Re: [dns-privacy] I-D Action: draft-ietf-dprive-bcp-op-01.txt
Bob Harold <rharolde@umich.edu> Tue, 18 December 2018 20:01 UTC
Return-Path: <rharolde@umich.edu>
X-Original-To: dns-privacy@ietfa.amsl.com
Delivered-To: dns-privacy@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DE7C9131478 for <dns-privacy@ietfa.amsl.com>; Tue, 18 Dec 2018 12:01:16 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=umich.edu
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zlDRS-Jy0eB9 for <dns-privacy@ietfa.amsl.com>; Tue, 18 Dec 2018 12:01:13 -0800 (PST)
Received: from mail-lj1-x22f.google.com (mail-lj1-x22f.google.com [IPv6:2a00:1450:4864:20::22f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 642D6131324 for <dns-privacy@ietf.org>; Tue, 18 Dec 2018 12:00:54 -0800 (PST)
Received: by mail-lj1-x22f.google.com with SMTP id k15-v6so15308991ljc.8 for <dns-privacy@ietf.org>; Tue, 18 Dec 2018 12:00:54 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=umich.edu; s=google-2016-06-03; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=wN/+Rc6C1j3XHTgdpWz0SySZmoN122lNxmDsrFKhgh4=; b=M4Be79Cobvdvoz9s0EoTKyJzCRtcxDYbR5Zq3uCXmNrcgY9XE3Qt+yogESfgTmh10l SnE2ZxZwqEFjx8xysi+4EXIBQ+Gt3S+LszKdlAQw6hqTz6g5QT7RGdhl9lo2ytBYP2hA Vdl/kyvlr42nGPIJE6/QDaNQWvruADah3cP5e+sLd1MQo27AvgFNCDe2Jcxh+hr6gLiQ GbQNmEBRiGlMsFh3F2G2y6gSs9UZz00FvS9UEtC2PNSjBObtwfe2wbKV9jJBtY8O8uCl KqW+3FDHqtPhMiRcknNRli6rxza9gYI4Z39qPqnlVPh5hfq5NL6hjaIgj1j8Y5vlkAxZ Qfzw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=wN/+Rc6C1j3XHTgdpWz0SySZmoN122lNxmDsrFKhgh4=; b=PjoFovLya86MrM49VZbBeqJ8ttKXO/hZa4Orr/ruWgVjpiI7RD9PU+vjJspXWk9hWM Hh9IVLMaVWZo6HTjhTAUiGTIbe2YGVV1v+ZUY7gJdpyLkm5yNWovWanqu11nQNkeT15l w23RYCyLQKZLySBhtlq9TOvKpizz0DJY+erBEJkxebcyYtEVg0iT2IBLDk9GiFAUigjw UUkscD0XmcuclNlzzkvHQQO8KjXs192M4khXUA5zAqv4cedWK9D410m4XZTWjMb3bIcy dQqX+a5CYSNmkbzZh0NL11HKZT3cHe2YWJK4ZSAiQ7d87BxemXU3nLBR1+bXMREv9Gxc kuig==
X-Gm-Message-State: AA+aEWZbIsxFuBsSNAcCS/I/pcFlw1dV6pINgO72TN3KQxJnV9oL10mI 2IKj09z4jfmvcyFAzF5zQRN61XDaQBsTi/o8dfMDtWmS/B8=
X-Google-Smtp-Source: AFSGD/XN5lbCm8zk9B0bE9atdHPMKRERjN5EMDFeXQL86Bi7MBuPs0Xyw69pPmW8IbnjmcvPw6a2tj3CMTXjLBjhvn0=
X-Received: by 2002:a2e:4218:: with SMTP id p24-v6mr10928869lja.58.1545163252440; Tue, 18 Dec 2018 12:00:52 -0800 (PST)
MIME-Version: 1.0
References: <154515048767.4979.17237875199843234216@ietfa.amsl.com> <9AFD11C9-86EE-4420-9A17-0EFE8EB0CB8F@sinodun.com>
In-Reply-To: <9AFD11C9-86EE-4420-9A17-0EFE8EB0CB8F@sinodun.com>
From: Bob Harold <rharolde@umich.edu>
Date: Tue, 18 Dec 2018 15:00:40 -0500
Message-ID: <CA+nkc8Dy_eKiPjngxiOiR9kohSdgK=PPYjd98m28oRohxd9d7g@mail.gmail.com>
To: sara <sara@sinodun.com>
Cc: dns-privacy@ietf.org
Content-Type: multipart/alternative; boundary="000000000000c834f6057d515a6b"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dns-privacy/KjHkEQ58bD4rB7YDxhSPEiA0nfY>
Subject: Re: [dns-privacy] I-D Action: draft-ietf-dprive-bcp-op-01.txt
X-BeenThere: dns-privacy@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <dns-privacy.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dns-privacy/>
List-Post: <mailto:dns-privacy@ietf.org>
List-Help: <mailto:dns-privacy-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 18 Dec 2018 20:01:21 -0000
On Tue, Dec 18, 2018 at 11:30 AM Sara Dickinson <sara@sinodun.com> wrote: > Hi All, > > We’ve just published an update to the draft with the following updates: > > * Update DoH reference to RFC8484 and add more text on DoH > * Split threat descriptions into ones directly referencing RFC6973 and > other DNS Privacy threats > * Improve threat descriptions throughout > * Remove reference to the DNSSEC TLS Chain Extension draft until new > version submitted. > * Clarify use of whitelisting for ECS > * Re-structure the DPPPS, add Result filtering section. > * Remove the direct inclusion of privacy policy comparison, now just > reference dnsprivacy.org and an example of such work. > * Add an appendix briefly discussing DNSSEC > * Many minor editorial fixes > * Update affiliation of 1 author > > At the mic line at the last IETF meeting where this was discussed (IETF > 102) there was support for both splitting this document up into 2 or more > documents and also keeping everything in a single document. For ease of > review at this point we have not changed the structure but would appreciate > comments about this on the list. > > Best regards > > Sara. > > > On 18 Dec 2018, at 16:28, internet-drafts@ietf.org wrote: > > > > > > A New Internet-Draft is available from the on-line Internet-Drafts > directories. > > This draft is a work item of the DNS PRIVate Exchange WG of the IETF. > > > > Title : Recommendations for DNS Privacy Service > Operators > > Authors : Sara Dickinson > > Benno J. Overeinder > > Roland M. van Rijswijk-Deij > > Allison Mankin > > Filename : draft-ietf-dprive-bcp-op-01.txt > > Pages : 33 > > Date : 2018-12-18 > > > > Abstract: > > This document presents operational, policy and security > > considerations for DNS operators who choose to offer DNS Privacy > > services. With these recommendations, the operator can make > > deliberate decisions regarding which services to provide, and how the > > decisions and alternatives impact the privacy of users. > > > > This document also presents a framework to assist writers of DNS > > Privacy Policy and Practices Statements (analogous to DNS Security > > Extensions (DNSSEC) Policies and DNSSEC Practice Statements described > > in [RFC6841]). > > > > > > The IETF datatracker status page for this draft is: > > https://datatracker.ietf.org/doc/draft-ietf-dprive-bcp-op/ > > > > There are also htmlized versions available at: > > https://tools.ietf.org/html/draft-ietf-dprive-bcp-op-01 > > https://datatracker.ietf.org/doc/html/draft-ietf-dprive-bcp-op-01 > > > > A diff from the previous version is available at: > > https://www.ietf.org/rfcdiff?url2=draft-ietf-dprive-bcp-op-01 > > Minor nits: 5.1.5. Service options DNS Privacy Threats: o Unfairly disadvantaging users of the privacy service with respect to the services available. This could force the user to switch to the services available. providers, fallback to cleartext or accept no DNS service for the outage. "the services available. providers," -> "the available service providers," 5.2.1. Data Handling ... Other Treats "Treats" -> "Threats" -- Bob Harold
- [dns-privacy] I-D Action: draft-ietf-dprive-bcp-o… internet-drafts
- Re: [dns-privacy] I-D Action: draft-ietf-dprive-b… Sara Dickinson
- Re: [dns-privacy] I-D Action: draft-ietf-dprive-b… Bob Harold