <157009854908.16293.4269133049514081713.idtracker@ietfa.amsl.com> <CAFpG3gdpYASvfz_ey=fsh6+8LQ11EJGyU-dVxH7_1QmVeiAQKg@mail.gmail.com> <alpine.LRH.2.21.1910051351420.26913@bofh.nohats.ca> <CAFpG3gfLLkdZt-b+r=8RY8a+yoJx2tzQOevnOLkNQSm9g9QuDw@mail.gmail.com> <alpine.LRH.2.21.1910070925260.8046@bofh.nohats.ca>
In-Reply-To: <alpine.LRH.2.21.1910070925260.8046@bofh.nohats.ca>
From: tirumal reddy <kondtir@gmail.com>
Date: Tue, 08 Oct 2019 16:26:45 +0100
Message-ID: <CAFpG3ge=zF0W1PzZjc=ysxVzir4tMVa=8ZHs5qyxg4NbE73SPw@mail.gmail.com>
To: Paul Wouters <paul@nohats.ca>
Cc: ADD Mailing list <add@ietf.org>
Content-Type: multipart/alternative; boundary="0000000000007ff90e059467cc2a"
Archived-At: <https://mailarchive.ietf.org/arch/msg/add/wCXyJK7cI8h0tQ_LarIVvCuf-H4>
X-Mailman-Approved-At: Wed, 09 Oct 2019 00:36:59 -0700
Subject: Re: [Add] Fwd: New Version Notification for draft-reddy-dprive-dprive-privacy-policy-00.txt
X-BeenThere: add@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Applications Doing DNS <add.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/add>, <mailto:add-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/add/>
List-Post: <mailto:add@ietf.org>
List-Help: <mailto:add-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/add>, <mailto:add-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 08 Oct 2019 15:27:01 -0000
On Mon, 7 Oct 2019 at 14:32, Paul Wouters <paul@nohats.ca> wrote: > On Mon, 7 Oct 2019, tirumal reddy wrote: > > > Section 10 Security Considerations describes well why I think this > is > > not a good idea. Publishing a privacy policy in a computer > consumable > > way has no relationship to the actual DNS server's privacy policy > > used. > > > > No, the privacy policy also conveys a URL that points to the human > readable privacy policy formation of the DNS > > server. Public DNS resolvers have published privacy policy statements > (for example, see > > > https://developers.cloudflare.com/1.1.1.1/commitment-to-privacy/privacy-policy/firefox/). > If a firm violates the privacy > > claims, it will most likely face penalty (similar to FTC imposing fine > on facebook). > > How and how would any enforcement system work for a variety of DNS > providers all over the world? ISPs? hotels? coffeeshops? Mobile > providers? Will there be an industry standard org? How will this > not devolve into government sanctioned mandatory DNS providers on > my mobile device? > Users may or may not trust the attached network and the DNS server provided by the network (e.g, a public network). It is similar to the way users disable VPN in specific trusted networks (e.g., Enterprise network) and VPN is enabled by default in all other networks. > > This is not a technical wire problem to solve with an RFC. It is a > > social-economic issue. Can we trust vendor X? And vendor X making > > claims in JSON about this isn't useful from a technical point of > > view, no matter how or where and with what such statements are > > (self)signed. > > > > Not really, you probably missed the privacy consideration section. User > consent is mandatory to use the discovered DoT/DoH > > servers, the section says the following: > > How would that not become another "we use cookies, are you okay" screen > for which I have no choice but to say "yes"? > No. If the privacy requirements of the endpoint are not met, the DNS client can discard using the discovered DNS server in the attached network, and connect to a public DNS resolver meeting the endpoint privacy preserving data policy requirements. The proposed mechanism also helps the DNS client to automatically learn updates to the privacy claims by a DNS server and avoids the need for users to periodically manually review the privacy statement. > > > Users are expected to indicate to their system in some way that they > > trust certain PAT signers (e.g., if working for Example, Inc., the > > user's system is configured to trust example.com signing the PAT). > > How is that done on my iphone? If I install vendor X application, I > already have to trust them (and google or android, etc). Another screen > of "terms and services" the enduser is forced to scroll through? > > > Separately, the user is expected to indicate to their system their > > PAT privacy requirements (e.g., logging, etc.). By doing so, thee DNS > > client can automatically discover local DNS-over-TLS or DNS-over- > > HTTPS server, validate the PAT signature and check if the PAT > > complies with user's privacy needs, prior to using that DNS-over-TLS > > or DNS-over-HTTPS server for DNS queries. > > All of these things come down to one thing. Do you trust the DNS > provider or not. It's really a binary decision. Dividing this up > in a dozen options isn't helping the average user. > The privacy policy information helps make the decision whether the DNS provider can be trusted or not. > > > It's a great topic for consumer advocay organisations, the EFF or > > ACLU or EU commisioners. I do not think this is a technical problem > > needing a technical standard from the IETF. And any automated > > consumption of this leading to changed DNS client behaviour would > > be dangerous. > > I'm still not convinced this statement is wrong. And additionally can > see some serious harmful effects into mandatory censorship if this kind > of system becomes mandatory on people's devices. > I disagree, the proposal helps the user to choose a DNS server that best supports the desired privacy policies. DNS clients do not need to fallback to clear text DNS, and can use the DoT/DoH server provided by the local network. Further, it also provides a mechanism to securely signal to the DNS client that the attached network performs DNS filtering. Cheers, -Tiru > Paul >
- [Add] Fwd: New Version Notification for draft-red… tirumal reddy
- Re: [Add] Fwd: New Version Notification for draft… Paul Wouters
- Re: [Add] Fwd: New Version Notification for draft… tirumal reddy
- Re: [Add] Fwd: New Version Notification for draft… Michael Richardson
- Re: [Add] Fwd: New Version Notification for draft… Paul Wouters
- Re: [Add] Fwd: New Version Notification for draft… Michael Richardson
- Re: [Add] Fwd: New Version Notification for draft… tirumal reddy
- Re: [Add] Fwd: New Version Notification for draft… Paul Wouters
- Re: [Add] Fwd: New Version Notification for draft… tirumal reddy
- Re: [Add] Fwd: New Version Notification for draft… Paul Wouters
- Re: [Add] Fwd: New Version Notification for draft… Michael Richardson
- Re: [Add] Fwd: New Version Notification for draft… Paul Wouters
- Re: [Add] Fwd: New Version Notification for draft… tirumal reddy