IETF Logo Mail Archive

Re: [dns-privacy] [DNSOP] FW: New Version Notification for draft-pan-dnsop-edns-isp-location-00

Brian Hartvigsen <bhartvigsen@opendns.com> Mon, 20 March 2017 19:34 UTC

Return-Path: <bhartvigsen@opendns.com>
X-Original-To: dns-privacy@ietfa.amsl.com
Delivered-To: dns-privacy@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0B0961294C1 for <dns-privacy@ietfa.amsl.com>; Mon, 20 Mar 2017 12:34:08 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, NORMAL_HTTP_TO_IP=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=opendns.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id eXKLyeeIXw0F for <dns-privacy@ietfa.amsl.com>; Mon, 20 Mar 2017 12:34:06 -0700 (PDT)
Received: from mail-pg0-x22c.google.com (mail-pg0-x22c.google.com [IPv6:2607:f8b0:400e:c05::22c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6E27F12951B for <dns-privacy@ietf.org>; Mon, 20 Mar 2017 12:34:05 -0700 (PDT)
Received: by mail-pg0-x22c.google.com with SMTP id t143so16290970pgb.2 for <dns-privacy@ietf.org>; Mon, 20 Mar 2017 12:34:05 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=opendns.com; s=google; h=from:message-id:mime-version:subject:date:in-reply-to:cc:to :references; bh=o5E1eKJ8cVhenND3c7UuTt7OAmS4li6uO2N+YQ6j8hk=; b=X84FsEuLAQ5VbMk1NQ9a+92JvHpGeppDw6cwpO2xXpF7W+L/GhotsTZ9Gr7wL4XFkn doT92klsBVCfYxXYrVrI1O7Jzm5HbEfdv7i8N+pj9xODnPxGeNga1/RZxyW4GOQ417dd NnfE7f0FSpkiLR+TXbngas4MyNwz+xJPf/pAc=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:message-id:mime-version:subject:date :in-reply-to:cc:to:references; bh=o5E1eKJ8cVhenND3c7UuTt7OAmS4li6uO2N+YQ6j8hk=; b=G07A+nhmPQJ15G0emXAGDKU2NFqy9XhL6iMP7Zpe23gQu2ActrkBn+AFJ3FDPrTQPM zmw8InNvHfwViU1EdRGQoEzXec1cyk7Pp6hlerNqAColEOk3c8EhTao3fNDmkc/49oaG AYaDwcAGizXpqRKtBXyy8F2taLPWvtHHiXGXL10/dQv4j+4IEgHLWpDQxBOoXtajvOOJ Ziqk1HIRLlgmvzYvNFZe3Gp+q9mTP8FgkGE6+H1w2LhMSO2y4UdmKPWuHRgaiIu6/Jmi zxrY+QkVPtcZRz5LPuD7xbKU+dgjVrqh2BeVT13BXNdJ+eibQzBlYIwYQ3yCDXAfT1Zl XYXA==
X-Gm-Message-State: AFeK/H0HYz1PGrI6k2HuAY/prP0Tb2/rZzjJVY8orKcXsKD4+IS4cZQuFWCfyEfdmDqUSBHB
X-Received: by 10.98.37.69 with SMTP id l66mr25425057pfl.156.1490038444980; Mon, 20 Mar 2017 12:34:04 -0700 (PDT)
Received: from brians-air-2.local (24-116-170-61.cpe.cableone.net. [24.116.170.61]) by smtp.gmail.com with ESMTPSA id g27sm34793392pfk.95.2017.03.20.12.34.03 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 20 Mar 2017 12:34:04 -0700 (PDT)
From: Brian Hartvigsen <bhartvigsen@opendns.com>
Message-Id: <48FEB26B-8B76-4548-8F72-F907C81C65A6@opendns.com>
Content-Type: multipart/signed; boundary="Apple-Mail=_853CB6D8-4E7F-4406-AE84-BE30EAF85171"; protocol="application/pgp-signature"; micalg="pgp-sha512"
Mime-Version: 1.0 (Mac OS X Mail 10.2 \(3259\))
Date: Mon, 20 Mar 2017 13:34:02 -0600
In-Reply-To: <df8da203-6fbc-02d9-7876-e220f2bbe884@nic.cz>
Cc: Lanlan Pan <abbypan@gmail.com>, Barry Raveendran Greene <bgreene@senki.org>, "fuyu@cnnic.cn" <fuyu@cnnic.cn>, dns-privacy@ietf.org, dnsop <dnsop@ietf.org>
To: Petr Špaček <petr.spacek@nic.cz>
References: <000f01d29dfe$50b6b190$f22414b0$@cn> <CANLjSvXGO3rSpqb7hzwmV=vfm=UTHnQYqfBmt=uD9Mi8cL59Jg@mail.gmail.com> <16B293AD-27A2-4A6D-8A96-7CD847B59708@senki.org> <CANLjSvUJfU1cafGXHyg=DuCnhm09mBm5z4ve2_g6j2ONgt2tRQ@mail.gmail.com> <df8da203-6fbc-02d9-7876-e220f2bbe884@nic.cz>
X-Mailer: Apple Mail (2.3259)
Archived-At: <https://mailarchive.ietf.org/arch/msg/dns-privacy/4_ZzR8-7I0R3dIQehXiuAql9OxE>
Subject: Re: [dns-privacy] [DNSOP] FW: New Version Notification for draft-pan-dnsop-edns-isp-location-00
X-BeenThere: dns-privacy@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: <dns-privacy.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dns-privacy/>
List-Post: <mailto:dns-privacy@ietf.org>
List-Help: <mailto:dns-privacy-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 20 Mar 2017 19:34:08 -0000

>> For user privacy concern, we can revise  ECS(114.240.0.0/24
>> <http://114.240.0.0/24>) => EIL (CHINA, BEIJING, UNICOM),give a
>> tradeoff between privacy and precise.
> 
> Nice, this sounds like appropriate tradeoff to me.
> 
> 
> Side-effect of this is that it removes need to maintain copies of
> various Geo-IP databases all over the place, which is an improvement to
> operational practice.

I disagree.  Unless you get the clients to implement EIL, then you’ve simply just pushed the need for geo-ip mapping from CDN to DNS provider.  Of course one would assume that an ISP already has this mapping, but 3rd party DNS would not.  So either they have to build the mappings,  maintain a copy of some Geo-IP database, or hope that all the clients have it implemented.  With 3rd party DNS carrying double digit percentages of traffic (iirc ~15% total from 2015 OARC presentation), that’s not something to just brush away.

— Brian

v2.23.0 | Report a Bug | By Email