Re: [dnsext] Re: Privacy vs EDNS Client IP...

Paul Vixie <vixie@isc.org> Wed, 03 February 2010 13:45 UTC

Return-Path: <owner-namedroppers@ops.ietf.org>
X-Original-To: ietfarch-dnsext-archive@core3.amsl.com
Delivered-To: ietfarch-dnsext-archive@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id CBD7B3A691A; Wed, 3 Feb 2010 05:45:22 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mXoE86nun0FB; Wed, 3 Feb 2010 05:45:22 -0800 (PST)
Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id C15573A6912; Wed, 3 Feb 2010 05:45:21 -0800 (PST)
Received: from majordom by psg.com with local (Exim 4.71 (FreeBSD)) (envelope-from <owner-namedroppers@ops.ietf.org>) id 1NcfQi-000IMd-T1 for namedroppers-data0@psg.com; Wed, 03 Feb 2010 13:38:04 +0000
Received: from [2001:4f8:3:bb:230:48ff:fe5a:2f38] (helo=nsa.vix.com) by psg.com with esmtps (TLSv1:CAMELLIA256-SHA:256) (Exim 4.71 (FreeBSD)) (envelope-from <vixie@vix.com>) id 1NcfQf-000IM7-OL for namedroppers@ops.ietf.org; Wed, 03 Feb 2010 13:38:01 +0000
Received: from nsa.vix.com (localhost [127.0.0.1]) by nsa.vix.com (Postfix) with ESMTP id 37168A7C41 for <namedroppers@ops.ietf.org>; Wed, 3 Feb 2010 13:38:01 +0000 (UTC) (envelope-from vixie@nsa.vix.com)
From: Paul Vixie <vixie@isc.org>
To: namedroppers@ops.ietf.org
Subject: Re: [dnsext] Re: Privacy vs EDNS Client IP...
In-Reply-To: Your message of "Wed, 03 Feb 2010 09:35:52 GMT." <7c31c8cc1002030135w183db140vd1c638bbdc999800@mail.gmail.com>
References: <6e04e83a1002010944q7abfabc6h892ce4cbb1bddcbf@mail.gmail.com> <6e04e83a1002011109u1cd55c99k8b584648184cdc73@mail.gmail.com> <162E0DB1-EC86-4206-AB36-6FEFA786B24C@ICSI.Berkeley.EDU> <6e04e83a1002011402u395f599g74180d28fdbe5707@mail.gmail.com> <D8848FB8-3523-4580-A93F-764494531788@ICSI.Berkeley.EDU> <6e04e83a1002011640t1b637e30gd7d0150eeb0fae8d@mail.gmail.com> <E9A13A5C-73A7-4F66-9617-482551A9BA84@ICSI.Berkeley.EDU> <6e04e83a1002021155kcb908b1v71d362e03e7c4002@mail.gmail.com> <AB78D628-8A01-4742-B32A-90FC6806201E@ICSI.Berkeley.EDU> <20100203031042.GE1374@vacation.karoshi.com.> <7c31c8cc1002030135w183db140vd1c638bbdc999800@mail.gmail.com>
X-Mailer: MH-E 8.1; nil; GNU Emacs 22.2.1
Date: Wed, 03 Feb 2010 13:38:01 +0000
Message-ID: <13956.1265204281@nsa.vix.com>
Sender: owner-namedroppers@ops.ietf.org
Precedence: bulk
List-ID: <namedroppers.ops.ietf.org>
List-Unsubscribe: To unsubscribe send a message to namedroppers-request@ops.ietf.org with
List-Unsubscribe: the word 'unsubscribe' in a single line as the message text body.
List-Archive: <http://ops.ietf.org/lists/namedroppers/>

> Date: Wed, 3 Feb 2010 09:35:52 +0000
> From: Wilmer van der Gaast <wilmer@google.com>
> 
> How is the /24 of the (probably heavily NATted) external IP address of a
> hotel you're staying at possibly showing up in packets going to
> authorities a privacy concern?

"your honour, someone in that hotel bought the hashish (exhibit A) over the
internet the night that the defendant was a guest there.  we have records
showing that there were only two other guests, and sworn affadavits from
each of those guests that they do not own or use laptop computers.  the
hotel's own computers are not behind the same NAT as the guests.  so even
though the hashish dealer's web site records show only ToR connections that
night, we have a record of a DNS transaction for that hashish dealer's
address record from that hashish dealer's outsourced DNS provider."

you may think it's silly that most examples of "how could this violate my
privacy" are of illegal activities which the internet ought probably not
support in any case.  substitute the jailing of a dissident if you wish.

i think it's silly that we're circling the wagons on privacy when there are
other better reasons to label this proposal a Really Bad Idea.  are we even?