Re: [dns-privacy] Datatracker State Update Notice: <draft-ietf-dprive-rfc7626-bis-04.txt>

[Andrew Campling <andrew.campling@419.consulting>]

At 13 May 2020 18:10, S Moonesamy <sm+ietf@elandsys.com> wrote:



>Hi Ben,

>At 08:12 PM 12-05-2020, Ben Schwartz wrote:

>>That seems quite contentious to me.  Decentralization of the DNS is

>>_also_ a privacy threat: running your own recursive leaks your IP to

>>every authoritative (far worse than ECS!), pinning yourself to a unique

>>recursive makes you uniquely identifiable as you move across the

>>network, and using a recursive whose identity is unknown is obviously a

>>privacy concern.

>

>I commented about "centralization" within the context of IETF work on

>several occasions.  My opinion is likely clouded by past experience.

>With respect to privacy, I spent around two years getting the IESG to

>take it seriously.

>

>From what I recall of what is written in RFCs, DNS is described as a

>distributed database.  There are some advantages of it being distributed,

>or if I may say so, decentralized.  For example, some countries might

>wish to have some degree of control over their ccTLD.  System failures

>do not generally affect a majority of users.

>

>There are obviously privacy implications.  Within an IETF context, it would

>make surveillance easier if everything is one provider.



I note that draft-arkko-arch-infrastructure-centralisation made some helpful observations regarding the dangers of centralisation, with specific points relating to DNS.  It included the following points in the recommendation section: "Where such centralised points are created, they will eventually fail, or they will be misused through surveillance or legal actions regardless of the best efforts of the Internet community.  The best defense to data leak is to avoid creating that data store to begin with".  This seems to be good advice to me.



Andrew