[dns-privacy] New: draft-bertola-bcp-doh-clients

Vittorio Bertola <vittorio.bertola@open-xchange.com> Sun, 10 March 2019 14:55 UTC

Return-Path: <vittorio.bertola@open-xchange.com>
X-Original-To: dns-privacy@ietfa.amsl.com
Delivered-To: dns-privacy@ietfa.amsl.com
Received: from localhost (localhost []) by ietfa.amsl.com (Postfix) with ESMTP id E015B127817 for <dns-privacy@ietfa.amsl.com>; Sun, 10 Mar 2019 07:55:08 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.301
X-Spam-Status: No, score=-4.301 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=open-xchange.com
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id 8NYgPltwE-Eu for <dns-privacy@ietfa.amsl.com>; Sun, 10 Mar 2019 07:55:06 -0700 (PDT)
Received: from mx4.open-xchange.com (alcatraz.open-xchange.com []) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 930C212787D for <dns-privacy@ietf.org>; Sun, 10 Mar 2019 07:55:06 -0700 (PDT)
Received: from open-xchange.com (imap.open-xchange.com []) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx4.open-xchange.com (Postfix) with ESMTPS id C30266A251 for <dns-privacy@ietf.org>; Sun, 10 Mar 2019 15:55:00 +0100 (CET)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=open-xchange.com; s=201705; t=1552229700; bh=mlhRUm6ncByLZVun7r5ZremUw5/fqTB1e4LxsVfb3YI=; h=Date:From:To:Subject:From; b=lt4cQQq1q7nWflH0i9pofRBRiL1ZNvzQ61zEYRgOQNjXejQLJ8RsIUvXAuay0SQAB +uHpF8pc5s5V1lGinoZm45sduuHFyE6aOvK77HpuBP78g3Jop5uyYOalOLKAE/IDXE oqeb4lpLmG7EUBzAaOq34hPanVI4r/mx6sDx/HtxF82H+M3XsC2nInvAY3aowHrJDd q6zpEyTCoZ7sNAFPJ+yoyjQ7iaNEYiKDpnnvh24RCTDo5CTVZw/JppC9Bq6blxFTde rEeRrWnu4LqNZG12cqHi1xis8Z0BvqZWNCf1f/IXWD211W7sHjT49LlZZ/MLilHk5U 9jnycKNmAu21Q==
Received: from appsuite-gw1.open-xchange.com (appsuite-gw1.open-xchange.com []) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by open-xchange.com (Postfix) with ESMTPSA id AEC7B3C0431 for <dns-privacy@ietf.org>; Sun, 10 Mar 2019 15:55:00 +0100 (CET)
Date: Sun, 10 Mar 2019 15:55:00 +0100 (CET)
From: Vittorio Bertola <vittorio.bertola@open-xchange.com>
To: dns-privacy@ietf.org
Message-ID: <1700920918.12557.1552229700654@appsuite.open-xchange.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit
X-Priority: 3
Importance: Medium
X-Mailer: Open-Xchange Mailer v7.10.1-Rev9
X-Originating-Client: open-xchange-appsuite
Archived-At: <https://mailarchive.ietf.org/arch/msg/dns-privacy/3ryu5BxcjRJO1-zeRXJaKIcIDUY>
Subject: [dns-privacy] New: draft-bertola-bcp-doh-clients
X-BeenThere: dns-privacy@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <dns-privacy.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dns-privacy/>
List-Post: <mailto:dns-privacy@ietf.org>
List-Help: <mailto:dns-privacy-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 10 Mar 2019 14:55:09 -0000

Hello all,

this new document has been allocated 10 minutes in the dprive agenda in Prague. It is my attempt to launch a productive discussion on whether the IETF can reach consensus on how to address all the issues deriving by the early deployment attempts of encrypted DNS protocols and especially DNS-over-HTTPS. It is meant to be the counterpart of the draft that this WG is developing for operators, but focused on client applications.

Even before discussing the draft recommendations (which I'm sure will be quite controversial for some people, and of course everything is up for discussion), I would like to understand whether people want to work on this at the IETF (as opposed to other Internet governance venues) and in which group.


A new version of I-D, draft-bertola-bcp-doh-clients-00.txt has been successfully submitted by Vittorio Bertola and posted to the IETF repository.

Name: draft-bertola-bcp-doh-clients
Revision: 00
Title: Recommendations for DNS Privacy Client Applications
Document date: 2019-03-10
Group: Individual Submission
Pages: 19
URL:            https://www.ietf.org/internet-drafts/draft-bertola-bcp-doh-clients-00.txt
Status:         https://datatracker.ietf.org/doc/draft-bertola-bcp-doh-clients/
Htmlized:       https://tools.ietf.org/html/draft-bertola-bcp-doh-clients-00
Htmlized:       https://datatracker.ietf.org/doc/html/draft-bertola-bcp-doh-clients

Abstract:   This document presents operational, policy and security   considerations for the authors and publishers of client applications that choose to implement DNS resolution through any of the protocols that provide private, encrypted connections between the application itself and the DNS resolver.  As these protocols, depending on implementation choices and deployment models, may impact the Internet significantly at the architectural, legal and policy levels, the document records the current consensus on how these protocols should be used by applications, especially user-facing applications meant for mass usage by non-technical consumers.


Vittorio Bertola | Head of Policy & Innovation, Open-Xchange
Office @ Via Treviso 12, 10144 Torino, Italy