IETF Logo Mail Archive

Re: [dns-privacy] [Ext] WG Call for Adoption: draft-pauly-dprive-oblivious-doh

Paul Hoffman <paul.hoffman@icann.org> Wed, 17 March 2021 14:58 UTC

Return-Path: <paul.hoffman@icann.org>
X-Original-To: dns-privacy@ietfa.amsl.com
Delivered-To: dns-privacy@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6CF803A0EBD for <dns-privacy@ietfa.amsl.com>; Wed, 17 Mar 2021 07:58:08 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id K6YbLHGO6rfy for <dns-privacy@ietfa.amsl.com>; Wed, 17 Mar 2021 07:58:07 -0700 (PDT)
Received: from ppa3.lax.icann.org (ppa3.lax.icann.org [192.0.33.78]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5484A3A0EB8 for <dns-privacy@ietf.org>; Wed, 17 Mar 2021 07:58:07 -0700 (PDT)
Received: from MBX112-W2-CO-2.pexch112.icann.org (out.mail.icann.org [64.78.33.6]) by ppa3.lax.icann.org (8.16.0.43/8.16.0.43) with ESMTPS id 12HEw6KW011297 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for <dns-privacy@ietf.org>; Wed, 17 Mar 2021 14:58:06 GMT
Received: from MBX112-W2-CO-1.pexch112.icann.org (10.226.41.128) by MBX112-W2-CO-2.pexch112.icann.org (10.226.41.130) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.721.2; Wed, 17 Mar 2021 07:58:05 -0700
Received: from MBX112-W2-CO-1.pexch112.icann.org ([10.226.41.128]) by MBX112-W2-CO-1.pexch112.icann.org ([10.226.41.128]) with mapi id 15.02.0721.013; Wed, 17 Mar 2021 07:58:05 -0700
From: Paul Hoffman <paul.hoffman@icann.org>
To: "dns-privacy@ietf.org" <dns-privacy@ietf.org>
Thread-Topic: [Ext] [dns-privacy] WG Call for Adoption: draft-pauly-dprive-oblivious-doh
Thread-Index: AQHXGy2J9IGxKVVjl0iuRiH7fdKEeKqIutuA
Date: Wed, 17 Mar 2021 14:58:05 +0000
Message-ID: <899CCC5E-A524-4BDA-A385-DCE80C6BF08B@icann.org>
References: <1a1ef163-bef8-0726-8e51-e444e8fe6091@innovationslab.net>
In-Reply-To: <1a1ef163-bef8-0726-8e51-e444e8fe6091@innovationslab.net>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
x-originating-ip: [192.0.32.234]
x-source-routing-agent: Processed
Content-Type: multipart/signed; boundary="Apple-Mail=_44F5F879-814C-4EDA-98A4-9902A0789FA1"; protocol="application/pkcs7-signature"; micalg="sha-256"
MIME-Version: 1.0
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.369, 18.0.761 definitions=2021-03-17_07:2021-03-17, 2021-03-17 signatures=0
Archived-At: <https://mailarchive.ietf.org/arch/msg/dns-privacy/MBI0lRpnlkxBlYhEyE3Gx5RXwYo>
Subject: Re: [dns-privacy] [Ext] WG Call for Adoption: draft-pauly-dprive-oblivious-doh
X-BeenThere: dns-privacy@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <dns-privacy.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dns-privacy/>
List-Post: <mailto:dns-privacy@ietf.org>
List-Help: <mailto:dns-privacy-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 17 Mar 2021 14:58:09 -0000

> Please reply to the mailing list with your views (positive or negative)
> on the WG adopting the document and your supporting arguments.

During the WG meeting last week, I expressed strong negative views about adoption. The ensuing discussion helped change my opinion. I was looking at this as "there are almost no users who would want to turn this on", but then came around to "there are browsers who would want to turn this on for the benefit of their users". If the browser takes responsibility for the additional delay in responses, and takes responsibility for watching for the new failure modes and remediating them, then this protocol might be worthwhile even though it adds delay and complexity.

The deciding factor for me was that the authors turned over protocol control to the WG. The "we've already implemented this" tone in the various presentations in the past few months caused me to assume the opposite.

Thus, I mildly support adoption.

--Paul Hoffman

v2.23.0 | Report a Bug | By Email