Re: [dns-privacy] Last Call: <draft-ietf-dprive-rfc7626-bis-03.txt> (DNS Privacy Considerations) to Informational RFC

[S Moonesamy <sm+ietf@elandsys.com>]

Hello,

There are currently four (IETF) working groups focused on DNS with 
three of them having privacy as part of their charter.  I read 
draft-ietf-dprive-rfc7626-bis-03 as I was looking for a document 
which might be related to those topics.

Section 1 of the draft has a tutorial of how DNS works.  What is the 
audience for this draft?

Section 3.1 of the draft discusses about the claim that "the data in 
the DNS is public".  The claim is supported [1] by one of the authors 
of the draft.  The draft states that the claim makes sense.  What is 
the meaning of the "data in the DNS"?  Does "is public" mean that the 
"data" is not confidential?

Section 3.2 discusses what a user does and use a DNS query related to 
email as an example.  Is the MUA expected to validated the MX RR or 
is it the role of the MSA?

Section 3.4.1 discusses the lack of confidentiality in the design of 
DNSSEC and equates privacy-aware with "secured against 
surveillance".  Mixing the pervasive monitoring and privacy aspects 
creates ambiguity.  For example, encrypting all the entire DNS 
communication chain with adequate security mechanisms could mitigate 
pervasive monitoring concerns.  However, that does not address 
privacy concerns as there is still entities which are able to collect 
and process those DNS queries for secondary purposes.

The choice of resolvers was previously made by the network on which 
the user was connected.  Recently, the Internet Engineering Steering 
Group approved the standardization of a mechanism so that the choice 
can be made by a web browser.  The data from the DNS query is, with 
some exceptions, automatically transferred to a foreign 
jurisdiction.  The draft mentions in Section 3.5.1.1 that the 
entities running networks might have a strong, medium, or weak 
privacy policy.  However, it misses a crucial aspect  with respect to 
privacy policies, which is the redress mechanism available to the user.

Section 3.5.1.3 states that user privacy can also be at risk if the 
network operator blocks access to some remote recursive server.  It 
could be argued that it might be a filtering (or censorship) 
technique.  However, it does not have an impact on user privacy 
unless there is an identifier which can be traced back to the user.

If I understood Section 3.5.1.5.2. correctly, the move to DNS over 
HTTPS created more privacy issues because HTTPS functionality was 
favored at the expense of privacy.

Section 3.6 of the draft states that the IAB privacy and security 
program has some work in progress.  Given that it has been over four 
years, could an update be provided about that work in progress?

Section 5 discusses legalities within a European Union context and 
concluded that there are no specific laws for DNS data in any 
country.  Did the working group conduct a worldwide study to find 
evidence of that?

Regards,
S. Moonesamy


1. http://r.elandsys.com/r/32470