IETF Logo Mail Archive

Re: [dns-privacy] WG Call for Adoption: draft-pauly-dprive-oblivious-doh

Neil Cook <neil.cook@noware.co.uk> Thu, 18 March 2021 17:34 UTC

Return-Path: <neil.cook@noware.co.uk>
X-Original-To: dns-privacy@ietfa.amsl.com
Delivered-To: dns-privacy@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6B69D3A3064 for <dns-privacy@ietfa.amsl.com>; Thu, 18 Mar 2021 10:34:44 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.306
X-Spam-Level:
X-Spam-Status: No, score=-1.306 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RDNS_NONE=0.793, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=noware.co.uk
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id g7r5UBhMSjXt for <dns-privacy@ietfa.amsl.com>; Thu, 18 Mar 2021 10:34:41 -0700 (PDT)
Received: from mail1.noware.co.uk (unknown [IPv6:2604:a880:400:d0::1a21:4001]) by ietfa.amsl.com (Postfix) with ESMTP id A0DE23A2EE6 for <dns-privacy@ietf.org>; Thu, 18 Mar 2021 10:34:41 -0700 (PDT)
Received: from [192.168.1.109] (host86-157-43-224.range86-157.btcentralplus.com [86.157.43.224]) by mail1.noware.co.uk (Postfix) with ESMTPSA id 21A1680893; Thu, 18 Mar 2021 17:34:40 +0000 (UTC)
DKIM-Filter: OpenDKIM Filter v2.11.0 mail1.noware.co.uk 21A1680893
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=noware.co.uk; s=default; t=1616088880; bh=TYrQ20htXBsdP4NDtj+wysegNs1HhZhcvhRFYi9+dfM=; h=Subject:From:In-Reply-To:Date:Cc:References:To:From; b=G7/ncOLlro8IS87fEuSc4UcyfzkJAc58n7fwO7zG5mzsShn8SO44yeGvTo48oUdMC xpTlnlLqIqUpJyUVq2j2YquMUIvdFJbcB015TLIRHj7UJM6IuWym0UTF6nZHdGpiJu xFQfN1hgxz2YRoWFNOv0kBEhTZgW8N7gccx1d6kA=
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 13.4 \(3608.120.23.2.4\))
From: Neil Cook <neil.cook@noware.co.uk>
In-Reply-To: <68D476A8-6AA8-4FD2-ADF4-01DAF428F99D@apple.com>
Date: Thu, 18 Mar 2021 17:34:39 +0000
Cc: Eric Orth <ericorth=40google.com@dmarc.ietf.org>, Jim Reid <jim@rfc1035.com>, "dns-privacy@ietf.org" <dns-privacy@ietf.org>
Content-Transfer-Encoding: quoted-printable
Message-Id: <B25FF357-FAAF-4198-8E40-D63D6DCBA7D0@noware.co.uk>
References: <1a1ef163-bef8-0726-8e51-e444e8fe6091@innovationslab.net> <86e54685-ab6e-83b5-e4f6-bbd71fc6dd5a@nic.cz> <CABcZeBOgE=ABFwErsYFrjSRWFXgcJp_JncVXbwcaiDf3iFs7RA@mail.gmail.com> <AF91913A-42A1-4832-8113-F576C4AA4684@apple.com> <6E546D21-9B96-42DA-A488-4BC0E8E7A4AB@rfc1035.com> <CAMOjQcE7WeB1ijYdjmb39yt2szJvW3wc8kfDNc6chF7S51=+qQ@mail.gmail.com> <A6D5870D-C944-4BDE-A7A3-87E6E17D27D8@rfc1035.com> <CAMOjQcHZVQZhOs-U9TGpRTk-Agsv3eLCf_BNL2ZxDZwRtgs1=w@mail.gmail.com> <68D476A8-6AA8-4FD2-ADF4-01DAF428F99D@apple.com>
To: Tommy Pauly <tpauly=40apple.com@dmarc.ietf.org>
X-Mailer: Apple Mail (2.3608.120.23.2.4)
X-VADE-SPAMSTATE: clean
X-VADE-SPAMSCORE: 0
X-VADE-SPAMCAUSE: gggruggvucftvghtrhhoucdtuddrgeduledrudefiedguddtgecutefuodetggdotefrodftvfcurfhrohhfihhlvgemucfpgffknfevqffqmfenuceurghilhhouhhtmecufedttdenucenucfjughrpegtggfuhfgjfffgkfhfvffosehtqhhmtdhhtdejnecuhfhrohhmpefpvghilhcuvehoohhkuceonhgvihhlrdgtohhokhesnhhofigrrhgvrdgtohdruhhkqeenucggtffrrghtthgvrhhnpeefkeejhedtheefgfetfedugfekleetkeevhffgheeltedtueeiuefhtedtjefhjeenucfkphepkeeirdduheejrdegfedrvddvgeenucevlhhushhtvghrufhiiigvpedtnecurfgrrhgrmhepihhnvghtpeekiedrudehjedrgeefrddvvdegpdhhvghloheplgduledvrdduieekrddurddutdelngdpmhgrihhlfhhrohhmpefpvghilhcuvehoohhkuceonhgvihhlrdgtohhokhesnhhofigrrhgvrdgtohdruhhkqedprhgtphhtthhopehtphgruhhlhiepgedtrghpphhlvgdrtghomhesughmrghrtgdrihgvthhfrdhorhhgpdhrtghpthhtohepvghrihgtohhrthhhpeegtdhgohhoghhlvgdrtghomhesughmrghrtgdrihgvthhfrdhorhhgpdhrtghpthhtohepjhhimhesrhhftgdutdefhedrtghomhdprhgtphhtthhopegunhhsqdhprhhivhgrtgihsehivghtfhdrohhrgh
Archived-At: <https://mailarchive.ietf.org/arch/msg/dns-privacy/FEPl30OdQ1BGly77GsSPJia8u4k>
Subject: Re: [dns-privacy] WG Call for Adoption: draft-pauly-dprive-oblivious-doh
X-BeenThere: dns-privacy@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <dns-privacy.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dns-privacy/>
List-Post: <mailto:dns-privacy@ietf.org>
List-Help: <mailto:dns-privacy-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 18 Mar 2021 17:34:44 -0000

Hi Tommy,

> On 18 Mar 2021, at 17:13, Tommy Pauly <tpauly=40apple.com@dmarc.ietf.org> wrote:
> 
> Mainly, this is relevant for resolvers that directly receive client-generated queries, are not directly on the local network (and thus already know a lot about the user), and are in a position where a client can use a proxy to access them. Large public resolvers do fall into this category, but it isn’t limited. It could also be the resolvers used for ISPs, carriers, etc.

Can you explain how you think this could also be the resolvers used for ISPs, carriers etc.? 

To my understanding this draft explicitly excludes the vast majority of them. They are typically *not* public resolvers, and for a proxy not to be colluding with the resolver operator, the proxy would have to be located outside the administrative domain of the ISP/carrier, i.e. outside their network. Perhaps there is some scenario you envisage where third-parties would host and operate proxies within the ISP/Carrier network? 

Neil

v2.23.0 | Report a Bug | By Email