[dns-privacy] Roman Danyliw's No Objection on draft-ietf-dprive-rfc7626-bis-06: (with COMMENT)

Roman Danyliw via Datatracker <noreply@ietf.org> Wed, 07 October 2020 12:44 UTC

Return-Path: <noreply@ietf.org>
X-Original-To: dns-privacy@ietf.org
Delivered-To: dns-privacy@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 672F73A0B4E; Wed, 7 Oct 2020 05:44:37 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
From: Roman Danyliw via Datatracker <noreply@ietf.org>
To: "The IESG" <iesg@ietf.org>
Cc: draft-ietf-dprive-rfc7626-bis@ietf.org, dprive-chairs@ietf.org, dns-privacy@ietf.org, Brian Haberman <brian@innovationslab.net>, dns-privacy@ietf.org, brian@innovationslab.net
X-Test-IDTracker: no
X-IETF-IDTracker: 7.19.0
Auto-Submitted: auto-generated
Precedence: bulk
Reply-To: Roman Danyliw <rdd@cert.org>
Message-ID: <160207467694.16404.609616260393795775@ietfa.amsl.com>
Date: Wed, 07 Oct 2020 05:44:37 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/dns-privacy/z_SAN5126583hPtbGeCLZSRpLPo>
Subject: [dns-privacy] Roman Danyliw's No Objection on draft-ietf-dprive-rfc7626-bis-06: (with COMMENT)
X-BeenThere: dns-privacy@ietf.org
X-Mailman-Version: 2.1.29
List-Id: <dns-privacy.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dns-privacy/>
List-Post: <mailto:dns-privacy@ietf.org>
List-Help: <mailto:dns-privacy-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 07 Oct 2020 12:44:37 -0000

Roman Danyliw has entered the following ballot position for
draft-ietf-dprive-rfc7626-bis-06: No Objection

When responding, please keep the subject line intact and reply to all
email addresses included in the To and CC lines. (Feel free to cut this
introductory paragraph, however.)


Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html
for more information about IESG DISCUSS and COMMENT positions.


The document, along with other ballot positions, can be found here:
https://datatracker.ietf.org/doc/draft-ietf-dprive-rfc7626-bis/



----------------------------------------------------------------------
COMMENT:
----------------------------------------------------------------------

Thank you for responding to the SECDIR review (and thank you to Stephen Farrell
for performing the SECDIR review).

** Section 3.5.1.1.  Per “These resolvers may have strong, medium, or weak
privacy policies …”, what are the dimensions of this Likert-style scale?  I
recommend a simpler sentence -- “… may have varied privacy policies”.

** Section 6.1.1.  Per “All major OS's expose the system DNS settings and allow
users to manually override them if desired”, agreed.  However, in managed
environments, users may not be able to manually override these settings.

** Section 6.1.3.  Per “User privacy can also be at risk if there is blocking
(by local network operators or more general mechanisms) …”, what is a “more
general mechanism”?  Also, "local network operator" describes who is doing the
blocking and "general mechanisms" seems to be describing a technique.

** Section 8.  Editorial.  Per “They are used for many reasons – some good,
some bad.”, I’d recommend against making judgements and stick to a rubric of
operational practices and attacker behavior (say RFC7258).  I’m not sure this
sentence is needed.

Editorial nits

-- ** Section 6.1.1.  Editorial.  s/additionally highly dependent/highly
dependent/

-- Section 12.  Typo. s/apprecriated/appreciated/