Re: [dnsext] Address privacy (was Re: afasterinternet.com trial and draft-vandergaast-edns-client-subnet-00)

Masataka Ohta <mohta@necom830.hpcl.titech.ac.jp> Tue, 06 September 2011 23:01 UTC

Return-Path: <mohta@necom830.hpcl.titech.ac.jp>
X-Original-To: dnsext@ietfa.amsl.com
Delivered-To: dnsext@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CB9EE21F8DC1 for <dnsext@ietfa.amsl.com>; Tue, 6 Sep 2011 16:01:08 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.025
X-Spam-Level:
X-Spam-Status: No, score=-0.025 tagged_above=-999 required=5 tests=[AWL=0.065, BAYES_00=-2.599, HELO_EQ_JP=1.244, HOST_EQ_JP=1.265]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ymWDgsLrcgVS for <dnsext@ietfa.amsl.com>; Tue, 6 Sep 2011 16:01:08 -0700 (PDT)
Received: from necom830.hpcl.titech.ac.jp (necom830.hpcl.titech.ac.jp [131.112.32.132]) by ietfa.amsl.com (Postfix) with SMTP id CCC9021F8DA0 for <dnsext@ietf.org>; Tue, 6 Sep 2011 16:01:07 -0700 (PDT)
Received: (qmail 8913 invoked from network); 6 Sep 2011 23:09:46 -0000
Received: from necom830.hpcl.titech.ac.jp (HELO ?127.0.0.1?) (131.112.32.132) by necom830.hpcl.titech.ac.jp with SMTP; 6 Sep 2011 23:09:46 -0000
Message-ID: <4E66A65C.6080604@necom830.hpcl.titech.ac.jp>
Date: Wed, 07 Sep 2011 08:01:48 +0900
From: Masataka Ohta <mohta@necom830.hpcl.titech.ac.jp>
User-Agent: Mozilla/5.0 (Windows NT 5.1; rv:6.0.1) Gecko/20110830 Thunderbird/6.0.1
MIME-Version: 1.0
To: SM <sm@resistor.net>
References: <20110830162134.GB84494@shinkuro.com> <CA+9kkMCih-NWxaxBRD+9LphZEb2k+ce8NkNBm6HHubJ1kDO9TQ@mail.gmail.com> <CAMbvoaKFvxqVR2GRYxF_WOctdM=0Pdw35vqKKtDyCePdN3VM8g@mail.gmail.com> <6.2.5.6.2.20110905114918.08670a18@resistor.net> <4E65D2A7.3010308@necom830.hpcl.titech.ac.jp> <6.2.5.6.2.20110906064509.0871fdf0@resistor.net>
In-Reply-To: <6.2.5.6.2.20110906064509.0871fdf0@resistor.net>
Content-Type: text/plain; charset="ISO-2022-JP"
Content-Transfer-Encoding: 7bit
Cc: dnsext@ietf.org
Subject: Re: [dnsext] Address privacy (was Re: afasterinternet.com trial and draft-vandergaast-edns-client-subnet-00)
X-BeenThere: dnsext@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: DNS Extensions working group discussion list <dnsext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsext>, <mailto:dnsext-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dnsext>
List-Post: <mailto:dnsext@ietf.org>
List-Help: <mailto:dnsext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsext>, <mailto:dnsext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 06 Sep 2011 23:01:08 -0000

SM wrote:

>> Do you mean that the motivation is to improve TCP performance by
>> reducing TTL and *NOT* to reduce privacy?

> See http://forums.opendns.com/comments.php?DiscussionID=1096 The privacy 
> threads are at 
> http://www.ietf.org/mail-archive/web/dnsext/current/msg06548.html and 
> http://www.ietf.org/mail-archive/web/dnsext/current/msg06577.html

I looked at your referral but can't see any point, which
impresses me that you are trying not to enhance performance
but to reduce users' privacy.

Then, there is no point for IETF to admit such an extension.

Or, if you want to argue something, make your point by your own
words.

> For anyone interested in privacy, there was a position paper submitted 
> by IETF participants ( 
> http://www.w3.org/2010/api-privacy-ws/papers/privacy-ws-32.pdf ).

Isn't it enough that the paper title says "improving privacy
on the Internet", where as the client subnet option actively
degrade the privacy?

>> Then, as as an IP address of "a DNS server (resolver is the
>> correct word, here) that is topologically close to them" is
>> known to OpenDNS and Google Public DNS, why do you have to
>> be bothered by client subnet?
> 
> The authors of draft-vandergaast-edns-client-subnet-00 might point to 
> Section 9.1.

My question is "why do you have to be bothered by client subnet?"
even though there is no need for performance enhancement.

The section of the draft says nothing about it.

						Masataka Ohta