IETF Logo Mail Archive

Re: [Add] fixing coffee shop brokenness with DoH

Joseph Lorenzo Hall <joe@cdt.org> Wed, 24 July 2019 11:52 UTC

Return-Path: <jhall@cdt.org>
X-Original-To: add@ietfa.amsl.com
Delivered-To: add@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BCEEE120183 for <add@ietfa.amsl.com>; Wed, 24 Jul 2019 04:52:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.998
X-Spam-Level:
X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cdt.org
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3s0wnN2-eUeL for <add@ietfa.amsl.com>; Wed, 24 Jul 2019 04:52:39 -0700 (PDT)
Received: from mail-io1-xd2a.google.com (mail-io1-xd2a.google.com [IPv6:2607:f8b0:4864:20::d2a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A3B1A12018B for <add@ietf.org>; Wed, 24 Jul 2019 04:52:36 -0700 (PDT)
Received: by mail-io1-xd2a.google.com with SMTP id i10so88848076iol.13 for <add@ietf.org>; Wed, 24 Jul 2019 04:52:36 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cdt.org; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=iOK1nfJpDLtKircc4jUBJ/TCUWO6Duc3/0kQCvCokco=; b=N/nhNsvrjjM+7Zego6CpqymMSiLll/qNub0qaw7DGJVPHKB1JQQeTVI5cImrE1rjVE /tX6vsUtD2CYihExFNFA6CZ0C7eJCCrR1Bb5UuXa6AfN3U5ssoD5PRf01orua9AaXWjO F5dlOY0/ndHfNieKaVdDR//UOL+DHb2XYJJws=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=iOK1nfJpDLtKircc4jUBJ/TCUWO6Duc3/0kQCvCokco=; b=LQQtW4S98PeyesQYO2IqzYglPylCnIDLJ98t26qe1mOTled2p7Ee8J0XCaSc1B1sul 4UZ9WqlU0D1ir0wm3bxLtnwf+as2bTHdGxPDySLARU9sXSBbMjRPD1gi4tvsotQbLRsM 46zpm5As7CY6yMwS9UrC2cFN/FlQLNr/WAkkBFw/prz8zL+XlrwfLaWXjYUCn0sbqFZ+ qZPhen3RLmnUfQqA/lLm4QdbQGp5l313x715Sm6+/MRBVx1iEpk/vkuYXfV4RI9BlFm/ qS9nwkqCSm9BDUw+//xrsMct7IiJyAkOG1L5v25owEc9Rso6g5U6vxnIdZhNVwE3p3+q qbuA==
X-Gm-Message-State: APjAAAXxkwu0EZHBKVr6saTWPPzA4fbcu+J6rCp2lXv/AnzgYxXA3WD2 r1Wnv9ZJcD0RjAM/UpeyloiVgv0k2d+HMCs7prs74w==
X-Google-Smtp-Source: APXvYqwpwCK3UJJQ3ZF7SGrB5TmaQCG4GV2jhg32bY+mH8IKcXzhMPEbBICTK52RAGkH/L0oddYd+AHEwQVT1HUgiH4=
X-Received: by 2002:a5d:8195:: with SMTP id u21mr76806236ion.260.1563969155584; Wed, 24 Jul 2019 04:52:35 -0700 (PDT)
MIME-Version: 1.0
References: <CAChr6Sx9TEt6CMzRRrdb-HwT_k987oW=4yF1FCbDF17zkaE2Vg@mail.gmail.com> <2D09D61DDFA73D4C884805CC7865E6114E23910C@GAALPA1MSGUSRBF.ITServices.sbc.com> <14DF8769-A817-4C06-9140-80198518244F@akamai.com> <CAChr6SzH1EycAr5n+dK5BQcG=0Zsw66qE=8Rptvq7SEoEvQQ=Q@mail.gmail.com> <E5A0DAE2-A718-41EA-B490-58ABD0F31CF2@rfc1035.com> <CAChr6SzvUZS4Ru_SttiZgWtjwBuLrzc_fdewq9w-Ts+Rq_oNHw@mail.gmail.com> <9E8BD2C4-D750-4B8C-BA34-AC4425F2951D@gmail.com> <CAChr6Szo+1x6BnU2XH2A0o7CTQrQhFVPYezR7KQVLw-nWToULg@mail.gmail.com> <MN2PR21MB12134C6B57220E1B8BF5C811FAC60@MN2PR21MB1213.namprd21.prod.outlook.com> <CABtrr-Ue6rAom3ubJc_tPbn37T8HPGPabzX=CxT9UmiicbUtXQ@mail.gmail.com> <343D8DDD-CCEC-4DAB-85D9-B6ED8ABAB91B@gmail.com> <CABtrr-W178F8TZ78X51xrMCC9PE79n=6QzvLaNpuGpU18EPFiA@mail.gmail.com> <10762BA8-491F-474B-B23A-B7E5BD94F480@gmail.com>
In-Reply-To: <10762BA8-491F-474B-B23A-B7E5BD94F480@gmail.com>
From: Joseph Lorenzo Hall <joe@cdt.org>
Date: Wed, 24 Jul 2019 07:52:23 -0400
Message-ID: <CABtrr-Ugkr0qqSwUPes7cS1RhcJw7kLeLzf9en-JGSyTi_eM8Q@mail.gmail.com>
To: Bret Jordan <jordan.ietf@gmail.com>
Cc: Jim Reid <jim@rfc1035.com>, Rob Sayre <sayrer@gmail.com>, Tommy Jensen <Jensen.Thomas=40microsoft.com@dmarc.ietf.org>, "add@ietf.org" <add@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000f56f73058e6bf136"
Archived-At: <https://mailarchive.ietf.org/arch/msg/add/wG7eeeVITMdwUvnpSTCCoHqjcfw>
Subject: Re: [Add] fixing coffee shop brokenness with DoH
X-BeenThere: add@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Applications Doing DNS <add.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/add>, <mailto:add-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/add/>
List-Post: <mailto:add@ietf.org>
List-Help: <mailto:add-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/add>, <mailto:add-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 24 Jul 2019 11:52:42 -0000

Sure, and there are countervailing considerations... e.g., that same
privacy policy (legally) limits what tracking that endpoint can do. Plus,
I'm not as confident in my own ability to protect that resolver and
associated data as I am about Cloudflare (or Google, etc.)

On Wed, Jul 24, 2019 at 07:42 Bret Jordan <jordan.ietf@gmail.com> wrote:

> My point is centralization of dns queries seems like a far larger
> potential problem.  Especially when the query is over http and can easily
> allow extra headers so the end user can be fully tracked.
>
> Bret
>
> Sent from my Commodore 128D
>
> PGP Fingerprint: 63B4 FC53 680A 6B7D 1447  F2C0 74F8 ACAE 7415 0050
>
> On Jul 24, 2019, at 7:36 AM, Joseph Lorenzo Hall <joe@cdt.org> wrote:
>
> I can do that but the user base we represent at CDT cannot. So not an
> answer.
>
> On Wed, Jul 24, 2019 at 07:33 Bret Jordan <jordan.ietf@gmail.com> wrote:
>
>> If you are really worried about it, run your own.  I do, and have for 25+
>> years.
>>
>> Bret
>>
>> Sent from my Commodore 128D
>>
>> PGP Fingerprint: 63B4 FC53 680A 6B7D 1447  F2C0 74F8 ACAE 7415 0050
>>
>> On Jul 24, 2019, at 6:19 AM, Joseph Lorenzo Hall <joe@cdt.org> wrote:
>>
>>
>>
>> On Tue, Jul 23, 2019 at 22:26 Tommy Jensen <Jensen.Thomas=
>> 40microsoft.com@dmarc.ietf.org> wrote:
>>
>>> > Are people selling DNS logs to ad tech companies? Is that the
>>> ecosystem being disrupted?
>>>
>>> Given how many valid points have been brought up in the last few weeks
>>> about the drawbacks of centralized app-configured DNS, I don’t think the
>>> glib tone is constructive.
>>>
>>
>> Tone aside, to some users, centralization is a benefit in that they don't
>> have a bunch of unknown privacy policies applying to the resolution of the
>> names they need. For example, the privacy policy of 1.1.1.1 is pretty
>> amazing from the perspective of data retention, secondary uses, etc. (e.g.,
>> I know my resolutions will be removed from their logs within 24 hours).
>>
>> This may seem small but it seems to be lost in the centralization/choice
>> discussion.
>>
>>> --
>> Joseph Lorenzo Hall
>> Chief Technologist, Center for Democracy & Technology [
>> https://www.cdt.org]
>> 1401 K ST NW STE 200, Washington DC 20005
>> <https://www.google.com/maps/search/1401+K+ST+NW+STE+200,+Washington+DC+20005?entry=gmail&source=g>
>> -3497
>> e: joe@cdt.org, p: 202.407.8825, pgp: https://josephhall.org/gpg-key
>> Fingerprint: 3CA2 8D7B 9F6D DBD3 4B10  1607 5F86 6987 40A9 A871
>>
>> --
> Joseph Lorenzo Hall
> Chief Technologist, Center for Democracy & Technology [https://www.cdt.org
> ]
> 1401 K ST NW STE 200, Washington DC 20005
> <https://www.google.com/maps/search/1401+K+ST+NW+STE+200,+Washington+DC+20005?entry=gmail&source=g>
> -3497
> e: joe@cdt.org, p: 202.407.8825, pgp: https://josephhall.org/gpg-key
> Fingerprint: 3CA2 8D7B 9F6D DBD3 4B10  1607 5F86 6987 40A9 A871
>
> --
Joseph Lorenzo Hall
Chief Technologist, Center for Democracy & Technology [https://www.cdt.org]
1401 K ST NW STE 200, Washington DC 20005-3497
e: joe@cdt.org, p: 202.407.8825, pgp: https://josephhall.org/gpg-key
Fingerprint: 3CA2 8D7B 9F6D DBD3 4B10  1607 5F86 6987 40A9 A871

v2.23.0 | Report a Bug | By Email