Re: [dns-privacy] Barry Leiba's No Objection on draft-ietf-dprive-rfc7626-bis-06: (with COMMENT)
Vittorio Bertola <vittorio.bertola@open-xchange.com> Thu, 08 October 2020 09:42 UTC
Return-Path: <vittorio.bertola@open-xchange.com>
X-Original-To: dns-privacy@ietfa.amsl.com
Delivered-To: dns-privacy@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9BDE73A0858; Thu, 8 Oct 2020 02:42:59 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.099
X-Spam-Level:
X-Spam-Status: No, score=-2.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=open-xchange.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id uhphrv9X7ifR; Thu, 8 Oct 2020 02:42:58 -0700 (PDT)
Received: from mx3.open-xchange.com (alcatraz.open-xchange.com [87.191.39.187]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CF5963A0853; Thu, 8 Oct 2020 02:42:57 -0700 (PDT)
Received: from open-xchange.com (imap.open-xchange.com [10.20.30.10]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx3.open-xchange.com (Postfix) with ESMTPS id CDA506A318; Thu, 8 Oct 2020 11:42:54 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=open-xchange.com; s=201705; t=1602150174; bh=NQO4SgQyao2MoxjN1cO54IQDyZjW/hI0ZQNVdAyWxfo=; h=Date:From:To:Cc:In-Reply-To:References:Subject:From; b=RSUpFacveemjflF8+t3ttJLqlbKXBzph9reC1lF+GmDYq8sQPs/ak8Xqn6RoWwVvo gTLgMm8L2+sQod5XAQ30vsKx0MosR64vwIUdkzsqnPWrfB+226Sgt8oHOAly9TjlLh v/K8IN3C2HBNTEfneO6zDvPoGWTPxGcSxgJbJNeUrCuffWU/GEPzZNyNg9L/Jgzm3a ayobycQ9y+s0kY4nba9y8CvXyNZUyGtZ3SlJZlBVgIJDMSH9At/xxYJHnCU5KJTQbC 2nSQhc9YONRSqrDRwu8Czc6NwYrJ1B6E5BaIcwJn09cwoeFXHvOFCD6h0y9NfGkvWM a+RTZAWDIDQ1Q==
Received: from appsuite-gw1.open-xchange.com (appsuite-gw1.open-xchange.com [10.20.28.81]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by open-xchange.com (Postfix) with ESMTPSA id BF4AF3C0385; Thu, 8 Oct 2020 11:42:54 +0200 (CEST)
Date: Thu, 08 Oct 2020 11:42:54 +0200
From: Vittorio Bertola <vittorio.bertola@open-xchange.com>
To: Barry Leiba <barryleiba@computer.org>, The IESG <iesg@ietf.org>
Cc: dns-privacy@ietf.org, draft-ietf-dprive-rfc7626-bis@ietf.org
Message-ID: <1789906825.14713.1602150174683@appsuite-gw1.open-xchange.com>
In-Reply-To: <160213056016.5526.9970713132843971319@ietfa.amsl.com>
References: <160213056016.5526.9970713132843971319@ietfa.amsl.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Priority: 3
Importance: Normal
X-Mailer: Open-Xchange Mailer v7.10.4-Rev10
X-Originating-Client: open-xchange-appsuite
Autocrypt: addr=vittorio.bertola@open-xchange.com; prefer-encrypt=mutual; keydata= mQENBFhFR+UBCACfoywFKBRfzasiiR9/6dwY36eLePXcdScumDMR8qoXvRS55QYDjp5bs+yMq41qWV9 xp/cqryY9jnvHbeF3TsE5yEazpD1dleRbkpElUBpPwXqkrSP8uXO9KkS9KoX6gdml6M4L+F82WpqYC1 uTzOE6HPmhmQ4cGSgoia2jolxAhRpzoYN99/BwpvoZeTSLP5K6yPlMPYkMev/uZlAkMMhelli9IN6yA yxcC0AeHSnOAcNKUr13yXyMlTyi1cdMJ4sk88zIbefxwg3PAtYjkz3wgvP96cNVwAgSt4+j/ZuVaENP pgVuM512m051j9SlspWDHtzrci5pBKKFsibnTelrABEBAAG0NUJlcnRvbGEsIFZpdHRvcmlvIDx2aXR 0b3Jpby5iZXJ0b2xhQG9wZW4teGNoYW5nZS5jb20+iQFABBMBAgAqBAsJCAcGFQoJCAsCBRYCAwEAAp 4BAhsDBYkSzAMABQMAAAAABYJYRUflAAoJEIU2cHmzj8qNaG0H/ROY+suCP86hoN+9RIV66Ej8b3sb8 UgwFJOJMupZfeb9yTIJwE4VQT5lTt146CcJJ5jvxD6FZn1Htw9y4/45pPAF7xLE066jg3OqRvzeWRZ3 IDUfJJIiM5YGk1xWxDqppSwhnKcMOuI72iioWxX0nGQrWxpnWJsjt08IEEwuYucDkul1PHsrLJbTd58 fiMKLVwag+IE1SPHOwkPF6arZQZIfB5ThtOZV+36Jn8Hok9XfeXWBVyPkiWCQYVX39QsIbr0JNR9kQy 4g2ZFexOcTe8Jo12jPRL7V8OqStdDes3cje9lWFLnX05nrfLuE0l0JKWEg8akN+McFXc+oV68h7nu5A Q0EWEVH5QEIAIDKanNBe1uRfk8AjLirflZO291VNkOAeUu+dIhecGnZeQW6htlDinlYOnXhtsY1mK9W PUu+xshDq7lXn2G0LxldYwyJYZaJtDgIKqVqwxfA34Lj27oqPuXwcvGhdCgt0SW/YcalRdAi0/AzUCu 5GSaj2kaGUSnBYYUP4szGJXjaK2psP5toQSCtx2pfSXQ6MaqPK9Zzy+D5xc6VWQRp/iRImodAcPf8fg JJvRyJ8Jla3lKWyvBBzJDg6MOf6Fts78bJSt23X0uPp93g7GgbYkuRMnFI4RGoTVkxjD/HBEJ0CNg22 hoHJondhmKnZVrHEluFuSnW0wBEIYomcPSPB+cAEQEAAYkBMQQYAQIAGwUCWEVH5QIbDAQLCQgHBhUK CQgLAgUJEswDAAAKCRCFNnB5s4/KjdO8B/wNpvWtOpLdotR/Xh4fu08Fd63nnNfbIGIETWsVi0Sbr8i E5duuGaaWIcMmUvgKe/BM0Fpj9X01Zjm90uoPrlVVuQWrf+vFlbalUYVZr51gl5UyUFHk+iAZCAA0WB rsmACKvuV1P7GuiX3UV9b59T9taYJxN3dNFuftrEuvsqHimFtlekUjUwoCekTJdncFusBhwz2OrKhHr WWrEsXkfh0+pURWYAlKlTxvXuI7gAfHEQM+6OnrWvXYtlhd0M1sBPnCjbyG63Qws7Rek9bEWKtH6dA6 dmT2FQT+g1S9Mdf0WkPTQNX0x24dm8IoHuD3KYwX7Svx43Xa17aZnXqUjtj1
Archived-At: <https://mailarchive.ietf.org/arch/msg/dns-privacy/5V0I1Hz5U4Kx9GZMVUA5i4KY5sI>
Subject: Re: [dns-privacy] Barry Leiba's No Objection on draft-ietf-dprive-rfc7626-bis-06: (with COMMENT)
X-BeenThere: dns-privacy@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <dns-privacy.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dns-privacy/>
List-Post: <mailto:dns-privacy@ietf.org>
List-Help: <mailto:dns-privacy-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 08 Oct 2020 09:43:00 -0000
> Il 08/10/2020 06:16 Barry Leiba via Datatracker <noreply@ietf.org> ha scritto: > > On her second point, I’ll go in a different direction: it’s bordering on silly > to think that any real end user can be said to “be aware of and have the > ability to control” anything related to DNS settings and resolution options. > If “users” refers to those of us writing these specs, sure. But when we’re > talking about our siblings and cousins and parents, who are doctors and nurses, > chefs and bakers, bank tellers and car mechanics, there is no hope of awareness > and understanding of the choices and their consequences, nor that any form of > “communicate clearly” will really accomplish anything. I see little to > recommend pretending that it will. I see your point, but then, this clashes with the picture of "8.8.8.8" painted on a wall in Istanbul that has been abundantly circulated as evidence in favour of encrypted DNS, to support the importance of letting average users control their choice of DNS resolvers when they do not trust their government and their Internet access provider. As another example, a few days ago I was checking online discussion forums for user reviews of a new fiber provider, and one of the most often noted points was that their CPE doesn't let users change the DNS settings that are then broadcast to devices via DHCP(*). It was not a minor issue; several messages in the thread were discussing it, with some people even saying "this is the reason why I am not choosing them". Of course only smarter users go to an online forum and discuss fiber providers, yet these were in no way DNS professionals or even Internet professionals. So I think the truth lies somewhere in the middle - most users do not care or even understand what DNS is, but lots of them do, especially when one of the two following motivations comes up: 1. "the Internet" doesn't work because the resolvers don't work, or 2. changing DNS resolvers allows access to previously forbidden content (for multiple, differently desirable cases of "forbidden"). IMHO there is enough of these two cases to warrant preserving the user's ability to control the choice of resolvers if they want (except that, in my opinion, in democratic countries they should never be allowed to use this ability to circumvent their own national laws and policies, but I know that some people disagree). (*) which, by the way, made me think that those recommendations should not only apply to "applications". -- Vittorio Bertola | Head of Policy & Innovation, Open-Xchange vittorio.bertola@open-xchange.com Office @ Via Treviso 12, 10144 Torino, Italy
- [dns-privacy] Barry Leiba's No Objection on draft… Barry Leiba via Datatracker
- Re: [dns-privacy] Barry Leiba's No Objection on d… Rob Sayre
- Re: [dns-privacy] Barry Leiba's No Objection on d… Vittorio Bertola
- Re: [dns-privacy] Barry Leiba's No Objection on d… Alissa Cooper