Re: [DNSOP] [External] Re: Re: Fwd: [Add] new draft: draft-grover-add-policy-detection-00
"Andrew M. Hettinger" <AHettinger@Prominic.NET> Mon, 15 July 2019 17:43 UTC
Return-Path: <AHettinger@Prominic.NET>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 278201200FB; Mon, 15 Jul 2019 10:43:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Mw0oFqLRobCA; Mon, 15 Jul 2019 10:43:11 -0700 (PDT)
Received: from dispatch1-us1.ppe-hosted.com (dispatch1-us1.ppe-hosted.com [148.163.129.52]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 358F51200A1; Mon, 15 Jul 2019 10:43:11 -0700 (PDT)
X-Virus-Scanned: Proofpoint Essentials engine
Received: from domino-42.prominic.net (domino-42.prominic.net [199.103.3.42]) by mx1-us5.ppe-hosted.com (PPE Hosted ESMTP Server) with ESMTP id C3C12800058; Mon, 15 Jul 2019 17:43:09 +0000 (UTC)
In-Reply-To: <b109c871-5980-1599-4e6c-2a126da89519@mozilla.com>
References: <CAChr6SyVmgMpD6Cd=m2Z03nts-Bv9ZVgJkG8oaj_jzwYMUZuCg@mail.gmail.com> <4966582.gC1Lsr5W4Z@linux-9daj> <CAChr6SyapDz8ZKNU8nOuncPMWajBuE+eF3WMFP9GWAs+B-uP9g@mail.gmail.com> <3220557.rvQTihJl8x@linux-9daj> <CAChr6SyM3LSgAdu5+SJGq-n=+AZc7M44BVSru_EZgf9svBHo3w@mail.gmail.com> <OF8D4BE6E1.0CDB3E8E-ON86258438.005BC3BC-86258438.005CDBC6@prominic.net> <b109c871-5980-1599-4e6c-2a126da89519@mozilla.com>
X-KeepSent: BAD4128C:54A606EC-86258438:00605B71; type=4; name=$KeepSent
To: Peter Saint-Andre <stpeter@mozilla.com>
Cc: dnsop@ietf.org, DNSOP <dnsop-bounces@ietf.org>, Paul Vixie <paul@redbarn.org>, Rob Sayre <sayrer@gmail.com>
X-Mailer: IBM Notes Release 9.0.1 October 14, 2013
Message-ID: <OFBAD4128C.54A606EC-ON86258438.00605B71-86258438.006155CE@prominic.net>
From: "Andrew M. Hettinger" <AHettinger@Prominic.NET>
Date: Mon, 15 Jul 2019 12:43:08 -0500
X-MIMETrack: Serialize by Router on domino-42.prominic.net/PNI(Release 10.0.1|November 29, 2018) at 07/15/2019 12:43:09 PM
MIME-Version: 1.0
Content-type: multipart/alternative; Boundary="0__=09BB0EABDFF3DDE18f9e8a93df938690918c09BB0EABDFF3DDE1"
Content-Disposition: inline
X-MDID: 1563212590-HRyVNVgPzfSb
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/BpYzRMD_QzUoGqSXRVGYfzpxiPY>
Subject: Re: [DNSOP] [External] Re: Re: Fwd: [Add] new draft: draft-grover-add-policy-detection-00
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 15 Jul 2019 17:43:14 -0000
"DNSOP" <dnsop-bounces@ietf.org> wrote on 07/15/2019 12:18:15: > From: "Peter Saint-Andre" <stpeter@mozilla.com> > To: "Andrew M. Hettinger" <AHettinger@Prominic.NET>, "Rob Sayre" > <sayrer@gmail.com> > Cc: dnsop@ietf.org, "Paul Vixie" <paul@redbarn.org>, "DNSOP" <dnsop- > bounces@ietf.org> > Date: 07/15/2019 12:18 > Subject: [External] Re: [DNSOP] Re: Fwd: [Add] new draft: draft- > grover-add-policy-detection-00 > Sent by: "DNSOP" <dnsop-bounces@ietf.org> > > On 7/15/19 10:54 AM, Andrew M. Hettinger wrote: > > > Arguably there's actually a decrease in security over DoT as, rather > > then your network provider being the one who knows what DNS lookups > > you're doing, now some third party with whom you have no relationship. > > You, as a lone user, have zero leverage with your network provider. > Firefox or Chome or Safari (etc.), as the user agent for millions of > people, can exercise more leverage and also enter into contractual > agreements with trusted recursive resolvers. That seems like a promising > avenue to explore. > > > Let's be clear, "some third party" is pronounced "Cloudflare." This > > isn't to bash on Cloudflare, but everyone's DNS traffic going to ONE > > company? > > Mozilla's intent is to deploy a set of trusted recursive resolvers, as > Ekr explained back in March on the DoH list: > > https://mailarchive.ietf.org/arch/msg/doh/po6GCAJ52BAKuyL-dZiU91v6hLw > > But these topics might be more appropriate for the ADD list... > > Peter > > _______________________________________________ > DNSOP mailing list > DNSOP@ietf.org > https://www.ietf.org/mailman/listinfo/dnsop I, as a lone user have even LESS leverage over Cloudflare, or the Mozilla Foundation, to whom I am not even a customer. More disturbingly, the Mozilla Foundation is a US corporation, subject to (gagged) FISA warrants. Considering one of the biggest surveillors in the world is the US government, surely you can see how maybe concentrating all the DNS traffic into the hands of a single US corporation (the Mozilla Foundation) might not be the greatest plan. Andrew Hettinger http://Prominic.NET | Skype: AndrewProminic Tel: 866.339.3169 (toll free) -or- 1.217.356.2888 x. 110 (int'l) Fax: 866.372.3356 (toll free) -or- 1.217.356.3356 (int'l)
- [DNSOP] Fwd: [Add] new draft: draft-grover-add-po… Andy Grover
- Re: [DNSOP] Fwd: [Add] new draft: draft-grover-ad… Paul Vixie
- Re: [DNSOP] Fwd: [Add] new draft: draft-grover-ad… Rob Sayre
- Re: [DNSOP] Fwd: [Add] new draft: draft-grover-ad… Paul Vixie
- Re: [DNSOP] Fwd: [Add] new draft: draft-grover-ad… Rob Sayre
- Re: [DNSOP] Fwd: [Add] new draft: draft-grover-ad… Paul Vixie
- Re: [DNSOP] Fwd: [Add] new draft: draft-grover-ad… Rob Sayre
- Re: [DNSOP] [Add] new draft: draft-grover-add-pol… David Conrad
- Re: [DNSOP] Fwd: [Add] new draft: draft-grover-ad… Paul Vixie
- Re: [DNSOP] [External] Re: Fwd: [Add] new draft: … Andrew M. Hettinger
- Re: [DNSOP] [External] Re: Fwd: [Add] new draft: … Peter Saint-Andre
- Re: [DNSOP] [External] Re: Re: Fwd: [Add] new dra… Andrew M. Hettinger
- Re: [DNSOP] [External] Re: Fwd: [Add] new draft: … Rob Sayre
- Re: [DNSOP] [External] Re: Fwd: [Add] new draft: … Andy Grover
- Re: [DNSOP] Fwd: [Add] new draft: draft-grover-ad… Rob Sayre
- Re: [DNSOP] [External] Re: Fwd: [Add] new draft: … Rob Sayre
- Re: [DNSOP] Fwd: [Add] new draft: draft-grover-ad… Eric Rescorla
- Re: [DNSOP] Fwd: [Add] new draft: draft-grover-ad… Rob Sayre
- Re: [DNSOP] Fwd: [Add] new draft: draft-grover-ad… Alejandro Acosta
- Re: [DNSOP] Fwd: [Add] new draft: draft-grover-ad… Tommy Jensen
- Re: [DNSOP] Fwd: [Add] new draft: draft-grover-ad… Rob Sayre
- Re: [DNSOP] Fwd: [Add] new draft: draft-grover-ad… Eric Rescorla
- Re: [DNSOP] Fwd: [Add] new draft: draft-grover-ad… Rob Sayre
- Re: [DNSOP] Fwd: [Add] new draft: draft-grover-ad… Tommy Jensen
- Re: [DNSOP] [Add] [Ext] new draft: draft-grover-a… Rob Sayre
- Re: [DNSOP] [Add] [Ext] new draft: draft-grover-a… Paul Hoffman
- Re: [DNSOP] [Add] [Ext] new draft: draft-grover-a… Rob Sayre