Re: [DNSOP] [hrpc] Proposal for a side-meeting on services centralization at IETF 104 Prague

"Ralf Weber" <dns@fl1ger.de> Thu, 14 March 2019 15:17 UTC

Return-Path: <dns@fl1ger.de>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 06F10129284; Thu, 14 Mar 2019 08:17:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id SwBQ6Q0Rk_JL; Thu, 14 Mar 2019 08:17:30 -0700 (PDT)
Received: from smtp.guxx.net (smtp.guxx.net [IPv6:2a01:4f8:a0:322c::25:42]) by ietfa.amsl.com (Postfix) with ESMTP id 883D112F18C; Thu, 14 Mar 2019 08:17:30 -0700 (PDT)
Received: by nyx.guxx.net (Postfix, from userid 107) id 396F95F406E3; Thu, 14 Mar 2019 16:17:28 +0100 (CET)
Received: from [172.19.42.125] (a72-246-0-10.deploy.static.akamaitechnologies.com [72.246.0.10]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by nyx.guxx.net (Postfix) with ESMTPSA id E8D8F5F40350; Thu, 14 Mar 2019 16:17:25 +0100 (CET)
From: "Ralf Weber" <dns@fl1ger.de>
To: "Stephen Farrell" <stephen.farrell@cs.tcd.ie>
Cc: "Ted Lemon" <mellon@fugue.com>, "Vittorio Bertola" <vittorio.bertola@open-xchange.com>, doh@ietf.org, dnsop@ietf.org, "Paul Vixie" <paul@redbarn.org>, hrpc@irtf.org, dns-privacy@ietf.org
Date: Thu, 14 Mar 2019 11:17:23 -0400
X-Mailer: MailMate (1.12.4r5594)
Message-ID: <7E3A5551-DADE-4C20-A9C3-CE72CEC0023E@fl1ger.de>
In-Reply-To: <6a6b463c-0e67-c0cd-ca12-ea3dd298c401@cs.tcd.ie>
References: <20190311170218.o5hitvysuefhjjxk@nic.fr> <1829067625.16839.1552327024048@appsuite.open-xchange.com> <20190312090142.s32hdimbozsrbovt@nic.fr> <2044747.4WdMZHU4Qz@linux-9daj> <D97261BB-1D62-400F-8EBD-886B5BA586BD@fugue.com> <897EAAF7-0EF8-484A-B785-E4C46FCFA87F@fl1ger.de> <6a6b463c-0e67-c0cd-ca12-ea3dd298c401@cs.tcd.ie>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/gaoCeJ703AAn9qCloHX-L1l1jXk>
Subject: Re: [DNSOP] [hrpc] Proposal for a side-meeting on services centralization at IETF 104 Prague
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 14 Mar 2019 15:17:32 -0000

Moin!

On 14 Mar 2019, at 10:53, Stephen Farrell wrote:
> On 14/03/2019 14:41, Ralf Weber wrote:
>> the DoH protocol caused some application providers to experiment with
>> switching resolution per default away from OS and the local network 
>> provider
>
> I wasn't aware that some application provider was doing this
> as their default (assuming that's what "per default" means).
> Can you provide details?
The experiment Mozilla did switched these 25000 users to use DoH and
gave that option as the default option:
	https://blog.nightly.mozilla.org/2018/08/28/firefox-nightly-secure-dns-experimental-results/

> I am aware of what FF/CF have done but I don't believe that
> was on by default.
It was only for nightly users and only for users that have opted in for
experiments, but it still IMHO gave a bad impression, as it was viewed
by many as a plan send all future DNS traffic to Cloudflare.

I still think giving a singular known option as it is the case currently 
if
you click the Dns over HTTPs button in Firefox is a bad idea, but at 
least
it is off per default.

So long
-Ralf
—--
Ralf Weber