Re: [DNSOP] [dns-privacy] [Doh] New: draft-bertola-bcp-doh-clients

Brian Dickson <brian.peter.dickson@gmail.com> Wed, 13 March 2019 21:06 UTC

Return-Path: <brian.peter.dickson@gmail.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0DA311311B9; Wed, 13 Mar 2019 14:06:39 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.998
X-Spam-Level:
X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id QH8q9PY2V2Sc; Wed, 13 Mar 2019 14:06:37 -0700 (PDT)
Received: from mail-qt1-x831.google.com (mail-qt1-x831.google.com [IPv6:2607:f8b0:4864:20::831]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 09D471311B2; Wed, 13 Mar 2019 14:06:37 -0700 (PDT)
Received: by mail-qt1-x831.google.com with SMTP id z25so3644560qti.13; Wed, 13 Mar 2019 14:06:36 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=5llX2gMV8NK694d5GX27kbyv+7hGqVUAUXLfZ2NHy9M=; b=VAJUYpRSQqY8NG9nUBQg+cdxREBhWxykHWouhpbbGF7VWXBcIXpUPUhN3enZPyGbhQ wKM9Oddw2W6SayMrgsccFI9HLfl2sZWwmqLv3P0HUkAcY7cNlYvZY3oaKTN6jLFVMEUp vAf5KoGSB7Gx0m2mh6cqR3c8QJ1veWrMznuxdtnHI15vY4p6bnx05xHyZMy50WpVtgZL 6c0UKAI4kTBxFckT2nFHOlodOfVpOEHmkY/TWXIFVcSLtBXPhI6E79oZQppTBN1SzgYB gssbq1/uvhMQmZGo6/in6Qw5l9XJC6C31d34lkt4KpTOu2Bi/uWOmniQeOXz3GinSTuH 0PnA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=5llX2gMV8NK694d5GX27kbyv+7hGqVUAUXLfZ2NHy9M=; b=WyYYr1f8lvG1u5RiOHz5y4w25PLuvntQkhTGtr4g4cbJFUIkgGix+MyYFz3zgLA+FR ArPZpomHwoO9aPQ4Cm2N8i12TASonEycFo+uDQUzqS38ivQl4Omjj4WTUxnQtRrVtAwx fwN8KDG9OO3XYx5OO0vW08xBm5MK5WlRK0IHxwtUu7oHOP4Awz/u8rqqw5nVpXNo6Esx VyjVwKbMPhyFAm1b1J6l7oIrGbil/GJjmHSr4pMmLsV8e+kEikPDQQMLx6O959Diuv/a Wm1voplnaj2gSrBrwJnhTrZmCyzPLnGAN05mrfMszvohFtE2+KPPmX7RRTAdFn9LZuTl VSZw==
X-Gm-Message-State: APjAAAWPbbylPTXMquUGR2qPl9Vf8R4cWV7mtWBVTRfSQxS9hTTNvsvG +dpanYqY2aRLY4H3zE2kxcekoFmEegVCYV7Tlz4=
X-Google-Smtp-Source: APXvYqx3HWZd+fi///YqTPBYcIpAb/P6VpqWBe44Pf2ErEmaVX21n3M077HaPADIeg4DzNXaeF8DVQIfHuPjYOBlRkQ=
X-Received: by 2002:ac8:96c:: with SMTP id z41mr35679084qth.305.1552511196048; Wed, 13 Mar 2019 14:06:36 -0700 (PDT)
MIME-Version: 1.0
References: <1700920918.12557.1552229700654@appsuite.open-xchange.com> <76386691-c1aa-c48a-9b0d-67eb36a08a4f@redbarn.org> <CABcZeBOWM0Ps-j3V-CK6VPy0LAqeo7-t7odUZy+dk9d-oCSDsg@mail.gmail.com> <4935758.NkxX2Kjbm0@linux-9daj> <c2c2be47-0855-a9d1-dd53-2404edf4d02b@huitema.net> <807193999.19916.1552445819087@appsuite.open-xchange.com> <9e40ac38-fa10-bbdc-1bfc-302e0ca170df@huitema.net> <C72A7196-98CF-40DC-84C7-DA95BADD24B8@cable.comcast.com> <b52e7891-da9f-6972-fc42-bf3aeea0a10f@huitema.net> <CAH1iCioc7xbMRnfzukFNK+RE7ScFru8xEk32F=XbR0Mo+E371w@mail.gmail.com> <e1d74ebd-0a63-700f-f032-faaeeef73993@cs.tcd.ie>
In-Reply-To: <e1d74ebd-0a63-700f-f032-faaeeef73993@cs.tcd.ie>
From: Brian Dickson <brian.peter.dickson@gmail.com>
Date: Wed, 13 Mar 2019 14:06:13 -0700
Message-ID: <CAH1iCipZf8y-Tm63TgfupZjDEnVsmpKXW+9QuinD5a85m59Lww@mail.gmail.com>
To: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Cc: Christian Huitema <huitema@huitema.net>, "dnsop@ietf.org" <dnsop@ietf.org>, "Livingood, Jason" <Jason_Livingood@comcast.com>, "doh@ietf.org" <doh@ietf.org>
Content-Type: multipart/alternative; boundary="00000000000059b41b0584002e86"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/LZfDRyp2QDPPnVXtGSyWlnOwoW4>
Subject: Re: [DNSOP] [dns-privacy] [Doh] New: draft-bertola-bcp-doh-clients
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 13 Mar 2019 21:06:39 -0000

On Wed, Mar 13, 2019 at 1:43 PM Stephen Farrell <stephen.farrell@cs.tcd.ie>
wrote:

>
> (dropping dprive list at WG chair request)
>
> Hiya,
>
> On 13/03/2019 20:29, Brian Dickson wrote:
> > The starting place for the conversation needs to acknowledge this, and
> > accommodate it. It is entirely possible that a DoH client that doesn't
> do a
> > minimum level of getting user acknowledgement before violating policies,
> > laws, or contracts, might itself be illegal in some jurisdictions
> > (jurisdictions that could include some US states, some western countries,
> > some larger entities like EU, etc.).
>
> I almost agreed with you that people need to ack others'
> priorities. But the above means I can't agree with your
> mail as "might be illegal" is vastly overstated, there
> being no relevant difference between DoT and DoH clients
> in this respect.


You are correct, on the difference issue.

This is about the base requirements, even if they are not different between
DoH and DoT.
And I agree, both DoH and DoT would need to meet the same set of
requirements wrt to contracts, laws, informed users, and everything.

I don't believe I am overstating the issue, at least in some places.
E.g. I am not aware of any place where an end user can modify an EULA, sign
it, and have that legally binding. Doing DoH/DoT in any such environment
where the Ts & Cs prohibit their use, would at least be a contract
violation. Things like DMCA and its ilk might raise the software to the
level of "illegal" rather than just a contract violation by a user.


> Such overstatement doesn't help and merely
> makes it more likely that some of the reasonable points
> you make will just get lost in the noise (IMO anyway).
>
> The same goes for talk of "wars" btw.
>
> Yeah, that's not one term I have used, but I agree.

Brian