Re: [dns-privacy] Trying to understand DNS resolver 'discovery'
"Livingood, Jason" <Jason_Livingood@comcast.com> Wed, 27 November 2019 16:06 UTC
Return-Path: <Jason_Livingood@comcast.com>
X-Original-To: dns-privacy@ietfa.amsl.com
Delivered-To: dns-privacy@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C3235120BD2 for <dns-privacy@ietfa.amsl.com>; Wed, 27 Nov 2019 08:06:01 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.7
X-Spam-Level:
X-Spam-Status: No, score=-2.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_LOW=-0.7, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=comcast.com header.b=KBYU2TLf; dkim=pass (2048-bit key) header.d=comcast.com header.b=gO8NDW/U; dkim=fail (1024-bit key) reason="fail (message has been altered)" header.d=comcastcorp.onmicrosoft.com header.b=g6GB9w1y
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Dx370t_bK01u for <dns-privacy@ietfa.amsl.com>; Wed, 27 Nov 2019 08:06:00 -0800 (PST)
Received: from mx0a-00143702.pphosted.com (mx0a-00143702.pphosted.com [148.163.145.77]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 83BA7120BA2 for <dns-privacy@ietf.org>; Wed, 27 Nov 2019 08:06:00 -0800 (PST)
Received: from pps.filterd (m0184894.ppops.net [127.0.0.1]) by mx0a-00143702.pphosted.com (8.16.0.42/8.16.0.42) with SMTP id xARG4CeO019353 for <dns-privacy@ietf.org>; Wed, 27 Nov 2019 11:06:00 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=comcast.com; h=from : to : subject : date : message-id : references : in-reply-to : content-type : content-id : content-transfer-encoding : mime-version; s=20190412; bh=2x6P0L/9LXA9qr1qi/y9TnG0PQoMH835KCvRrJGBKbg=; b=KBYU2TLfRAWNH2Wjx2dc1mCmdEWydawj/uPgJYr4DXwKb4OEo/6rk046oFJYQsa7lVCs JYDwMnTaXxaH3Dau/YjJ/QxmyUVmGJAbci1ZBqCF2LUPy6Xf96P9sr4OU4WqXd0yZYcb GJgb2QEVe05Mkt4VMzkl8Yprhl474hHz5hzVcoVT5ru6ZR38cq+rl/Vw7YyptOpVLCAu 1QEB1+cGS3GvoD0oX+ZHFakboUkVAW6dH/gfz/290DsL1rLBv5uIfuPXVxKxjy1BxkzP 6nEH+wwzGtcmeM1fnVqE5AVVcXxbSAvEaXTHBHeL8mSUSzF3iW3s5zARvDOJ7aX5gw6q sg==
Received: from copdcmhout02.cable.comcast.com (copdcmhout02.cable.comcast.com [96.114.158.212]) by mx0a-00143702.pphosted.com with ESMTP id 2whcx9wd30-28 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for <dns-privacy@ietf.org>; Wed, 27 Nov 2019 11:05:59 -0500
DKIM-Signature: v=1; a=rsa-sha256; d=comcast.com; s=20190412; c=relaxed/simple; q=dns/txt; i=@comcast.com; t=1574870759; x=2438784359; h=From:Sender:Reply-To:Subject:Date:Message-ID:To:Cc:MIME-Version:Content-Type: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=2x6P0L/9LXA9qr1qi/y9TnG0PQoMH835KCvRrJGBKbg=; b=gO8NDW/U2K820kXVOtGGGu6ukNDre6b3SNxJc5UQXz5xtd3LHmvavvAP3Ag2DQBP hR+9t7A6VHDUy6JNzJZVEGNHf0hL/QJ4fPLOXo/T2wq44WagopMpxv05jzENM1Sl hSYuAtOyNlU8LUBiK0Led3cwYXKPLq571JjM0miNo+1LQNT4T/xSeZkU12mbDsgj XYiUbCYBjhgjALy8fP2i0WNB6kuN7HScWSpqJTYi7yyHH9PgvvyZoPpXDcGJjTgT 0HHau7QSItyJ59mjwqc3EfhPX9tBj6CfTbrM22eCW4pmW8sBMJWBzNBl/sZmDtgd ULW7cpy2SI+zbqo50NQxyg==;
X-AuditID: 60729ed4-24fff7000000bc72-fd-5dde9ee7dd32
Received: from COPDCEX24.cable.comcast.com (copdcmhoutvip.cable.comcast.com [96.114.156.147]) (using TLS with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (Client did not present a certificate) by copdcmhout02.cable.comcast.com (SMTP Gateway) with SMTP id 30.7A.48242.7EE9EDD5; Wed, 27 Nov 2019 09:05:59 -0700 (MST)
Received: from COPDCEX49.cable.comcast.com (147.191.125.148) by COPDCEX24.cable.comcast.com (147.191.124.155) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Wed, 27 Nov 2019 09:05:58 -0700
Received: from COPDCEXEDGE01.cable.comcast.com (96.114.158.213) by COPDCEX49.cable.comcast.com (147.191.125.148) with Microsoft SMTP Server (TLS) id 15.0.1473.3 via Frontend Transport; Wed, 27 Nov 2019 09:05:58 -0700
Received: from NAM03-DM3-obe.outbound.protection.outlook.com (104.47.41.55) by webmail.comcast.com (96.114.158.213) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Wed, 27 Nov 2019 11:05:49 -0500
Received: from BY5PR11MB4403.namprd11.prod.outlook.com (52.132.252.96) by BY5PR11MB4450.namprd11.prod.outlook.com (52.132.253.84) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2495.18; Wed, 27 Nov 2019 16:05:48 +0000
Received: from BY5PR11MB4403.namprd11.prod.outlook.com ([fe80::c15e:699c:749e:790a]) by BY5PR11MB4403.namprd11.prod.outlook.com ([fe80::c15e:699c:749e:790a%7]) with mapi id 15.20.2474.023; Wed, 27 Nov 2019 16:05:48 +0000
From: "Livingood, Jason" <Jason_Livingood@comcast.com>
To: Stephane Bortzmeyer <bortzmeyer@nic.fr>, "dns-privacy@ietf.org" <dns-privacy@ietf.org>
Thread-Topic: [dns-privacy] Trying to understand DNS resolver 'discovery'
Thread-Index: AQHVpS733D88/9k8tEiKz75oDQXCuqee2uAA
Date: Wed, 27 Nov 2019 16:05:48 +0000
Message-ID: <716ED073-F71D-412C-A54B-D060DDC6F469@cable.comcast.com>
References: <CAMm+Lwig+90Riqav6BT6D-0n4pZJFgAr3p996Q+qXJSPt0kqBQ@mail.gmail.com> <20191126180441.GA4452@sources.org> <CY4PR1601MB125470ADE243F60FB710E8C7EA440@CY4PR1601MB1254.namprd16.prod.outlook.com> <20191127142842.GA18601@nic.fr>
In-Reply-To: <20191127142842.GA18601@nic.fr>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/10.1f.0.191110
x-originating-ip: [71.225.154.72]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: e7521800-4fac-4ac3-5260-08d77353ab26
x-ms-traffictypediagnostic: BY5PR11MB4450:
x-microsoft-antispam-prvs: <BY5PR11MB445012169650344042C94FA3C7440@BY5PR11MB4450.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:7691;
x-forefront-prvs: 023495660C
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(136003)(346002)(366004)(376002)(396003)(39860400002)(199004)(189003)(305945005)(33656002)(102836004)(66556008)(66476007)(66446008)(64756008)(6506007)(86362001)(66066001)(53546011)(66946007)(186003)(26005)(110136005)(229853002)(7736002)(76116006)(91956017)(66574012)(80792005)(6246003)(76176011)(6436002)(2501003)(6486002)(446003)(58126008)(6512007)(316002)(5660300002)(8936002)(14454004)(99286004)(2616005)(2906002)(478600001)(8676002)(6116002)(81156014)(81166006)(14444005)(3846002)(71200400001)(71190400001)(11346002)(25786009)(256004); DIR:OUT; SFP:1102; SCL:1; SRVR:BY5PR11MB4450; H:BY5PR11MB4403.namprd11.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: cable.comcast.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: cEMHBOBZKRV66oX4Q+t3eIpZ80/akRiIA05PzgEJyxSEuJs0uPvu+3xgeGGmAZbfian9PbBG/lXwYdSIeXJazfC+0muj4SSywqNLfSqGEFso1/7elJud0GmoUX6vMdMNfaXZh2NaTZvKo/nm5DmNOp6+8kcYfUqhO+A6Z/ccQ5ZIxmpeapIsU5WJTZ2ijJUSz5B7bY0rLUQfaWnwoi/obql3mLgNTDNXLMIT4t2plaT4X1Qde8/YqltS8AmRaYv1p1RAO/Y089HOolRdoEWbwA+hbEmPiZlRy7TiGr9Z88BA5UIguwnLGexmggd4euPhEAW8onxwd5GhnkedeyD8DuB+k2SzLB+rgRF0AYBplaocs38YuiQn0d0oFrexvxVPbdlWjrwWVtE9O9500GE/Av/sW9d5kdgi4tSuHaDCA/cCh88zIM1NspeA5sOW8CdX
x-ms-exchange-transport-forked: True
arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=e9BuUoYsSIVb7zn7Opf7eqUetKHmlx7ivga68GjTr8Et6sHs3Vc1zHIlEuQAmKYKxElzX6Z5ADFvXpn6/GyakGTIAfw/mVRJzfdlx7hEGhOpmpFV39Twqd7aAdL2O/KITlFkiapC4TI+4tVcXLmSAjAxkrPNeAKuyuvnVhEk1Vr10uuw5JHQcxJbNy4EZLOiQezvuphB7DmDVWPoNw2xdlzsaoDwsmchYfb3ns03OIXClSoYcIlrY2yagtKBxES7bLi3jDGyeAxSYA956zlBgoH3ijw7Sc1gNNmukbrUhJVfpagSvPQ2yCO42L/0ZKTPnQgtWkcSoPtj2ssmO82yeA==
arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=PWTjHqJRtmpi8vaW9IqRQbm2ZHDqhop3wq0XirWTGpY=; b=B+WWpBWEgRe1WxA6KnLF5N8u1rctpBTO7aPrSrWSq6d/ZUzsvABjO2Rt/8h5R0/xAXV9dry+CDjMOPafQD4dCJ3zSgBZJ02L9mbJB12+ZD9ba0vcBe+E8Dl2gTaHOZ6YsS/F9dl4cLSlf8lffcXtVGYXkx3BxOs16yLdjrdmOp5s6h+FdwPsh3rgDFz+3h3+Ht44ACvkCVH98zOmMaSBwUHQMTrYHzJmKjQdTFyeykN5nTMJD/y0NNosISiHpFo+wtPUZiy1D099JF1sCkW2uzTZkYI+0kFiF6LRyBw4up71CH2FKwkLHT9ARGWd4DkBjAMeoHv7f7ay7zekSjXLEQ==
arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cable.comcast.com; dmarc=pass action=none header.from=cable.comcast.com; dkim=pass header.d=cable.comcast.com; arc=none
dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=comcastcorp.onmicrosoft.com; s=selector1-comcastcorp-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=PWTjHqJRtmpi8vaW9IqRQbm2ZHDqhop3wq0XirWTGpY=; b=g6GB9w1y3c9mSuS+SBnMdJ1KuFWtep2gRHbR/w0Fu8j6MUkmGQILHQTICrJhjtPcDkfzHktak9BZfk+yFxFFPWzw2eSEZFLDlfDaG9dmOj6/dOVaVSYECqK9uXpGypPX4uAQTLCGsp6a611DEG8fd0GFgU8GLhCAHXX0AzJTUrQ=
x-ms-exchange-crosstenant-network-message-id: e7521800-4fac-4ac3-5260-08d77353ab26
x-ms-exchange-crosstenant-originalarrivaltime: 27 Nov 2019 16:05:48.5480 (UTC)
x-ms-exchange-crosstenant-fromentityheader: Hosted
x-ms-exchange-crosstenant-id: 906aefe9-76a7-4f65-b82d-5ec20775d5aa
x-ms-exchange-crosstenant-mailboxtype: HOSTED
x-ms-exchange-crosstenant-userprincipalname: oOBOzTIvC4Rm1xMmvFId/FKahW12h1igFIoHsTjhKT9jNHy/fu3AnxzLNerVAlPalK36rQgfophg1skqpfX1rUukaCrEZvMj/eXcX+BZr4w=
x-ms-exchange-transport-crosstenantheadersstamped: BY5PR11MB4450
x-originatororg: cable.comcast.com
Content-Type: text/plain; charset="utf-8"
Content-ID: <155AA23144818340984E409DC73EC4C2@namprd11.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-CFilter-Loop: Forward
X-Brightmail-Tracker: H4sIAAAAAAAAA22Sf0hTURTHu+9t8ylOrivzlCU1SGilazLFoiJQYQlF+IdBOPOF12auaW8q rSBmEdVEnSxair9bJZZkaaWmRAvEysx0GpVZ6iwFRStl9Y+17U0I8v71+Z7zPedczr0MLfkj XM9k6fIIp2O1UlGAIJ2rtER+qx5V75iyh8WZ66ZRXPPFNuE+SmWz/aZUZUvN1CHqiBHtztNw hM1LIJlEpyd7Azb9d3YfI5k5HElkOa0hmWgJu7LN48wg2qwCwslXbCNfsU+6idL0LLylc7sD T7feeoqMqDLQhBgGsBJuzupNyJ+R4OcUlLZlmlCAm+0IiiudIl6MuMWT1zQvehBUTXdQvLBQ 0P/OJuLrxxFMWWUeFuFY+FTnoD28BqfCi18zXl6NVdBT1kjx8f1Q2Dcg4jkaJiaveOMCvAVK Hw0jD4txApSZrUJ+2BwCc9l3gSfhj7fDk36n0MMIrwXXy7veYhqHwgdnjZcBY7B1vqF5DoHp iSWvPwTLYcTU5cfXZsANU73PvxmGG/sRzxthoKbIxwfg+v3vPo8M6seKfJwN865lfwT8nHT4 Zm2AS4tXvOsC7BDCtSGjn2fZEnwCZof28p5waCweE5iRsuKfa1e4XTTeCvc65HxYBdaZYgHP m+Fq0ZhfhXctwfCi3CmoRcJGFLQzNkqhUEYpYuKiohXRD5D3W1Y72tCgVWVHmEHSQPGqqlG1 RMgW6A0n3S/L0NI14m3PR9QScQZrOEO4nKNcvpbo7SiMEUhDxUFNtWoJPs7mkWxCcgm3nKUY //VGdCe11vpqQfMx5dScaNue6sHe9s51Y2dtxYUN+UHhZ0OT+r/uQqLFFE3worP1x/n8ZGkh 13Bu4HPL7OPENIMlu6UpLdlykI5R182fjzdAR2SJqfzwb1dSat8+xe2HEaWXXV2y8RDZl1rV BfUzprc51PIsvqrpvS6sXflzXXqJuVsq0GtYhYzm9OxfRhuELZIDAAA=
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.95,18.0.572 definitions=2019-11-27_04:2019-11-27,2019-11-27 signatures=0
X-Proofpoint-Spam-Reason: safe
Archived-At: <https://mailarchive.ietf.org/arch/msg/dns-privacy/Kafj_ZzxhNeTpg53QYgPcrlUlkM>
Subject: Re: [dns-privacy] Trying to understand DNS resolver 'discovery'
X-BeenThere: dns-privacy@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <dns-privacy.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dns-privacy/>
List-Post: <mailto:dns-privacy@ietf.org>
List-Help: <mailto:dns-privacy-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 27 Nov 2019 16:06:02 -0000
On 11/27/19, 9:29 AM, "dns-privacy on behalf of Stephane Bortzmeyer" <dns-privacy-bounces@ietf.org on behalf of bortzmeyer@nic.fr> wrote: > For instance, if your access provider has a lying resolver I just wanted to take a moment to note that choosing to use the term 'lying' when describing resolver behavior is unnecessarily negative and seems designed to be intentionally divisive. This does not IMO contribute to a productive discussion and exchange of views at the IETF. As has been long demonstrated here and in DNSOP, not all DNS modification can be considered 'lying' - given that lying obviously implies it is a negative thing that is counter to user preferences. For example, an opt-in parental control service that modifies responses is not a negative use case from the perspective of that user/parent. Similarly, a DNS modification in an enterprise that blocks malware C2 FQDNs is also from the enterprise's perspective a good thing. It seems a better approach is to simply use a neutral term and call this DNS modification. Whether that is good or bad will depend on the particular use case or situation or other factors. Thanks Jason
- [dns-privacy] Trying to understand DNS resolver '… Phillip Hallam-Baker
- Re: [dns-privacy] Trying to understand DNS resolv… Brian Dickson
- Re: [dns-privacy] Trying to understand DNS resolv… Stephane Bortzmeyer
- Re: [dns-privacy] Trying to understand DNS resolv… Stephane Bortzmeyer
- Re: [dns-privacy] Trying to understand DNS resolv… Brian Dickson
- Re: [dns-privacy] Trying to understand DNS resolv… Phillip Hallam-Baker
- Re: [dns-privacy] Trying to understand DNS resolv… Konda, Tirumaleswar Reddy
- Re: [dns-privacy] Trying to understand DNS resolv… Konda, Tirumaleswar Reddy
- Re: [dns-privacy] Trying to understand DNS resolv… Konda, Tirumaleswar Reddy
- Re: [dns-privacy] Trying to understand DNS resolv… Neil Cook
- Re: [dns-privacy] Trying to understand DNS resolv… Neil Cook
- Re: [dns-privacy] Trying to understand DNS resolv… Konda, Tirumaleswar Reddy
- Re: [dns-privacy] Trying to understand DNS resolv… Neil Cook
- Re: [dns-privacy] Trying to understand DNS resolv… Konda, Tirumaleswar Reddy
- Re: [dns-privacy] Trying to understand DNS resolv… Konda, Tirumaleswar Reddy
- Re: [dns-privacy] Trying to understand DNS resolv… Stephane Bortzmeyer
- Re: [dns-privacy] Trying to understand DNS resolv… Neil Cook
- Re: [dns-privacy] Trying to understand DNS resolv… Konda, Tirumaleswar Reddy
- Re: [dns-privacy] Trying to understand DNS resolv… Stephane Bortzmeyer
- Re: [dns-privacy] Trying to understand DNS resolv… Neil Cook
- Re: [dns-privacy] Trying to understand DNS resolv… Konda, Tirumaleswar Reddy
- Re: [dns-privacy] Trying to understand DNS resolv… Konda, Tirumaleswar Reddy
- Re: [dns-privacy] [EXTERNAL] Re: Trying to unders… Winfield, Alister
- Re: [dns-privacy] Trying to understand DNS resolv… Livingood, Jason
- Re: [dns-privacy] Trying to understand DNS resolv… Livingood, Jason
- Re: [dns-privacy] Trying to understand DNS resolv… Andrew Campling
- Re: [dns-privacy] Trying to understand DNS resolv… Konda, Tirumaleswar Reddy
- Re: [dns-privacy] Trying to understand DNS resolv… Kenji Baheux
- Re: [dns-privacy] Trying to understand DNS resolv… Livingood, Jason
- Re: [dns-privacy] Trying to understand DNS resolv… Vittorio Bertola
- Re: [dns-privacy] [EXTERNAL] Re: Trying to unders… Winfield, Alister
- Re: [dns-privacy] [EXTERNAL] Re: Trying to unders… Phillip Hallam-Baker