Re: [dns-privacy] Datatracker State Update Notice: <draft-ietf-dprive-rfc7626-bis-04.txt>
Eric Rescorla <ekr@rtfm.com> Fri, 06 March 2020 13:33 UTC
Return-Path: <ekr@rtfm.com>
X-Original-To: dns-privacy@ietfa.amsl.com
Delivered-To: dns-privacy@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0C9693A0F8E for <dns-privacy@ietfa.amsl.com>; Fri, 6 Mar 2020 05:33:01 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.895
X-Spam-Level:
X-Spam-Status: No, score=-1.895 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=rtfm-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ThM2KFX48C89 for <dns-privacy@ietfa.amsl.com>; Fri, 6 Mar 2020 05:32:56 -0800 (PST)
Received: from mail-lf1-x143.google.com (mail-lf1-x143.google.com [IPv6:2a00:1450:4864:20::143]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A40783A0EB2 for <dns-privacy@ietf.org>; Fri, 6 Mar 2020 05:32:55 -0800 (PST)
Received: by mail-lf1-x143.google.com with SMTP id b13so1888607lfb.12 for <dns-privacy@ietf.org>; Fri, 06 Mar 2020 05:32:55 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rtfm-com.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=M3wahY7Sm4w06uy6/yJtkr3Tw59y+fhndrJwu39C0Sc=; b=Uevezx3pJVyNhWSdz/osWfbrazenBYoLtkTrQGo/2egQ0X0BjEC/g4o3wIamXPrqiP shENxu4UgEJVEoxwV3tnM9HnQH5v2xkM129aHKrPevWdfzeCdE+/mZwAPWQhgX+yzpKv k+1loCxxDJ005uh2mueR1BTFnq27wMPB8qLeUyRDTAMdEKf4URxphHiQ+fKhbJzhkPA/ H1SJ1Oe7sbXz7g2Bo8dUDIDWLG89FTn/S3sbKM4pu6yP3PUyhqKRasqdzfDw0GS0/thi R3USV9p/28Zyj2FGewwLjIcDfbhVHFekioD9Z3Eraw0am9WrnGrQL18hO1MsCjXjUNvc H91w==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=M3wahY7Sm4w06uy6/yJtkr3Tw59y+fhndrJwu39C0Sc=; b=VOSe8AtdO6rXEoIcGI41+exhdIWVYI2LzUJEuzgxjJ5qpZMaI6Zu8/NIyZ3xNyNiJl qR/7SSgWGS3plN/xxeFR91qDiMI1a58nv+Z8D0UcJwZbxt+Nnsjx58z2swU4yLSdoSbA fTak6z/MjuMXHvomSUm8Zif2G2qb6H9EDK8Ngnf8dV1KJHaUWMCpmH3x4NiKow5uDQaC Quje59fMzbQ6+Dlw5PH0w8vqNX2oY61PBlC1Mjr0PPw98NDDEPUk84vcfCCEq1FLjjfF PxsMYiJvUiRKQWGzgEoEdCAA9Un9YFKwiXkE7hGd2Q9GGIAz8SRe2kjs95weQrZPz3TE pYQQ==
X-Gm-Message-State: ANhLgQ2QSYpEI7mKdhSM8AZ2CdoJ68pgohSKBoNTxWnrQp+YR3frQtgS GeTpvKdYFFL0Yek2eSMSSHBC9Gmneooot2D4K2u2RA==
X-Google-Smtp-Source: ADFU+vtvUOe9AN3gqTu2YQayui4F5ti8HHefvCe/Upq03pjzPK1eHNRbc9JwZmS7o0K187UW11dvmCdDgtLwa17KO9U=
X-Received: by 2002:a19:2247:: with SMTP id i68mr148721lfi.168.1583501573730; Fri, 06 Mar 2020 05:32:53 -0800 (PST)
MIME-Version: 1.0
References: <157955609351.1744.15099511006231348523.idtracker@ietfa.amsl.com> <417BE033-4DE5-452A-BE93-0657C83051BC@cisco.com> <CABcZeBPK3yAaoai4ccd=hSffk5cAhoSC7gnBNqs36x-xJf=R-Q@mail.gmail.com> <503E2696-AB4A-4020-90CC-802D312D23AF@sinodun.com> <CABcZeBOiEu8qO_VHtHc7Fs47Wh0tGDn3ywM5LDZtWoxuHZ_isw@mail.gmail.com> <721AD54C-0324-4400-8492-4AA19A64699D@sinodun.com> <CABcZeBP4CknS=9Y96CqgykChg4H_jrgkaWmHPN4319+nXe=10w@mail.gmail.com> <CAH1iCiobuYitR26Hh0pbYpA_JZoB1a1iMyHJs1FAgW9GtOk56g@mail.gmail.com> <CABcZeBNa-OTEYjnL=+-F=WK3hZiOWmty1S=FC43Fr3CxuCPE_g@mail.gmail.com> <32D26638-2464-4E7B-8869-C65F773EF5F2@sinodun.com>
In-Reply-To: <32D26638-2464-4E7B-8869-C65F773EF5F2@sinodun.com>
From: Eric Rescorla <ekr@rtfm.com>
Date: Fri, 06 Mar 2020 05:32:17 -0800
Message-ID: <CABcZeBNnAZ1ttKHdtZMwWZGvWAYn3jZBps+hXOBMHQXgaKPUEA@mail.gmail.com>
To: Sara Dickinson <sara@sinodun.com>
Cc: Brian Dickson <brian.peter.dickson@gmail.com>, "Eric Vyncke (evyncke)" <evyncke@cisco.com>, "dprive-chairs@ietf.org" <dprive-chairs@ietf.org>, "dns-privacy@ietf.org" <dns-privacy@ietf.org>, "draft-ietf-dprive-rfc7626-bis@ietf.org" <draft-ietf-dprive-rfc7626-bis@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000cdc09f05a02fb047"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dns-privacy/Qssklq7cM3SbLxiflB-13aLl5Dg>
Subject: Re: [dns-privacy] Datatracker State Update Notice: <draft-ietf-dprive-rfc7626-bis-04.txt>
X-BeenThere: dns-privacy@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <dns-privacy.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dns-privacy/>
List-Post: <mailto:dns-privacy@ietf.org>
List-Help: <mailto:dns-privacy-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 06 Mar 2020 13:33:06 -0000
On Mon, Mar 2, 2020 at 7:16 AM Sara Dickinson <sara@sinodun.com> wrote: > > > On 29 Feb 2020, at 02:03, Eric Rescorla <ekr@rtfm.com> wrote: > > > > On Fri, Feb 28, 2020 at 4:50 PM Brian Dickson < > brian.peter.dickson@gmail.com> wrote: > >> >> >> On Fri, Feb 28, 2020 at 3:15 PM Eric Rescorla <ekr@rtfm.com> wrote: >> >>> >>> >>> On Wed, Feb 26, 2020 at 6:19 AM Sara Dickinson <sara@sinodun.com> wrote: >>> >>>> >>>> >>>> On 23 Jan 2020, at 13:53, Eric Rescorla <ekr@rtfm.com> wrote: >>>> >>>> On Thu, Jan 23, 2020 at 5:08 AM Sara Dickinson <sara@sinodun.com> >>>> wrote: >>>> >>>> >>>> >>>> On 20 Jan 2020, at 22:37, Eric Rescorla <ekr@rtfm.com> wrote: >>>> >>>> Review comments attached: >>>> >>>> >>>> COMMENTS >>>>> S 3.1. >>>>> > described above, and may not have any confidentiality >>>>> requirements. >>>>> > However, the same is not true of a single transaction or a >>>>> sequence >>>>> > of transactions; that transaction is not / should not be >>>>> public. A >>>>> > typical example from outside the DNS world is: the web site of >>>>> > Alcoholics Anonymous is public; the fact that you visit it >>>>> should not >>>>> > be. >>>>> >>>>> Well, technically what you want to conceal is the origin of the >>>>> transaction or its linkage to other transactions. The existence of the >>>>> query for that A record isn't secret. >>>>> >>>>> >>>>> Suggest: >>>>> >>>>> “that transaction (and specifically the origin of that transaction) is >>>>> not / should not be public." >>>>> >>>> >>>> The parenthetical swallows the main sentence. The accurate thing to say >>>> is: >>>> >>>> In general, the existence of a single query is not sensitive -- though >>>> there may be exceptions >>>> for some very low use domains. However, the origin of a given query may >>>> leak information >>>> about specific users and the ability to link queries reveals >>>> information about individual use >>>> patterns. >>>> >>>> >>>> To fit with existing text suggest: >>>> >>>> However, the same is not true of a single transaction or a sequence >>>> of transactions; those transaction are not / should not be public. A >>>> single >>>> transactions reveals both the originator of the query and the query >>>> contents which potentially leaks sensitive information about a >>>> specific user. A >>>> typical example from outside the DNS world is: the web site of >>>> Alcoholics Anonymous is public; the fact that you visit it should not >>>> be. >>>> >>> >>> I find this text a bit clumsy, but OK. >>> >>> >>> Furthermore, the ability to link queries reveals information about >>>> individual use patterns. >>>> >>> >>> The key thing is "link queries as being from the same user” >>> >> > OK - will include that. > > > >>> >>>> <snip> >>>> >>>> >>>> >>>>> >>>>> >>>>> >>>>> >>>>> S 3.4.2. >>>>> > services available. Given this, the choice of a user to >>>>> configure a >>>>> > single resolver (or a fixed set of resolvers) and an encrypted >>>>> > transport to use in all network environments can actually serve >>>>> to >>>>> > identify the user as one that desires privacy and can provide an >>>>> > added mechanism to track them as they move across network >>>>> > environments. >>>>> >>>>> I don't understand this paragraph. It's not the choice of specific >>>>> resolvers that leaks data, but the choice to turn on encryption, In >>>>> fact, from an identification purpose, the more resolvers that support >>>>> encrypted transport, the better signal this is. >>>>> >>>>> >>>>> This was driven by an observation that many early adopters set up >>>>> their own DoT server and used that from all their devices, which could act >>>>> as a way to identify that user. >>>>> >>>> >>>> 1. This seems like an edge case. >>>> 2. We already have plenty of people running their own unencrypted >>>> resolvers for other reasons. >>>> >>>> >>>> I can live with removing this text, but it does seem there is something >>>> to say about the fact configuring a single resolver for a device could >>>> differentiate a user…. >>>> >>> >>> Sure, but this has nothing to do with DoH or DoT. >>> >>> >> I think the text might be clearer if the bit "as one that desires privacy >> and" were removed. >> The issue isn't whether a specific user desires privacy, it is whether a >> specific user can be identified and tracked. >> >> This RFC update, is about privacy. >> This particular section is on encrypted transport. >> This paragraph is highlighting that configuring a static list of >> resolvers, even if those use encrypted transport, may expose the user to >> privacy risks due to that constant set of resolvers, as the user moves >> between networks. >> And this risk is inversely proportional to the number of users of the >> resolver. >> Maybe this last bit needs to be added to emphasis why this is a risk? >> >> It's about the fact that DoH/DoT don't protect against this or mitigate >> it, even if the payload is encrypted. I.e. it doesn't not have anything to >> do with DoH/DoT; it's bigger than DoH/DoT, and DoH/DoT don't fix the >> problem. >> > > Yes, I agree with that, but this risk is generic to DNS even if you use > your own resolver (e.g., pihole) which we know people do. Therefore it does > not belong in this section as a risk of DoH/DoT.. > > > I think the more general case is alluded to in the forth bullet point of > section 3.4.1 without being called out specifically…. > > One option would be update the first sentence of that bullet point to say > “The recursive resolver can be a public DNS service (or a privately run DNS > resolver hosted on the public internet).” and to add the following sentence > to the end of the bullet point > > “It can be noted that the choice of a user to configure a single resolver > (even when using an encrypted transport) can actually serve to aid tracking > of that user as they move across network environments." > > Then remove the fifth paragraph from section 3.4.2? > This seems close. "It can be noted that if the user selects a single infrequently used resolver (even when using an encrypted transport) it can actually serve to aid tracking of that user as they move across network environment" I think we can agree that using Google Public DNS probably doesn't have this property. > >> >>> >>> >>>> >>>> >>>>> >>>>> S 3.5.1..1.2. >>>>> > >>>>> > o communicate clearly the change in default to users >>>>> > >>>>> > o provide configuration options to change the default >>>>> > >>>>> > o provide configuration options to always use the system >>>>> resolver >>>>> >>>>> I get that you think this is neutral, but all of this is equally true >>>>> about dynamic discovery via DHCP, it's just that that's the status >>>>> quo, so you don't notice it. In this context, this text is tendentious. >>>>> >>>>> >>>>> The first paragraph of section 3.5.1.1 talks about the variability of >>>>> DNS resolution privacy with network (assuming DHCP). I can add some text >>>>> there to better explain the status quo if you think it is needed. Suggest: >>>>> >>>>> “Typically joining a new network requires some form of user action >>>>> (e.g physically plugging in a cable or selecting a network in a OS >>>>> dialogue) and so a user is also implicitly choosing to use the >>>>> DHCP-provided resolver via this action too." >>>>> >>>> >>>> The user has no idea that such a DHCP resolver even exists. And you >>>> could say the same thing about the user's choice to install an application >>>> with its own resolver selection logic. >>>> >>>> >>>> >>>>> I can’t think of a mobile or desktop OS that doesn’t allow users to >>>>> override the DHCP provided DNS settings…. but I could text about that in >>>>> section 5.1.1. if you really think it is needed? >>>>> >>>> >>>> This isn't about that. AFAICT most major applications also allow you to >>>> use the system resolver choices. Rather, the issue here is the repeated >>>> arguments in this discussion (which you implicitly accept above) that the >>>> current status quo somehow represents user choice whereas an application >>>> choosing its own resolver does not. And both this text and your proposed >>>> text implicitly takes a position on that. >>>> >>>> >>>> I think that is reading quite a bit into the text however, to reduce >>>> any implicit misinterpretation I propose trying to further align the two >>>> sections… >>>> >>>> 1) Replace the first paragraph in section 3.5.1.1 with the following: >>>> >>>> "Given all the above considerations, the choice of recursive resolver >>>> has direct privacy considerations for end users. Historically, end user >>>> devices have used the DHCP-provided local network recursive resolver. >>>> Because of this, the choice by a user to join a particular network (e.g. >>>> by physically plugging in a cable or selecting a network in a OS dialogue) >>>> also determines the default system DNS resolver selection; the two are >>>> directly coupled in this model. >>>> >>>> The vast majority of users do not change their default system DNS >>>> settings and so implicitly accept the network settings for DNS. The network >>>> resolvers have therefore historically been the sole destination for all of >>>> the DNS queries from a device. These resolvers may have strong, medium, or >>>> weak privacy policies depending on the network. Privacy policies for these >>>> servers may or may not be available and users need to be aware that privacy >>>> guarantees will vary with network. >>>> >>>> All major OS’s expose the system DNS settings and allow users to >>>> manually override them if desired.” >>>> >>>> >>>> 2) And replace the second paragraph of 3.5.1.1.2 with this: >>>> >>>> "Such application-specific settings introduce new control points on end >>>> user devices for DNS resolution settings in addition to the historically >>>> used system settings discussed in Section 3.5.1.1. They therefore alter the >>>> DNS privacy considerations for the device by introducing additional >>>> destinations for DNS queries. >>>> >>>> Users will only be aware that a new control point (with new defaults) >>>> exists if an application clearly communicates this to the user on install >>>> or upgrade. >>>> >>> >>> This reflects status quo bias. If you want to say this, then you need to >>> point out that essentially no OS clearly communicates that it is selecting >>> the DHCP resolver. >>> >> >> IMHO, this is fair, and probably adds a bit of clarity; perhaps some >> wordsmithing on the start of 3.5.1.1 would benefit both this and other >> subsections of 3.5.1.1. >> Suggestion: >> >> Old: "Historically, end user devices have used the DHCP-provided local >> network recursive resolver, which may have strong, medium, or weak >> privacy policies depending on the network." >> >> New: "Historically, end user devices have used the OS-selected recursive resolver, >> whose identity is not exposed or discoverable. The OS may have been >> configured with a static set of resolvers, or may use a DHCP-provided local >> network resolver. This OS-selected resolver may have strong, medium, or >> weak privacy policies, which for DHCP provided resolvers may depend on >> the network." >> >> The gist of this is, over-riding the default has effects that the >> application cannot know, because the OS resolver choice is generally not >> known, and by extension, the privacy policies cannot be known. >> > > I don't believe this is accurate. In general there are (not that portable) > mechanisms for determining the DNS configuration, as is done in Chromium: > > https://cs.chromium.org/chromium/src/net/dns/?sq=package:chromium&dr=CSs&g=0 > > > I’m fine with Ekr’s original suggestion by replacing the last sentence in > the first paragraph with the following: > > "The choice by a user to join a particular network (e.g. by physically > plugging in a cable or selecting a network in a OS dialogue) typically > updates a number of system resources - these can include IP addresses, > availability of IPv4/IPv6, DHCP server, and DNS resolver. These individual > changes, including the change in DNS resolver, are not normally > communicated directly to the user by the OS when the network is joined. The > choice of network has historically determined the default system > DNS resolver selection; the two are directly coupled in this model. > WFM. > > > > > >> >>> >>> >>> The vast majority of users do not change default application-specific >>>> settings and so implicitly accept the application-specific settings for >>>> DNS. As with network resolvers, these resolvers may have strong, medium, or >>>> weak privacy policies depending on the application. Privacy policies for >>>> these servers may or may not be available and users need to be aware that >>>> privacy guarantees will vary with each application. >>>> >>>> For users to have the ability to inspect and control the >>>> application-specific DNS settings in a similar fashion to the OS DNS >>>> settings, each application must also: >>>> >>>> o expose the default settings to the user >>>> >>>> o provide configuration options to manually override the default >>>> settings >>>> >>>> o provide configuration options to always use the system resolver" >>>> >>> >>> This last point is wrong. The parallel here would be to use the *network >>> provided* resolver, not the system resolver. I would suggest that you be >>> less prescriptive about this and just say "applications will need to >>> provide user-visible options to configure the resolver." I would avoid >>> "must" (even in lower case) because this is a statement of fact, not a >>> normative one. >>> >> > >> No, system resolver is accurate. In addition to not knowing what possible >> resolver is offered by DHCP, the application can't know if DHCP (i.e. >> network provided) is even being used -- the system could be using a static >> choice of resolver, or even other non-DNS resolution services (e.g. NIS+). >> > > It turns out that there are at least three options here: > > - Select your own resolver > - Select the resolver *configured into the system* (AIUI this is what > Chrome does). > - Use the system resolver via the conventional API calls. > > > Suggest: > > "For users to have the ability to inspect and control the > application-specific DNS settings in a similar fashion to the OS DNS > settings, each application also needs to: > > o expose the default settings to the user > > o provide configuration options to manually override the default > settings so that resolution is performed via > * user specified resolvers > * the resolvers configured into the system settings > * the system resolver via conventional API calls > > If all such applications are updated to use the system resolver, as > described in the last bullet point, the device reverts to a single point of > control for all DNS queries." > Hmm.... this seems unduly prescriptive. Perhaps. For users to have the ability to inspect and control the application-specific DNS settings in a similar fashion to the OS DNS settings, each application also needs to expose the default settings to the users and provide a configuration interface to change them. If this interface includes a setting to use the system resolver, then the device can be reverted to a single point of control for all DNS queries. I think this removes the status quo bias. That said, I'd like to hear from people who implement their own resolver even for Do53. I know Chrome does this and I believe it's quite common for SIP stacks due to performance concerns with the system resolver. -Ekr > Sara. > > > -Ekr > > >> Brian >> >>> >>>> >>>> >>>> >>>>> The point in section 3.5..1.1.2 terms of privacy considerations is >>>>> that any application that uses an application specific DNS setting >>>>> introduces another control point on the device for the DNS resolution >>>>> setting (which with the current offerings is independent of the network >>>>> used), and if or how that is exposed is entirely up to the application. I >>>>> suggest adding this text at the start of the second paragraph: >>>>> >>>>> "Such application-specific settings introduce new control points on >>>>> end user devices for DNS resolution settings in addition to the >>>>> historically used system settings." >>>>> >>>> >>>> Well, I suppose this is true, but it's also true of (for instance) >>>> allowing the user to set a proxy, which we've done forever. >>>> >>>> >>>> >>>>> >>>>> S 3.5.1.1.2. >>>>> > >>>>> > Application-specific changes to default destinations for users' >>>>> DNS >>>>> > queries might increase or decrease user privacy - it is highly >>>>> > dependent on the network context and the application-specific >>>>> > default. This is an area of active debate and the IETF is >>>>> working on >>>>> > a number of issues related to application-specific DNS settings. >>>>> >>>>> This, too, could be said about the current situation. >>>>> >>>>> >>>>> See above. >>>>> >>>> >>>> And my response above.. >>>> >>>> -Ekr >>>> >>>> >>>>> Sara. >>>>> >>>>> >>>>> On Mon, Jan 20, 2020 at 1:47 PM Eric Vyncke (evyncke) < >>>>> evyncke@cisco.com> wrote: >>>>> >>>>>> Thanks to Sara and Stéphane for the -04 revised I-D. >>>>>> >>>>>> After reading the -04, I think that most of the IETF Last Call >>>>>> comments are addressed (and consensus needs to be balanced -- even for >>>>>> informational document) and that the document sticks to facts. >>>>>> >>>>>> But, as section 3.5.1 ("in the recursive resolvers") raised a lot of >>>>>> discussions during the first IETF Last Call, and as the authors reacted to >>>>>> those comments by deep changes in the text, let's have a new IETF Last Call >>>>>> before proceeding with IESG evaluation. >>>>>> >>>>>> Again, thank you to the reviewers and the authors >>>>>> >>>>>> Regards, >>>>>> >>>>>> -éric >>>>>> >>>>>> >>>>>> On 20/01/2020, 22:34, "IETF Secretariat" < >>>>>> ietf-secretariat-reply@ietf.org> wrote: >>>>>> >>>>>> IESG state changed: >>>>>> >>>>>> New State: Last Call Requested >>>>>> >>>>>> (The previous state was Waiting for AD Go-Ahead::AD Followup) >>>>>> >>>>>> The previous last call raised several points. The authors have >>>>>> worked on those points and this new informational IETF draft has >>>>>> substantive changes; enough to go trigger a new IETF Last Call. >>>>>> >>>>>> -éric >>>>>> >>>>>> Datatracker URL: >>>>>> https://datatracker.ietf.org/doc/draft-ietf-dprive-rfc7626-bis/ >>>>>> >>>>>> >>>>>> >>>>>> _______________________________________________ >>>>>> dns-privacy mailing list >>>>>> dns-privacy@ietf.org >>>>>> https://www.ietf.org/mailman/listinfo/dns-privacy >>>>>> >>>>> >>>>> _______________________________________________ >>>> dns-privacy mailing list >>>> dns-privacy@ietf.org >>>> https://www.ietf.org/mailman/listinfo/dns-privacy >>>> >>>> >>>> >>>> _______________________________________________ >>> dns-privacy mailing list >>> dns-privacy@ietf.org >>> https://www.ietf.org/mailman/listinfo/dns-privacy >>> >> >
- [dns-privacy] Datatracker State Update Notice: <d… IETF Secretariat
- Re: [dns-privacy] Datatracker State Update Notice… Eric Vyncke (evyncke)
- Re: [dns-privacy] Datatracker State Update Notice… Eric Rescorla
- Re: [dns-privacy] Datatracker State Update Notice… Eric Rescorla
- Re: [dns-privacy] Datatracker State Update Notice… Vittorio Bertola
- Re: [dns-privacy] Datatracker State Update Notice… Eric Rescorla
- Re: [dns-privacy] Datatracker State Update Notice… Sara Dickinson
- Re: [dns-privacy] Datatracker State Update Notice… Sara Dickinson
- Re: [dns-privacy] Datatracker State Update Notice… Vittorio Bertola
- Re: [dns-privacy] Datatracker State Update Notice… Eric Rescorla
- Re: [dns-privacy] Datatracker State Update Notice… Sara Dickinson
- Re: [dns-privacy] Datatracker State Update Notice… Sara Dickinson
- Re: [dns-privacy] Datatracker State Update Notice… Eric Rescorla
- Re: [dns-privacy] Datatracker State Update Notice… Brian Dickson
- Re: [dns-privacy] Datatracker State Update Notice… Eric Rescorla
- Re: [dns-privacy] Datatracker State Update Notice… Stephen Farrell
- Re: [dns-privacy] Datatracker State Update Notice… Sara Dickinson
- Re: [dns-privacy] Datatracker State Update Notice… Vittorio Bertola
- Re: [dns-privacy] Datatracker State Update Notice… Sara Dickinson
- Re: [dns-privacy] Datatracker State Update Notice… Eric Rescorla
- Re: [dns-privacy] Datatracker State Update Notice… Sara Dickinson
- Re: [dns-privacy] Datatracker State Update Notice… Eric Rescorla
- Re: [dns-privacy] Datatracker State Update Notice… Brian Dickson
- Re: [dns-privacy] Datatracker State Update Notice… Eric Rescorla
- Re: [dns-privacy] Datatracker State Update Notice… Brian Dickson
- Re: [dns-privacy] Datatracker State Update Notice… Jim Reid
- Re: [dns-privacy] Datatracker State Update Notice… Brian Dickson
- Re: [dns-privacy] Datatracker State Update Notice… Eric Rescorla
- Re: [dns-privacy] Datatracker State Update Notice… Tony Finch
- Re: [dns-privacy] Datatracker State Update Notice… Sara Dickinson
- Re: [dns-privacy] Datatracker State Update Notice… Eric Rescorla
- Re: [dns-privacy] Datatracker State Update Notice… Vittorio Bertola
- Re: [dns-privacy] Datatracker State Update Notice… Eric Rescorla
- Re: [dns-privacy] Datatracker State Update Notice… Eric Orth
- Re: [dns-privacy] Datatracker State Update Notice… Sara Dickinson
- Re: [dns-privacy] Datatracker State Update Notice… Eric Orth
- Re: [dns-privacy] Datatracker State Update Notice… Sara Dickinson
- Re: [dns-privacy] [EXT] Re: Datatracker State Upd… Vittorio Bertola
- Re: [dns-privacy] Datatracker State Update Notice… Eric Rescorla
- Re: [dns-privacy] Datatracker State Update Notice… Sara Dickinson
- Re: [dns-privacy] Datatracker State Update Notice… Eric Rescorla
- Re: [dns-privacy] Datatracker State Update Notice… Sara Dickinson
- Re: [dns-privacy] Datatracker State Update Notice… Sara Dickinson
- Re: [dns-privacy] Datatracker State Update Notice… Eric Vyncke (evyncke)
- Re: [dns-privacy] Datatracker State Update Notice… Eric Rescorla
- Re: [dns-privacy] Datatracker State Update Notice… Sara Dickinson
- Re: [dns-privacy] Datatracker State Update Notice… Eric Rescorla
- Re: [dns-privacy] Datatracker State Update Notice… Sara Dickinson
- Re: [dns-privacy] Datatracker State Update Notice… Christian Huitema
- Re: [dns-privacy] Datatracker State Update Notice… Vittorio Bertola
- Re: [dns-privacy] Datatracker State Update Notice… Stephane Bortzmeyer
- Re: [dns-privacy] Datatracker State Update Notice… Stephane Bortzmeyer
- Re: [dns-privacy] Datatracker State Update Notice… Ben Schwartz
- Re: [dns-privacy] Datatracker State Update Notice… Vittorio Bertola
- Re: [dns-privacy] Datatracker State Update Notice… Vittorio Bertola
- Re: [dns-privacy] Datatracker State Update Notice… S Moonesamy
- Re: [dns-privacy] Datatracker State Update Notice… Andrew Campling
- Re: [dns-privacy] Datatracker State Update Notice… Andrew Campling
- Re: [dns-privacy] Datatracker State Update Notice… Christian Huitema
- Re: [dns-privacy] Datatracker State Update Notice… Brian Dickson
- Re: [dns-privacy] Datatracker State Update Notice… Rob Sayre