Re: [DNSOP] [dns-privacy] [Doh] New: draft-bertola-bcp-doh-clients

Ted Lemon <> Wed, 03 April 2019 22:34 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id DCA171200B3 for <>; Wed, 3 Apr 2019 15:34:38 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (2048-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id frRldlKpZn4Q for <>; Wed, 3 Apr 2019 15:34:36 -0700 (PDT)
Received: from ( [IPv6:2607:f8b0:4864:20::82e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id F3E151200CC for <>; Wed, 3 Apr 2019 15:34:35 -0700 (PDT)
Received: by with SMTP id x12so998634qts.7 for <>; Wed, 03 Apr 2019 15:34:35 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=1TaShme7v2L4u13PJyl0HdgOygxFuWYEI8cdoFv4IO0=; b=U+cjY8sX2Dv+WRBNx/wt5ZQUAi/rgJ7kRSWX9Bz7QFdif5OXK4d0eB0Q2p2o4pOe4j 613HF3x+xnwgRcbM1iXp44YIajS/gbAHDAFqARHFb0nPeLC0LArjio52H+Njn/529tdq nvGNlQ/skt7QoNkqjP1ahrtMLM0AMlbF4kWVjTvbi2MLM20ksAhrmDtlRTc4zeuAVDQn ICpKs7t5vpZJlDa5SNyefHDj1Cq80VzWFr6Y+m7JejNDJnsqAZkjPetk5tUWzjIDZYA3 w/FnoXMjX1yRzDJ1nGU/EikVJKUGYJ5Jqce5aBjETzrFc+AjHHg4xuiF2+FRns4KK3Yj S7QQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=1TaShme7v2L4u13PJyl0HdgOygxFuWYEI8cdoFv4IO0=; b=GkriY5kZzJ5jkkQIVTl8shNZAnwloC4Vv//eQFSaLoVdoWYE4DXRuCBA5IoNktWneO e1xUSrazXzTUtX78KAF0t8NI1UqbSoBD3pYidpd+mDWZzIaUdwvqcDVV7G5mrWqvu0fc IwQfdmlbQJFd+lp4p0ufiwTbL7KEXAVQr033CoPpNMVB8CJ2v3NE3KLhJvj/XF4FGZrN Kab+0UFUWQuHWiTa54d7N7b+X4QOFs+YL223M/1DxmU20FFSmJbiWz6VyA4m2owDP4v1 iYzzfnzqmpt9qHncQ/Q2uyfBkZofpnrvZMPIzTPY1FEig/CH6nRrLfnaCSqQdza9CB/q wXIw==
X-Gm-Message-State: APjAAAVaYAbrV7Vk/6BCZnx0ahgtGjDXcnKkHoFHgpopq1/4eimJFFSc EsIvp7O+3ZBJzzEpnTYgbcnj4ZkqUOp8aElsGS+uuN9x
X-Google-Smtp-Source: APXvYqwaVtmlZAvk53QhSJX86eZBqlkV24DXRH7k51M4Jat9u3eiD8i+brS6leUeD5vVWypYixxnx1sd1xrbMUJvC8E=
X-Received: by 2002:ac8:367d:: with SMTP id n58mr2432694qtb.260.1554330874945; Wed, 03 Apr 2019 15:34:34 -0700 (PDT)
MIME-Version: 1.0
References: <> <> <> <4935758.NkxX2Kjbm0@linux-9daj> <> <> <> <>
In-Reply-To: <>
From: Ted Lemon <>
Date: Wed, 3 Apr 2019 18:34:21 -0400
Message-ID: <>
To: Paul Vixie <>
Cc: Christian Huitema <>, Vittorio Bertola <>,
Content-Type: multipart/alternative; boundary="000000000000aa4b760585a7dbd1"
Archived-At: <>
Subject: Re: [DNSOP] [dns-privacy] [Doh] New: draft-bertola-bcp-doh-clients
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF DNSOP WG mailing list <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Wed, 03 Apr 2019 22:34:39 -0000

Paul, it might be worth asking whether you believe that isps should be
selling eyeballs. If you think they should, then your argument makes sense.
It’s the same argument isps give for charging me for service and then
charging Netflix for access to me.

If you don’t agree with this model, then your argument that whoever built
the network has the right to dictate terms is inconsistent.

On Wed, Apr 3, 2019 at 15:26 Paul Vixie <> wrote:

> i had to think about this for quite a long time. i've trimmed the cc
> headers.
> Christian Huitema wrote on 2019-03-12 20:39:
> >
> > On 3/12/2019 7:56 PM, Vittorio Bertola wrote:
> >> ...
> >
> > The mirror image of that statement is, "when did intermediaries get
> > a mandate to filter content?"
> it was rarely a mandate, though various governments have made it one for
> various intermediaries. let me answer a different question, when did
> intermediaries gain the right or responsibility or both for filtering
> content? because that answer is simple: when they started building and
> operating it, investing in it, and either profiting or losing from it.
> their networks, their rules. which is only potentially unfair when they
> are also monopolies, in which case their end systems and edge networks
> have no alternatives. the law may want to recognize when a monopoly
> exists and set some minimums and maximums on intermediary operator
> rights and responsibilities. but that's not an architecture question.
> > ... The internet architecture assumes full connectivity. At some
> > point, people deployed middle-boxes and filtered content because
> > they could.
> as seems natural, since the internet architecture is neither viral nor
> communist, and anyone who connects a network to that network-of-networks
> called "the internet" has always treated all policy as local, since all
> responsibility for its emissions and uptime was theirs and only theirs.
> > They did not exactly try to get a mandate, or obtain consensus that
> > this was proper.
> no consensus was needed. if someone broke your rules, you stopped them
> or disconnected them. that was true for the NSFnet AUP, and it's true of
> every network's AUP today, and every corporate or family network's policy.
> > Technologies like DoH force the discussion in the open. Why do you
> > think you can filter content? Who made you king?
> i think that's hyperbole. i am at best a prince, and only of the
> territory i personally pay to build and connect, and only in the eyes of
> people who use my network. anyone who dislikes my rules can search for
> some other internet-connected network whose rules they like better. this
> is not a dictatorship, but certainly is a coalition of the willing.
> --
> P Vixie
> _______________________________________________
> DNSOP mailing list