IETF Logo Mail Archive

Re: [dns-privacy] Datatracker State Update Notice: <draft-ietf-dprive-rfc7626-bis-04.txt>

Andrew Campling <andrew.campling@419.consulting> Wed, 13 May 2020 22:19 UTC

Return-Path: <andrew.campling@419.consulting>
X-Original-To: dns-privacy@ietfa.amsl.com
Delivered-To: dns-privacy@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 17C053A00E0; Wed, 13 May 2020 15:19:59 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.89
X-Spam-Level:
X-Spam-Status: No, score=-1.89 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, T_KAM_HTML_FONT_INVALID=0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=netorgft5189650.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id z6nO6fg4_3qa; Wed, 13 May 2020 15:19:57 -0700 (PDT)
Received: from GBR01-CWL-obe.outbound.protection.outlook.com (mail-eopbgr110077.outbound.protection.outlook.com [40.107.11.77]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8DBA63A00DB; Wed, 13 May 2020 15:19:56 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=cuuo79I3AfZQq1nRvBWqHLLl8NH8A8n12sFbhtVECZAzGqwMRHgm6zkikBtuKw3JldderjZOtQUPUVoYybtlgzWzTUOb3iodcCx3roSQKuVONw/TQiuFKFrkziU6j4+rE1QSBh+yUxZAjPOIzqL/gk27wsLbFVi6f86rpXHJKwk70gzR9LsyoiqYPHNEqIG2ru+fA6CvBtHPVPW3LqY05PbgBOm5IXi0rdD1ZfLmnhujE81VXamsQusgDR+RCLVnLIlwrqJ0flq/9fm3gSLHaXHsRXqBKSRUj+6uS1BLaLPFlr6n+Q/DxkTWVqUQFtSDfKSRMWTr9cjwe2YoXWR0Aw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=JR8pQUMvEGe4peOULzyU0MaozCw9k1ycu1bmt7Iv/do=; b=UkJTkcsW2E2exyCn2tMcaBVJdt8UM9O4o9PKrkmaoQybJ2xMt7P9jYhxFqQvsbro3zpx0ZD54QR4163xDd2cYEQdM9t3dZUi6vaP0GZ3p1uLBHqEKbmPQNyeKki+ks1/9YvaI22DtaC2TqXJQvgrikUFDfG4qrrcaJpbIirkIq9ZSjfoQIr2l66960EfdW2BWnb3AyXiCbuVKyuKDRBxeo/j97yir7bXn+I9a7zQMWne73MsV5MeeAslplR7XjJm0k251FOUsNmy+1IKKVy/ATW8+2hQzzYQBc+VYsKLoLQrxZMJwfsLZByC/e0fNWDAunoDsAbhota7Z9NVTY5KSQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=419.consulting; dmarc=pass action=none header.from=419.consulting; dkim=pass header.d=419.consulting; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=NETORGFT5189650.onmicrosoft.com; s=selector1-NETORGFT5189650-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=JR8pQUMvEGe4peOULzyU0MaozCw9k1ycu1bmt7Iv/do=; b=Z2IXGLJeTAHUEzcsInm0u66f0o4xEYAyqPtkq96b9KTGSh1Dzll1EFLgXrIxABF+GQim7FyZ6VZtrk4mjYklyEhMf3nKXeucVVYMiWh8aBDyt8GfrzCGYhJP44t4sc3ZGENcNpTFqg3peJUSp/9rEZCyl/JmPBhnkTuXueDaaA0=
Received: from LO2P265MB0573.GBRP265.PROD.OUTLOOK.COM (10.166.85.15) by LO2P265MB0477.GBRP265.PROD.OUTLOOK.COM (10.166.99.16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2979.33; Wed, 13 May 2020 22:19:50 +0000
Received: from LO2P265MB0573.GBRP265.PROD.OUTLOOK.COM ([fe80::683d:f224:e857:746a]) by LO2P265MB0573.GBRP265.PROD.OUTLOOK.COM ([fe80::683d:f224:e857:746a%5]) with mapi id 15.20.2979.033; Wed, 13 May 2020 22:19:50 +0000
From: Andrew Campling <andrew.campling@419.consulting>
To: Vittorio Bertola <vittorio.bertola@open-xchange.com>, Stephane Bortzmeyer <bortzmeyer@nic.fr>
CC: "dns-privacy@ietf.org" <dns-privacy@ietf.org>, "draft-ietf-dprive-rfc7626-bis@ietf.org" <draft-ietf-dprive-rfc7626-bis@ietf.org>, "dprive-chairs@ietf.org" <dprive-chairs@ietf.org>
Thread-Topic: [dns-privacy] Datatracker State Update Notice: <draft-ietf-dprive-rfc7626-bis-04.txt>
Thread-Index: AQHWKVkJXE8uHQFizUq3SpzDJbu6S6imj1Zg
Date: Wed, 13 May 2020 22:19:49 +0000
Message-ID: <LO2P265MB0573A7D85EA3204F62EE080BC2BF0@LO2P265MB0573.GBRP265.PROD.OUTLOOK.COM>
References: <CABcZeBPP6J=a=hW6BLcMnKawupa3RjjpYAzgZ317=ryLy39n+A@mail.gmail.com> <8CEFE3CB-A88C-4BBC-95B8-9850142DB5EE@sinodun.com> <CABcZeBPF41eq-HYXdYScx7bqYyUO7-oH6zWKqj7Ka23u8x_E4A@mail.gmail.com> <ACA9854E-00B7-4776-A850-E5069C672121@cisco.com> <CABcZeBOxN7iNTLFUw7JDc4ZGH_u4awys3g52de29CuOyQv2JUQ@mail.gmail.com> <C8B168D0-F719-405F-892F-14573A7C568D@sinodun.com> <CABcZeBPGAgqSPKWXKaL6kK5CYzgK+RmwFrMwhc6ED7aGnV_ayA@mail.gmail.com> <8AB227E2-F968-47C4-9EB6-40A988263892@sinodun.com> <4fc44293-cdd9-24b7-cf26-1451a3652f73@huitema.net> <541315765.30668.1589285684382@appsuite-gw2.open-xchange.com> <20200512151805.GA13200@sources.org> <1724219952.33277.1589365642855@appsuite-gw2.open-xchange.com>
In-Reply-To: <1724219952.33277.1589365642855@appsuite-gw2.open-xchange.com>
Accept-Language: en-GB, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: open-xchange.com; dkim=none (message not signed) header.d=none;open-xchange.com; dmarc=none action=none header.from=419.consulting;
x-originating-ip: [86.133.67.158]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 90bd5c33-9f3b-4adb-037d-08d7f78bc09d
x-ms-traffictypediagnostic: LO2P265MB0477:
x-microsoft-antispam-prvs: <LO2P265MB04773993D013B398FEABF4F4C2BF0@LO2P265MB0477.GBRP265.PROD.OUTLOOK.COM>
x-ms-oob-tlc-oobclassifiers: OLM:8882;
x-forefront-prvs: 0402872DA1
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: Dv7HdBZCuLGUxldWdI4O6MZ5cGP3yKoVuawVoPX/4BFPTt4KK82uoz7EnIAEUX4We0+x6aH2W7yaAx9PCbJ/4TUgNqKklfOkxSuo91LiazV7sHi3IUtB34YChLLgIJpbq7/s6DE2ZOK6Y3ImEooCiLPN1qIzB3xol4g3WDWGn7N0PgaHjceaBUKzk2PKunx7LbJ4p1WIAiuWbfb6Pmae01lqXOnzUjFnc+Wp8W/P8BdQLeVpmC4hX/j6iycvCiy2R5KnGKCZYGkMwNOE07cVVnuUduNMWvZLTYHaZw098my96LT9jRRKbjAH0aQqjLPp8EOuJvku8CRBQJ6S3A9cVN3AZJI6WJ3RO1f2pYd49KjJEz4obOgSrW396OECJIRyAsin2GeQOjZlJG9sFdD7SXdlLPcDHSJOwmbX7ksrI9m6J/F6Ktaow2tK5iUwApyOspIpIZLqsCN9sVSj6qYOCOAiyalcTK76A7TFp6hoIV+0kloPViS8lq6pw9I8k3mvgbdubai+OfNQSM8ccDxc1bScHQG7jZgXBCkpRimCJAw=
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:LO2P265MB0573.GBRP265.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFTY:; SFS:(346002)(39830400003)(396003)(376002)(366004)(136003)(33430700002)(55016002)(186003)(4326008)(53546011)(26005)(2906002)(6506007)(9686003)(52536014)(508600001)(86362001)(8936002)(8676002)(33656002)(71200400001)(66946007)(7696005)(316002)(64756008)(66556008)(5660300002)(110136005)(66446008)(33440700001)(54906003)(15650500001)(76116006)(66476007)(44832011)(46492006); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata: 7O04ju9paSpn1hb1em0kWCiJveVbaadndWnD/FcAjh2fiPySZWDukScVnMae3xeadsXPDqXXxtFS/2uQPRaW/8JUxXV5Hi4ZEZhDzKd+TnKKPZhSRoDYR5tEToIPt2CUdWo01OltHhDbnBD9qelOH2GS7REXBkZxL60O6+Y+a+ioF7+fExwWICfK0nYbYeUhOVgtqrXADlO6pRiABLBVF0eQcB9+TGqLgKSu3kIonGcdJrr1wtORSv602tEdQThAnJKBIEo+mC1tYAJ/LhDAGWwSEDx2rJWyltZA13tcm81b/geeyxSLH6BG/ImRDeXA1V0YpgcSnGAeQt8k/maj+/Plz4Ns/Z4nUOPCSpgStOGDmKg5t8zdGUNv7Fg/FE2BTN5r0DOAg2TaYqz2Tz0gA/Mdkk6vPeEYEMj7vrK1skFCFRU+jN+UcsA/BXitW4JAiFIMEng/uM3GC1oDFyLDioxx2VC2XZhgyogjE/EupSM=
x-ms-exchange-transport-forked: True
Content-Type: multipart/alternative; boundary="_000_LO2P265MB0573A7D85EA3204F62EE080BC2BF0LO2P265MB0573GBRP_"
MIME-Version: 1.0
X-OriginatorOrg: 419.consulting
X-MS-Exchange-CrossTenant-Network-Message-Id: 90bd5c33-9f3b-4adb-037d-08d7f78bc09d
X-MS-Exchange-CrossTenant-originalarrivaltime: 13 May 2020 22:19:49.9775 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 9c2ced3e-7522-4755-87dc-f983abc66ec3
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: fLOtXWWb3keGL6eiOVH3qozzHl1MHk3LcanRY1F/21yCBBxXin5xDY4aqZIZicmzYAeJMSYBcHeCwCyz0UwUuihszGiYvpMG4ptsxaC2EKE=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: LO2P265MB0477
Archived-At: <https://mailarchive.ietf.org/arch/msg/dns-privacy/LQ6bYYYCPmQW54JbNeVSyJqWeUY>
Subject: Re: [dns-privacy] Datatracker State Update Notice: <draft-ietf-dprive-rfc7626-bis-04.txt>
X-BeenThere: dns-privacy@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <dns-privacy.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dns-privacy/>
List-Post: <mailto:dns-privacy@ietf.org>
List-Help: <mailto:dns-privacy-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 13 May 2020 22:19:59 -0000

On 13/05/2020 11:27 Vittorio Bertola <vittorio.bertola@open-xchange.com> wrote:



>> Il 12/05/2020 17:18 Stephane Bortzmeyer <bortzmeyer@nic.fr<mailto:bortzmeyer@nic.fr>> ha scritto:

>>

>> Yes, and I think I know now the root of the problem. 7626bis tries to

>> go too far and, instead of discussing the DNS protocol and its privacy

>> issues, now goes into end hosts and discuss what is done inside the

>> machine, and what should be done. This is certainy interesting, and it

>> certainly has consequences on privacy, user control, etc but:

>>

>> 1) It is a bit outside IETF's domain, since it is not inside the

>> network,

>

>I disagree. There are IETF documents that provide policy-level analysis of complex

>technical issues and do so throughout the entire network architecture, both in terms

>of layers and in terms of hosts. For example, RFC 7754 has an entire section devoted

>to what happens within the endpoints and within applications that run on them.

>

>Also, RFC 6973, which is the document that this draft tries to apply, has an entire

>section of the guidelines (7.2) that instructs to discuss issues of user control, which

>is what 6.1.1.2 deals with. Actually, the first point of the section is:

>

>     "What controls or consent mechanisms does the

>      protocol define or require before personal data or identifiers

>      are shared or exposed via the protocol?  If no such mechanisms or

>     controls are specified, is it expected that control and consent

>    will be handled outside of the protocol?"

>

>There even is an explicit reference to discussing how control and consent is handled outside of the protocol.



I also note that RFC 3552 (Guidelines for Writing RFC Text on Security Considerations) includes section 2.3 on systems security so does indeed look beyond the network.  So, alongside RFC 7754 and RFC 6973, there seem to be a good number of examples where the IETF has reached consensus on documents with scope that extends beyond the network.  I’m unclear why this one should not.





Andrew

v2.23.0 | Report a Bug | By Email