IETF Logo Mail Archive

Re: [dns-privacy] Root Server Operators Statement on DNS Encryption

Rob Sayre <sayrer@gmail.com> Wed, 31 March 2021 21:39 UTC

Return-Path: <sayrer@gmail.com>
X-Original-To: dns-privacy@ietfa.amsl.com
Delivered-To: dns-privacy@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 774063A3823 for <dns-privacy@ietfa.amsl.com>; Wed, 31 Mar 2021 14:39:59 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.096
X-Spam-Level:
X-Spam-Status: No, score=-2.096 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id eqwp5WOMuHrh for <dns-privacy@ietfa.amsl.com>; Wed, 31 Mar 2021 14:39:55 -0700 (PDT)
Received: from mail-il1-x131.google.com (mail-il1-x131.google.com [IPv6:2607:f8b0:4864:20::131]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A17EA3A3828 for <dprive@ietf.org>; Wed, 31 Mar 2021 14:39:27 -0700 (PDT)
Received: by mail-il1-x131.google.com with SMTP id z9so334762ilb.4 for <dprive@ietf.org>; Wed, 31 Mar 2021 14:39:27 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=ONfbPS70Ryt9H/yR3PwsIhS1r9bTzUGSOlNQWd1x3i0=; b=jUbGQ2CvyrLUB8MXEcKUmu/SaE5u+MaApkeyG1Q0udFMHjUGB5RfhiQOLcm1Cflveh OjCl5hS5gLUetDVpWfwHqPqClZqJ1X30cMDZ1xU8Go/D24wlL10A/UebexWHvBZjjPd1 1WGbQqSvV6tm9E9NGJrhAifgcXICXEGzUWIz/IirwsY5C44QDmZFD2+v3z0u5HXKx/HQ G3Yjd6UEnBznngrm42kccjqxixp8Zr/l7XmQpCZ3bylvEbxUvqsr4D9/sXFFLyscqF8t ATNxrodo61tJU+pvJQch4xzIwDxCuKR3/PtNMi1oRgqly6tpy/Xqf8fgSDV9WBS04EpN 3rDA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=ONfbPS70Ryt9H/yR3PwsIhS1r9bTzUGSOlNQWd1x3i0=; b=mAiVd6ut7LczsbcYlg4Ml77z62viphRBrxKJ2CYlwWKgNgali/h70p/mTk7FiIMC2T 34xEKaAU5StSheE3pHXeLC9XkkTiBK+UE248tZ/ICAryj0QqgEBVKO0wLJ0NgZamhpZ9 NsRwhvF3XmWha4ppJv3Zy11d85z9xoZUWGR7Ne4SYsGBBtavBWAhGm7/8ELt5a2l11Q9 HY82GuDkGOIiaNWQhtON1BcNI8JKg5ndrpJOXxFc89t+VMWO+P6U526nhMe9YivX1cPV kJBJjZLUWHas583ZK0uTnxLy4gwxhO+b+kOYM2AablVk/I7la6NA860HPNYkh5diMw7Q thgQ==
X-Gm-Message-State: AOAM532bIncLTk7kHxN8dE5WdCufRl2FqsC49fK9BeVSUXrSYNuyb5Oi c2zGHmdfQfFMcQeO8Qj+HeNo3puf19J0lH8l+us=
X-Google-Smtp-Source: ABdhPJyPVVP3HY3+PKhDfpCA070RVFLKIoN3vE0v1Hh0dkgh7OE8uiIKSMOa30l8YzdaUFdm5mxyr7uTisdq1wuOesc=
X-Received: by 2002:a92:d68c:: with SMTP id p12mr4279396iln.73.1617226765662; Wed, 31 Mar 2021 14:39:25 -0700 (PDT)
MIME-Version: 1.0
References: <c925da9089fa4b1e991ec74fc9c11e7f@verisign.com> <CAChr6Sxwao=FAcoeHMuOf0L=JCZ+wvhsr9BNZW_dbt+1=HWQwg@mail.gmail.com> <20210331091238.GA10597@nic.fr> <CAChr6SxPNVAZMYfZqF+K6Xf8FPGa9ZgHkL-uUvtKMEiJSPmp8Q@mail.gmail.com> <2607D274-936F-4A31-9E4D-EEBCF45BE838@pch.net> <CAChr6Szg+EbFqSpFPco8Gyb9pzNNnrSoQJcXTDVeg40_EXiPDg@mail.gmail.com> <4B1CCB51-C777-4434-B28E-76C22C12E4DA@pch.net> <CAChr6Sym=tm-vj-3FB-GbOG6U=U4CFsRE6yyWJk14waZQLbRiQ@mail.gmail.com> <ABD711DE-80CE-4B15-9153-82DA25E4F000@pch.net>
In-Reply-To: <ABD711DE-80CE-4B15-9153-82DA25E4F000@pch.net>
From: Rob Sayre <sayrer@gmail.com>
Date: Wed, 31 Mar 2021 14:39:14 -0700
Message-ID: <CAChr6Swfnc_s_-3TS6NuCzuqWduA-E6270x4uSLNGnTF+sLnmQ@mail.gmail.com>
To: Bill Woodcock <woody@pch.net>
Cc: "dprive@ietf.org" <dprive@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000e37d8d05bedbf202"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dns-privacy/J8Ohb52LWuev_Uh8E_rOBBGht_Q>
Subject: Re: [dns-privacy] Root Server Operators Statement on DNS Encryption
X-BeenThere: dns-privacy@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <dns-privacy.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dns-privacy/>
List-Post: <mailto:dns-privacy@ietf.org>
List-Help: <mailto:dns-privacy-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 31 Mar 2021 21:39:59 -0000

On Wed, Mar 31, 2021 at 2:34 PM Bill Woodcock <woody@pch.net> wrote:

> So you’re saying that we all need to go spend some non-negative number,
> which, for us, is 3x-5x as much, in order that third parties should not
> know the relative volume of recursor cache-misses with respect to different
> TLDs?
>
> Why is this something I would want to spend my money to achieve, when
> there are problems that aren’t hypothetical, and for which there are real
> live constituents, on which I could spend the money instead?
>

I think it's fine if you don't want to implement any given IETF RFC. Plenty
of other businesses have found the cost of encryption to be negligible on
modern networking stacks, especially for long-lived TLS connections.

Your business might be different--you know best there.

thanks,
Rob

v2.8.7 | Report a Bug | By Email