[dns-privacy] Warren Kumari's Yes on draft-ietf-dprive-rfc7626-bis-06: (with COMMENT)
Warren Kumari via Datatracker <email@example.com> Thu, 08 October 2020 13:00 UTC
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 987A73A0AD9; Thu, 8 Oct 2020 06:00:32 -0700 (PDT)
Content-Type: text/plain; charset="utf-8"
From: Warren Kumari via Datatracker <firstname.lastname@example.org>
To: "The IESG" <email@example.com>
Cc: firstname.lastname@example.org, email@example.com, firstname.lastname@example.org, Brian Haberman <email@example.com>, firstname.lastname@example.org, email@example.com
Reply-To: Warren Kumari <firstname.lastname@example.org>
Date: Thu, 08 Oct 2020 06:00:32 -0700
Subject: [dns-privacy] Warren Kumari's Yes on draft-ietf-dprive-rfc7626-bis-06: (with COMMENT)
List-Unsubscribe: <https://www.ietf.org/mailman/options/dns-privacy>, <mailto:email@example.com?subject=unsubscribe>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dns-privacy>, <mailto:firstname.lastname@example.org?subject=subscribe>
X-List-Received-Date: Thu, 08 Oct 2020 13:00:33 -0000
Warren Kumari has entered the following ballot position for draft-ietf-dprive-rfc7626-bis-06: Yes When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html for more information about IESG DISCUSS and COMMENT positions. The document, along with other ballot positions, can be found here: https://datatracker.ietf.org/doc/draft-ietf-dprive-rfc7626-bis/ ---------------------------------------------------------------------- COMMENT: ---------------------------------------------------------------------- [ Thank you for addressing my DISCUSS point. ] [Edit: I accidentally hit "Send" too early; I have another few comments, also non-blocking: 1: "Also, sometimes, the QNAME embeds the software one uses, which could be a privacy issue. For instance, _ldap._tcp.Default-First-Site-Name._sites.gc._msdcs.example.org."... Unless you are a Microsoft or DNS weenie, this is likely not at clear -- what is being leaked here? The fact that the site uses TCP? LDAP? Windows? Goldbach's Conjecture? Example software? (I think adding a sentence here would be helpful...) ] Thank you for this document - it's really useful, and readable as well. I do have a few small comments to (possibly) make it even better - I will in no way be offended if you ignore these... The background on how DNS works is nicely written, and I'm to point people at it when I need to explain how the DNS works -- but I think a better name example than: "What are the SRV records of _xmpp-server._tcp.example.com?" would be good -- SRV is an unusual record type, and names with underscores surprise people. I'd instead suggest "What is the MX records for example.com" or "What is the A record for ftp.example.com?" -- I'm only mentioning this because the rest of the section is a very general introduction and this might confuse newcomers... "At the time of writing, almost all this DNS traffic is currently sent in clear (i.e., unencrypted). However there is increasing deployment of DNS-over-TLS (DoT) [RFC7858] and DNS-over-HTTPS (DoH) [RFC8484], particularly in mobile devices, browsers, and by providers of anycast recursive DNS resolution services." I think that you might want to remove the "particularly in ..." - I suspect that it will not age well; the document does say "At the time of writing" and "increasing", etc., but this document is likely foundational enough that it will still be referenced many many years from now, and this text may just cloud matters then. Whatever the case, thanks again for this document!
- [dns-privacy] Warren Kumari's Yes on draft-ietf-d… Warren Kumari via Datatracker