IETF Logo Mail Archive

Re: [DNSOP] [dns-privacy] FW: New Version Notification for draft-pan-dnsop-edns-isp-location-00

Brian Hartvigsen <bhartvigsen@opendns.com> Mon, 20 March 2017 19:34 UTC

Return-Path: <bhartvigsen@opendns.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5FCD612951D for <dnsop@ietfa.amsl.com>; Mon, 20 Mar 2017 12:34:07 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, NORMAL_HTTP_TO_IP=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=opendns.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tD03HoNk6LGy for <dnsop@ietfa.amsl.com>; Mon, 20 Mar 2017 12:34:05 -0700 (PDT)
Received: from mail-pg0-x230.google.com (mail-pg0-x230.google.com [IPv6:2607:f8b0:400e:c05::230]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6E22C1294C1 for <dnsop@ietf.org>; Mon, 20 Mar 2017 12:34:05 -0700 (PDT)
Received: by mail-pg0-x230.google.com with SMTP id n190so82176423pga.0 for <dnsop@ietf.org>; Mon, 20 Mar 2017 12:34:05 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=opendns.com; s=google; h=from:message-id:mime-version:subject:date:in-reply-to:cc:to :references; bh=o5E1eKJ8cVhenND3c7UuTt7OAmS4li6uO2N+YQ6j8hk=; b=X84FsEuLAQ5VbMk1NQ9a+92JvHpGeppDw6cwpO2xXpF7W+L/GhotsTZ9Gr7wL4XFkn doT92klsBVCfYxXYrVrI1O7Jzm5HbEfdv7i8N+pj9xODnPxGeNga1/RZxyW4GOQ417dd NnfE7f0FSpkiLR+TXbngas4MyNwz+xJPf/pAc=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:message-id:mime-version:subject:date :in-reply-to:cc:to:references; bh=o5E1eKJ8cVhenND3c7UuTt7OAmS4li6uO2N+YQ6j8hk=; b=pXIOWq6U4PaoUR301f+DU5TE3iwexxToD6z5cXOl14CWZsrbLRYz+yvgqm2nLKmoDP 4FFePmZNHAxIXgFEv0fOJSfSztZWXi5IE6PzWudgRYMqQgixBxly0fKKAFfCDLMmMW+y hEuNpQj98i9MXNsBlSBmEC6rcRSR8EAmL6h3P+Js+t4RgWQaZ/FpoyyfhOINmwJjTCnY obnPwxRUWmQXa/doJ6HsJRj6KYZSshqudMBl7AK8OU7ooXor8NhUHb1YqWJkAU0hsIsC hnfl7fn11EA9ONw8Tn13x0xkLRtuJ1Fvnx+tUkX019ocV/s/oZVqVUoDvoGVrW+KeHBq pksQ==
X-Gm-Message-State: AFeK/H2d/c0tJ2dPjV3OVIZtkmMvesLebwM7t8ptJxgKm/jYY5cDWTXEofNgYzNDxXbPcEvz
X-Received: by 10.98.37.69 with SMTP id l66mr25425057pfl.156.1490038444980; Mon, 20 Mar 2017 12:34:04 -0700 (PDT)
Received: from brians-air-2.local (24-116-170-61.cpe.cableone.net. [24.116.170.61]) by smtp.gmail.com with ESMTPSA id g27sm34793392pfk.95.2017.03.20.12.34.03 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 20 Mar 2017 12:34:04 -0700 (PDT)
From: Brian Hartvigsen <bhartvigsen@opendns.com>
Message-Id: <48FEB26B-8B76-4548-8F72-F907C81C65A6@opendns.com>
Content-Type: multipart/signed; boundary="Apple-Mail=_853CB6D8-4E7F-4406-AE84-BE30EAF85171"; protocol="application/pgp-signature"; micalg="pgp-sha512"
Mime-Version: 1.0 (Mac OS X Mail 10.2 \(3259\))
Date: Mon, 20 Mar 2017 13:34:02 -0600
In-Reply-To: <df8da203-6fbc-02d9-7876-e220f2bbe884@nic.cz>
Cc: Lanlan Pan <abbypan@gmail.com>, Barry Raveendran Greene <bgreene@senki.org>, "fuyu@cnnic.cn" <fuyu@cnnic.cn>, dns-privacy@ietf.org, dnsop <dnsop@ietf.org>
To: Petr Špaček <petr.spacek@nic.cz>
References: <000f01d29dfe$50b6b190$f22414b0$@cn> <CANLjSvXGO3rSpqb7hzwmV=vfm=UTHnQYqfBmt=uD9Mi8cL59Jg@mail.gmail.com> <16B293AD-27A2-4A6D-8A96-7CD847B59708@senki.org> <CANLjSvUJfU1cafGXHyg=DuCnhm09mBm5z4ve2_g6j2ONgt2tRQ@mail.gmail.com> <df8da203-6fbc-02d9-7876-e220f2bbe884@nic.cz>
X-Mailer: Apple Mail (2.3259)
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/vPgH56bLEoH8Y-LVDfGSwtoW5_8>
Subject: Re: [DNSOP] [dns-privacy] FW: New Version Notification for draft-pan-dnsop-edns-isp-location-00
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 20 Mar 2017 19:34:07 -0000

>> For user privacy concern, we can revise  ECS(114.240.0.0/24
>> <http://114.240.0.0/24>) => EIL (CHINA, BEIJING, UNICOM),give a
>> tradeoff between privacy and precise.
> 
> Nice, this sounds like appropriate tradeoff to me.
> 
> 
> Side-effect of this is that it removes need to maintain copies of
> various Geo-IP databases all over the place, which is an improvement to
> operational practice.

I disagree.  Unless you get the clients to implement EIL, then you’ve simply just pushed the need for geo-ip mapping from CDN to DNS provider.  Of course one would assume that an ISP already has this mapping, but 3rd party DNS would not.  So either they have to build the mappings,  maintain a copy of some Geo-IP database, or hope that all the clients have it implemented.  With 3rd party DNS carrying double digit percentages of traffic (iirc ~15% total from 2015 OARC presentation), that’s not something to just brush away.

— Brian

v2.40.4 | Report a Bug | By Email | System Status