Re: [arch-d] <draft-lazanski-consolidation-00>
Vittorio Bertola <vittorio.bertola@open-xchange.com> Wed, 11 November 2020 13:15 UTC
Return-Path: <vittorio.bertola@open-xchange.com>
X-Original-To: architecture-discuss@ietfa.amsl.com
Delivered-To: architecture-discuss@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 52FB63A10D2 for <architecture-discuss@ietfa.amsl.com>; Wed, 11 Nov 2020 05:15:03 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.099
X-Spam-Level:
X-Spam-Status: No, score=-2.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=open-xchange.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9MCDhE-SO17r for <architecture-discuss@ietfa.amsl.com>; Wed, 11 Nov 2020 05:15:00 -0800 (PST)
Received: from mx3.open-xchange.com (alcatraz.open-xchange.com [87.191.39.187]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D0CB53A0D72 for <architecture-discuss@ietf.org>; Wed, 11 Nov 2020 05:14:59 -0800 (PST)
Received: from open-xchange.com (imap.open-xchange.com [10.20.30.10]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx3.open-xchange.com (Postfix) with ESMTPS id 6615C6A23D; Wed, 11 Nov 2020 14:14:57 +0100 (CET)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=open-xchange.com; s=201705; t=1605100497; bh=H0uLja78fb7lJv86bWK7YLEDaeqnNBKOr87mGK1CClI=; h=Date:From:To:In-Reply-To:References:Subject:From; b=nqHbnt8ph2bcDeKNTs6xPYC/aTBi01HV2R0lDc7qctmSaG8VjiwvXjH1t5PGlO2hE Z1VHPegxj5ik1006IUK+C+Ik0cq5zD4zGZC53LkYRWBBwYj2BpakAfe3wa/WECI9Ba YE61e3JRxyNU2APEythHi5fz30wpPmOvZrPZtpz8AbfWwRECu1c1Z2Bz24P4CgxL3w uY0TIY2uiwg1M7+Vges5Q+QpEeX4iyPPfwZ9YIziTVbNt9S9P6/1Ht/rx+wR9UiiMC C2Hmb44Dfwc3F4lkwq19Tcq7UF9b8pLlVj2baf2xnifl9fJp3WItuqHdgZChgz+wSC f1cln9q2LRJ+w==
Received: from appsuite-gw1.open-xchange.com (appsuite-gw1.open-xchange.com [10.20.28.81]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by open-xchange.com (Postfix) with ESMTPSA id 5599A3C001A; Wed, 11 Nov 2020 14:14:57 +0100 (CET)
Date: Wed, 11 Nov 2020 14:14:57 +0100
From: Vittorio Bertola <vittorio.bertola@open-xchange.com>
To: Martin Thomson <mt@lowentropy.net>, architecture-discuss@ietf.org
Message-ID: <1559092599.16379.1605100497247@appsuite-gw1.open-xchange.com>
In-Reply-To: <c18b290b-b0c1-4056-b678-3f07475279c0@www.fastmail.com>
References: <3B4C73E8-1215-43CB-B969-56A2554F1348@lastpresslabel.com> <2bfceb63-1b94-de6f-72e8-4d80eef356f5@digitaldissidents.org> <c18b290b-b0c1-4056-b678-3f07475279c0@www.fastmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: 7bit
X-Priority: 3
Importance: Normal
X-Mailer: Open-Xchange Mailer v7.10.4-Rev10
X-Originating-Client: open-xchange-appsuite
Autocrypt: addr=vittorio.bertola@open-xchange.com; prefer-encrypt=mutual; keydata= mQENBFhFR+UBCACfoywFKBRfzasiiR9/6dwY36eLePXcdScumDMR8qoXvRS55QYDjp5bs+yMq41qWV9 xp/cqryY9jnvHbeF3TsE5yEazpD1dleRbkpElUBpPwXqkrSP8uXO9KkS9KoX6gdml6M4L+F82WpqYC1 uTzOE6HPmhmQ4cGSgoia2jolxAhRpzoYN99/BwpvoZeTSLP5K6yPlMPYkMev/uZlAkMMhelli9IN6yA yxcC0AeHSnOAcNKUr13yXyMlTyi1cdMJ4sk88zIbefxwg3PAtYjkz3wgvP96cNVwAgSt4+j/ZuVaENP pgVuM512m051j9SlspWDHtzrci5pBKKFsibnTelrABEBAAG0NUJlcnRvbGEsIFZpdHRvcmlvIDx2aXR 0b3Jpby5iZXJ0b2xhQG9wZW4teGNoYW5nZS5jb20+iQFABBMBAgAqBAsJCAcGFQoJCAsCBRYCAwEAAp 4BAhsDBYkSzAMABQMAAAAABYJYRUflAAoJEIU2cHmzj8qNaG0H/ROY+suCP86hoN+9RIV66Ej8b3sb8 UgwFJOJMupZfeb9yTIJwE4VQT5lTt146CcJJ5jvxD6FZn1Htw9y4/45pPAF7xLE066jg3OqRvzeWRZ3 IDUfJJIiM5YGk1xWxDqppSwhnKcMOuI72iioWxX0nGQrWxpnWJsjt08IEEwuYucDkul1PHsrLJbTd58 fiMKLVwag+IE1SPHOwkPF6arZQZIfB5ThtOZV+36Jn8Hok9XfeXWBVyPkiWCQYVX39QsIbr0JNR9kQy 4g2ZFexOcTe8Jo12jPRL7V8OqStdDes3cje9lWFLnX05nrfLuE0l0JKWEg8akN+McFXc+oV68h7nu5A Q0EWEVH5QEIAIDKanNBe1uRfk8AjLirflZO291VNkOAeUu+dIhecGnZeQW6htlDinlYOnXhtsY1mK9W PUu+xshDq7lXn2G0LxldYwyJYZaJtDgIKqVqwxfA34Lj27oqPuXwcvGhdCgt0SW/YcalRdAi0/AzUCu 5GSaj2kaGUSnBYYUP4szGJXjaK2psP5toQSCtx2pfSXQ6MaqPK9Zzy+D5xc6VWQRp/iRImodAcPf8fg JJvRyJ8Jla3lKWyvBBzJDg6MOf6Fts78bJSt23X0uPp93g7GgbYkuRMnFI4RGoTVkxjD/HBEJ0CNg22 hoHJondhmKnZVrHEluFuSnW0wBEIYomcPSPB+cAEQEAAYkBMQQYAQIAGwUCWEVH5QIbDAQLCQgHBhUK CQgLAgUJEswDAAAKCRCFNnB5s4/KjdO8B/wNpvWtOpLdotR/Xh4fu08Fd63nnNfbIGIETWsVi0Sbr8i E5duuGaaWIcMmUvgKe/BM0Fpj9X01Zjm90uoPrlVVuQWrf+vFlbalUYVZr51gl5UyUFHk+iAZCAA0WB rsmACKvuV1P7GuiX3UV9b59T9taYJxN3dNFuftrEuvsqHimFtlekUjUwoCekTJdncFusBhwz2OrKhHr WWrEsXkfh0+pURWYAlKlTxvXuI7gAfHEQM+6OnrWvXYtlhd0M1sBPnCjbyG63Qws7Rek9bEWKtH6dA6 dmT2FQT+g1S9Mdf0WkPTQNX0x24dm8IoHuD3KYwX7Svx43Xa17aZnXqUjtj1
Archived-At: <https://mailarchive.ietf.org/arch/msg/architecture-discuss/c2x5tQtTZ742fuLP9EUF3UwtQ3k>
Subject: Re: [arch-d] <draft-lazanski-consolidation-00>
X-BeenThere: architecture-discuss@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: open discussion forum for long/wide-range architectural issues <architecture-discuss.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/architecture-discuss>, <mailto:architecture-discuss-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/architecture-discuss/>
List-Post: <mailto:architecture-discuss@ietf.org>
List-Help: <mailto:architecture-discuss-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/architecture-discuss>, <mailto:architecture-discuss-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 11 Nov 2020 13:15:03 -0000
> Il 10/11/2020 02:43 Martin Thomson <mt@lowentropy.net> ha scritto: > > The draft doesn't suggest any particular course of action in response for these protocols (QUIC, TLS, DoH) in response to the implication that they drive consolidation. If I were to infer that refusal to standardize is an option, I posit that that would have a severe deleterious effect on the playing field. It wouldn't remove the desire to deploy such mechanisms, but it would affect the availability of technology to smaller players. +1 to this. In fact, the (non-technical) problems do not come from having standardized a protocol, but from having failed to gather and address the non-technical requirements of all stakeholders before finalizing and deploying the standard. > The document claims that DoH deployment was forced. The claim is that this was not market forces at work. I have to reject that thesis entirely. While I agree with the author of RFC 8890 that the development of RFC 8484 had some issues (some of which were novel, all of which are worth learning from), the progress toward deployment seems to me to be unremarkable. It's a deployment with a disruptive technical innovation that has a displacement effect on some incumbents, for sure, which are never painless, but it's not like Microsoft or Apple or Google or Comcast or any of the other actors who have responded are responding to force. They are responding to market pressures. The problem, however, is that consolidation *is* the effect of market pressures. The global regulatory discussion around Internet platforms is indeed a discussion about rules that could prevent these market pressures from reaching a short-term optimal point which is damaging to the market itself in the long term, and that endangers fundamental rights and public policy needs. > This is FUD, and I'm disappointed to see it repeated here: > > > By routing the DNS over HTTPS, it becomes much easier to track user > > activity through the use of cookies. Therefore a protocol that was > > developed to enhance user privacy and security could actually > > undermine both: privacy through the use of cookies and security by > > consolidating DNS traffic onto far fewer resolver operators that are > > far more attractive targets for malicious actors of various types. > > Yes, cookies are terrible. Which is why no DoH implementation I'm aware of pays any attention to them. That's a simplification, but the suggestion that client implementations don't take all reasonable steps to manage privacy risks and the trade-offs involved demonstrates a lack of understanding. However, when you design a protocol, you should also take into consideration how it could be misused. If you design a protocol that gives an additional possibility for user tracking to a sector of the Internet industry that in many cases has user tracking and profiling as its main source of revenues, then there will be a natural business incentive for these companies to activate the tracking sooner or later. Of course you can rely on a pledge that they will never do so, but still, you created a new risk by design. -- Vittorio Bertola | Head of Policy & Innovation, Open-Xchange vittorio.bertola@open-xchange.com Office @ Via Treviso 12, 10144 Torino, Italy
- Re: [arch-d] <draft-lazanski-consolidation-00> Niels ten Oever
- [arch-d] <draft-lazanski-consolidation-00> Dominique Lazanski
- Re: [arch-d] <draft-lazanski-consolidation-00> Martin Thomson
- Re: [arch-d] <draft-lazanski-consolidation-00> Rob Wilton (rwilton)
- Re: [arch-d] <draft-lazanski-consolidation-00> Vittorio Bertola
- Re: [arch-d] <draft-lazanski-consolidation-00> Eric Rescorla
- Re: [arch-d] <draft-lazanski-consolidation-00> Martin Thomson
- Re: [arch-d] <draft-lazanski-consolidation-00> Christian Huitema
- Re: [arch-d] <draft-lazanski-consolidation-00> Christian Huitema
- Re: [arch-d] <draft-lazanski-consolidation-00> Vittorio Bertola
- Re: [arch-d] <draft-lazanski-consolidation-00> Christian Huitema