Re: [DNSOP] EDNS0 clientID is a wider-internet question

Robert Edmonds <edmonds@mycre.ws> Tue, 25 July 2017 20:42 UTC

Return-Path: <edmonds@mycre.ws>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BAA0D131EF1 for <dnsop@ietfa.amsl.com>; Tue, 25 Jul 2017 13:42:00 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.902
X-Spam-Level:
X-Spam-Status: No, score=-1.902 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RP_MATCHES_RCVD=-0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wuLP61N0o5zu for <dnsop@ietfa.amsl.com>; Tue, 25 Jul 2017 13:41:59 -0700 (PDT)
Received: from mycre.ws (mycre.ws [45.33.102.105]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0FE8B131EE7 for <dnsop@ietf.org>; Tue, 25 Jul 2017 13:41:59 -0700 (PDT)
Received: by chase.mycre.ws (Postfix, from userid 1000) id 6A31B12C1466; Tue, 25 Jul 2017 16:41:58 -0400 (EDT)
Date: Tue, 25 Jul 2017 16:41:58 -0400
From: Robert Edmonds <edmonds@mycre.ws>
To: dnsop@ietf.org
Message-ID: <20170725204158.isyxgyb7l5d5degr@mycre.ws>
References: <CAKr6gn1mZ7VTfM_wtpFX-G95wg-bWRA_YciZScFvr-YX8eYdWg@mail.gmail.com> <CAPt1N1nutxneiZg1JR90O5vRXVs+0WHvRtHpwCRyn4bXpf6g4A@mail.gmail.com> <CAL9jLaZrsiGZUPJzT1bZG-K2mTt3wP=x05-_Qp=rRh8uaBjS4g@mail.gmail.com> <5D73941C-B108-4A14-AEE5-7A28BCA94373@nohats.ca> <8d27cf2a-a883-7186-11bb-eeacd0bce68c@eff.org> <5976FC55.10301@redbarn.org> <alpine.LRH.2.21.1707250412390.19091@bofh.nohats.ca> <59779B68.2000906@redbarn.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <59779B68.2000906@redbarn.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/0v-mkLIJCh84_e_I5EZfeBhIt3s>
Subject: Re: [DNSOP] EDNS0 clientID is a wider-internet question
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 25 Jul 2017 20:42:01 -0000

Paul Vixie wrote:
> Paul Wouters wrote:
> > On Tue, 25 Jul 2017, Paul Vixie wrote:
> > 
> > > users believe that the recursive name server operator has aligned
> > > interests, and for that reason one shouldn't say "it's easy to bypass"
> > > but rather "end-user cooperation is required."
> > 
> > So if 8.8.8.8 and your local ISP's nameserver do this to track you, what
> > choice does an average enduser have?
> 
> some of run our own rdns. some use vpn's. some use opendns or similar.

The internet now has billions of users. With the possible exception of
OpenDNS who have gone to admirable lengths to populate their knowledge
base with device-specific configuration instructions [0], I don't think
any of the choices you've listed are available to the "average enduser",
who almost by definition lacks the specialized technical knowledge
needed to select an alternative DNS resolution provider.

[0] https://support.opendns.com/hc/en-us/categories/204012907-OpenDNS-Device-Configuration

-- 
Robert Edmonds