Re: [DNSOP] [Ext] Re: New draft for consideration:

Warren Kumari <warren@kumari.net> Sun, 24 March 2019 11:48 UTC

Return-Path: <warren@kumari.net>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2BF091310FC for <dnsop@ietfa.amsl.com>; Sun, 24 Mar 2019 04:48:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=kumari-net.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id f6jauW73hTHh for <dnsop@ietfa.amsl.com>; Sun, 24 Mar 2019 04:48:11 -0700 (PDT)
Received: from mail-qk1-x734.google.com (mail-qk1-x734.google.com [IPv6:2607:f8b0:4864:20::734]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4EF531310A2 for <dnsop@ietf.org>; Sun, 24 Mar 2019 04:48:11 -0700 (PDT)
Received: by mail-qk1-x734.google.com with SMTP id g1so3756424qki.5 for <dnsop@ietf.org>; Sun, 24 Mar 2019 04:48:11 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=kumari-net.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=kjYUaYA+kybgBFmyfJ5AJt3OocfOstKxReL1hdCJE54=; b=JNGPPI59CQ95rA6SSf2poIpil43+c3FIbc2Cve95ORG1H6DEkSjt1z/+63TXoYu9n/ ufRqCYpoggGAL61ggi5LbL1RaSJHlGdlYYZLG1kG+OWQ2/IIw/hHJ1J8pD4e7jD2Ydm4 E/hGJO+T0yYSs9OHK5c3cTFoq+UtC6m9N8MyNwMGkzsZAopGQ/fYPcW+JYPB4UQudn8x Q6+iodsIvYKFQ6odi6rM20zCvvNyfEkx9qyLwkv5vUVHLNYa/X4FqQh7J9PJQH7mAduN pgDGMOFsvua78M28uWClK0HuKjx6YgTUvz4vUXXoaqq3UtNLvaMs2MbDhgkCA+TpQXOY olQg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=kjYUaYA+kybgBFmyfJ5AJt3OocfOstKxReL1hdCJE54=; b=NCnCZNjPmVTwiAkn8Pb+VK9sZf8z+7fwOLvuoTrHltNaY6FocHxAk+F/5xYMeLLiD5 gXFYoyrzCjFhsHp03Z1FBC0HsYQaoHVx20VqE/0vKC0aloOJaXduNADJbgJbhVwuvyX+ RO/RxvBP6c/MvrSqQEd7UsNWy3QMWUO9DFCFynQJdH0Bw2ENHKv5haRpdUrWcOXQxdab +z4VuQTpsogqu36UWIUfsL/J+mDJyNpRtbtxe/cBDrOobwpsLk1VmBnThsql4Zwp2IFy DbW17bcblE/9eoFuz2DJpqaEiN1tzHyr0yl++wuhgq9FlUWB4NUkLci052IXVhWI3uCW zkpg==
X-Gm-Message-State: APjAAAUtZcK25/Qgy3nMgd8PoBlqwGklJFLDWxqHUjYccilK6D924DA6 02sMCQkY5okHjEIqs5YiEpXo/cQGMKWrHJ84AC0XHQ==
X-Google-Smtp-Source: APXvYqyOmtcjZNXLYDtjsg1LGxhR+TbghLIsAaAvapVrgjv4JDOck2/qbsNcJYpuDGGa/1BrUGqtru3EVUbnIT98/FE=
X-Received: by 2002:a05:620a:1008:: with SMTP id z8mr7980696qkj.264.1553428090141; Sun, 24 Mar 2019 04:48:10 -0700 (PDT)
MIME-Version: 1.0
References: <E2267015-0A5F-4D6E-85F0-3FA93348CA79@icann.org> <20190324101805.GA22597@server.ds9a.nl> <6893EFA4-F413-4C11-828A-13E942AA345C@icann.org>
In-Reply-To: <6893EFA4-F413-4C11-828A-13E942AA345C@icann.org>
From: Warren Kumari <warren@kumari.net>
Date: Sun, 24 Mar 2019 12:47:32 +0100
Message-ID: <CAHw9_iJEmfY36RU3z80uTdPXQ0EKRnd2Gn=YJphZiFM1K0d8fw@mail.gmail.com>
To: Paul Hoffman <paul.hoffman@icann.org>
Cc: bert hubert <bert.hubert@powerdns.com>, dnsop <dnsop@ietf.org>
Content-Type: multipart/alternative; boundary="0000000000007f55100584d5a917"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/weREJQbSlfxqiSypjDE81XbWabs>
Subject: Re: [DNSOP] [Ext] Re: New draft for consideration:
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 24 Mar 2019 11:48:19 -0000

On Sun, Mar 24, 2019 at 11:46 AM Paul Hoffman <paul.hoffman@icann.org>;
wrote:

> On Mar 24, 2019, at 11:18 AM, bert hubert <bert.hubert@powerdns.com>;
> wrote:
> > It may be good to add a note that "DoH is the protocol as defined in
> > [RFC8484]. The operation of this protocol by browser vendors and cloud
> > providers is frequently also called 'DoH'. DoH-the-protocol is
> > therefore frequently conflated with DoH being used to perform
> > DNS lookups in a different fashion than configured by the network
> settings
> > (see DaT and DaO)."
>
> A much better outcome would be that people who are saying DoH when they
> mean DaT or DaO would use the new terms. That is, this is a forward-looking
> document because we're making up new terms.
>

<no hats>
This is likely to be an annoying comment, but I don't really like the DaO
"acronym", simply because I'm not sure how people will pronounce it -- I
could see people mishearing "DaO" as "DoH", or the other way round --
unfortunately I don't have a better suggestion. Is it just me who has this
issue?

</no hats>
W



>
> > Secondly, I understand the technical need for the wording of the
> definition
> > of DaO.  But I had to read this all a few times before I understood that
> > 'DaO' includes what I've referred to as DoC (DNS over Cloud). I think
> > definitions should be easy to understand because otherwise they don't
> > function.
>
> I fully agree; proposed changes to this wording are quite welcome. It's a
> new term, after all.
>
> > I'm also not too hot for conflating "user consciously changes
> > /etc/resolv.conf or equivalent" with "application makes the choice for
> the
> > user".
>
> The split here is more "someone changes from traditional without the user
> knowing, when the user cares". If you have a better way to express that,
> that would be great.
>
> > Perhaps we should talk about 'Per-application stubs'? Because this is the
> > nub.
>
> Maybe, but I'm hesitant to make the break that way because some
> applications' stubs use the traditional resolver, others don't. I would be
> hesitant to conflate those two.
>
> > I'm willing to write text once we have discussed this a bit.
>
> Thanks!
>
> --Paul Hoffman
> _______________________________________________
> DNSOP mailing list
> DNSOP@ietf.org
> https://www.ietf.org/mailman/listinfo/dnsop
>


-- 
I don't think the execution is relevant when it was obviously a bad idea in
the first place.
This is like putting rabid weasels in your pants, and later expressing
regret at having chosen those particular rabid weasels and that pair of
pants.
   ---maf