Re: [Doh] GDPR and DoH

Stephen Farrell <stephen.farrell@cs.tcd.ie> Sun, 07 April 2019 14:07 UTC

Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: doh@ietfa.amsl.com
Delivered-To: doh@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B7EBD120493 for <doh@ietfa.amsl.com>; Sun, 7 Apr 2019 07:07:13 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.3
X-Spam-Level:
X-Spam-Status: No, score=-4.3 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cs.tcd.ie
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id H7um0ywK0MPn for <doh@ietfa.amsl.com>; Sun, 7 Apr 2019 07:07:11 -0700 (PDT)
Received: from mercury.scss.tcd.ie (mercury.scss.tcd.ie [134.226.56.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9985F120049 for <doh@ietf.org>; Sun, 7 Apr 2019 07:07:10 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by mercury.scss.tcd.ie (Postfix) with ESMTP id 81B70BE51; Sun, 7 Apr 2019 15:07:07 +0100 (IST)
X-Virus-Scanned: Debian amavisd-new at scss.tcd.ie
Received: from mercury.scss.tcd.ie ([127.0.0.1]) by localhost (mercury.scss.tcd.ie [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fUxNzYeumYAB; Sun, 7 Apr 2019 15:07:05 +0100 (IST)
Received: from [10.244.2.138] (95-45-153-252-dynamic.agg2.phb.bdt-fng.eircom.net [95.45.153.252]) by mercury.scss.tcd.ie (Postfix) with ESMTPSA id 4EAF9BE50; Sun, 7 Apr 2019 15:07:05 +0100 (IST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cs.tcd.ie; s=mail; t=1554646025; bh=/8l83PtQHcEAQAQI04Lqc+OoexrXUgZZe/HJV9PNDy0=; h=To:Cc:References:From:Subject:Date:In-Reply-To:From; b=lppZttZuWoBQGQjuaefIvMo9c+tRa5/MfmW6+ZIj8ePUBj4m/ZRHsUXOqfIEAn0Un nBAXrcf8nElB2WCh9YcUn/ZDbwXV74PQD0vJrCbAfR8tzNZnSQH9T/5t6+bVxoIyGZ XlfdvcNmym1CsMNqgVyjZoTrxhSZDNS+uOL6C8Y8=
To: Jim Reid <jim@rfc1035.com>
Cc: DoH WG <doh@ietf.org>
References: <1700920918.12557.1552229700654@appsuite.open-xchange.com> <7667c4d7-2e78-0a27-84af-cf1c00fd4897@cs.tcd.ie> <1991054337.12802.1552259263075@appsuite.open-xchange.com> <eea64b30-aad0-a030-5360-1b1484f1d0e3@huitema.net> <CAPsNn2WhjHSEHJUEL8GB6X0d24fkajgPnY4YgkOQbXjyxb5q8Q@mail.gmail.com> <CACfw2hj07TDCxK9bm0T=JguKyuCEfW2zb_yRJnewjOYL4oxdjA@mail.gmail.com> <CACsn0cmk7NbF+ti0dU7Fp0PK8Gt4P5knC5hrHVLDY59-jaYYzA@mail.gmail.com> <6030358E-24FF-4033-B0A1-AB1123FED964@rfc1035.com> <5ce0d730-aac2-95c9-fead-64cbffa03d52@cs.tcd.ie> <AE840785-E355-4BCA-A9E1-AFFA069D801C@rfc1035.com>
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Openpgp: id=5BB5A6EA5765D2C5863CAE275AB2FAF17B172BEA; url=
Autocrypt: addr=stephen.farrell@cs.tcd.ie; prefer-encrypt=mutual; keydata= mQINBFo9UDIBEADUH4ZPcUnX5WWRWO4kEkHea5Y5eEvZjSwe/YA+G0nrTuOU9nemCP5PMvmh 5Cg8gBTyWyN4Z2+O25p9Tja5zUb+vPMWYvOtokRrp46yhFZOmiS5b6kTq0IqYzsEv5HI58S+ QtaFq978CRa4xH9Gi9u4yzUmT03QNIGDXE37honcAM4MOEtEgvw4fVhVWJuyy3w//0F2tzKr EMjmL5VGuD/Q9+G/7abuXiYNNd9ZFjv4625AUWwy+pAh4EKzS1FE7BOZp9daMu9MUQmDqtZU bUv0Q+DnQAB/4tNncejJPz0p2z3MWCp5iSwHiQvytYgatMp34a50l6CWqa13n6vY8VcPlIqO Vz+7L+WiVfxLbeVqBwV+4uL9to9zLF9IyUvl94lCxpscR2kgRgpM6A5LylRDkR6E0oudFnJg b097ZaNyuY1ETghVB5Uir1GCYChs8NUNumTHXiOkuzk+Gs4DAHx/a78YxBolKHi+esLH8r2k 4LyM2lp5FmBKjG7cGcpBGmWavACYEa7rwAadg4uBx9SHMV5i33vDXQUZcmW0vslQ2Is02NMK 7uB7E7HlVE1IM1zNkVTYYGkKreU8DVQu8qNOtPVE/CdaCJ/pbXoYeHz2B1Nvbl9tlyWxn5Xi HzFPJleXc0ksb9SkJokAfwTSZzTxeQPER8la5lsEEPbU/cDTcwARAQABtDJTdGVwaGVuIEZh cnJlbGwgKDIwMTcpIDxzdGVwaGVuLmZhcnJlbGxAY3MudGNkLmllPokCQAQTAQgAKgIbAwUJ CZQmAAULCQgHAgYVCAkKCwIEFgIDAQIeAQIXgAUCWj6jdwIZAQAKCRBasvrxexcr6o7QD/9m x9DPJetmW794RXmNTrbTJ44zc/tJbcLdRBh0KBn9OW/EaAqjDmgNJeCMyJTKr1ywaps8HGUN hLEVkc14NUpgi4/Zkrbi3DmTp25OHj6wXBS5qVMyVynTMEIjOfeFFyxG+48od+Xn7qg6LT7G rHeNf+z/r0v9+8eZ1Ip63kshQDGhhpmRMKu4Ws9ZvTW2ACXkkTFaSGYJj3yIP4R6IgwBYGMz DXFX6nS4LA1s3pcPNxOgrvCyb60AiJZTLcOk/rRrpZtXB1XQc23ZZmrlTkl2HaThL6w3YKdi Ti1NbuMeOxZqtXcUshII45sANm4HuWNTiRh93Bn5bN6ddjgsaXEZBKUBuUaPBl7gQiQJcAlS 3MmGgVS4ZoX8+VaPGpXdQVFyBMRFlOKOC5XJESt7wY0RE2C8PFm+5eywSO/P1fkl9whkMgml 3OEuIQiP2ehRt/HVLMHkoM9CPQ7t6UwdrXrvX+vBZykav8x9U9M6KTgfsXytxUl6Vx5lPMLi 2/Jrsz6Mzh/IVZa3xjhq1OLFSI/tT2ji4FkJDQbO+yYUDhcuqfakDmtWLMxecZsY6O58A/95 8Qni6Xeq+Nh7zJ7wNcQOMoDGj+24di2TX1cKLzdDMWFaWzlNP5dB5VMwS9Wqj1Z6TzKjGjru q8soqohwb2CK9B3wzFg0Bs1iBI+2RuFnxLkCDQRaPVAyARAA+g3R0HzGr/Dl34Y07XqGqzq5 SU0nXIu9u8Ynsxj7gR5qb3HgUWYEWrHW2jHOByXnvkffucf5yzwrsvw8Q8iI8CFHiTYHPpey 4yPVn6R0w/FOMcY70eTIu/k6EEFDlDbs09DtKcrsT9bmN0XoRxITlXwWTufYqUnmS+YkAuk+ TLCtUin7OdaS2uU6Ata3PLQSeM2ZsUQMmYmHPwB9rmf+q2I005AJ9Q1SPQ2KNg/8xOGxo13S VuaSqYRQdpV93RuCOzg4vuXtR+gP0KQrus/P2ZCEPvU9cXF/2MIhXgOz207lv3iE2zGyNXld /n8spvWk+0bH5Zqd9Wcba/rGcBhmX9NKKDARZqjkv/zVEP1X97w1HsNYeUFNcg2lk9zQKb4v l1jx/Uz8ukzH2QNhU4R39dbF/4AwWuSVkGW6bTxHJqGs6YimbfdQqxTzmqFwz3JP0OtXX5q/ 6D4pHwcmJwEiDNzsBLl6skPSQ0Xyq3pua/qAP8MVm+YxCxJQITqZ8qjDLzoe7s9X6FLLC/DA L9kxl5saVSfDbuI3usH/emdtn0NA9/M7nfgih92zD92sl1yQXHT6BDa8xW1j+RU4P+E0wyd7 zgB2UeYgrp2IIcfG+xX2uFG5MJQ/nYfBoiALb0+dQHNHDtFnNGY3Oe8z1M9c5aDG3/s29QbJ +w7hEKKo9YMAEQEAAYkCJQQYAQgADwUCWj1QMgIbDAUJCZQmAAAKCRBasvrxexcr6qwvD/9b Rek3kfN8Q+jGrKl8qwY8HC5s4mhdDJZI/JP2FImf5J2+d5/e8UJ4fcsT79E0/FqX3Z9wZr6h sofPqLh1/YzDsYkZDHTYSGrlWGP/I5kXwUmFnBZHzM3WGrL3S7ZmCYMdudhykxXXjq7M6Do1 oxM8JofrXGtwBTLv5wfvvygJouVCVe87Ge7mCeY5vey1eUi4zSSF1zPpR6gg64w2g4TXM5qt SwkZVOv1g475LsGlYWRuJV8TA67yp1zJI7HkNqCo8KyHX0DPOh9c+Sd9ZX4aqKfqH9HIpnCL AYEgj7vofeix7gM3kQQmwynqq32bQGQBrKJEYp2vfeO30VsVx4dzuuiC5lyjUccVmw5D72J0 FlGrfEm0kw6D1qwyBg0SAMqamKN6XDdjhNAtXIaoA2UMZK/vZGGUKbqTgDdk0fnzOyb2zvXK CiPFKqIPAqKaDHg0JHdGI3KpQdRNLLzgx083EqEc6IAwWA6jSz+6lZDV6XDgF0lYqAYIkg3+ 6OUXUv6plMlwSHquiOc/MQXHfgUP5//Ra5JuiuyCj954FD+MBKIj8eWROfnzyEnBplVHGSDI ZLzL3pvV14dcsoajdeIH45i8DxnVm64BvEFHtLNlnliMrLOrk4shfmWyUqNlzilXN2BTFVFH 4MrnagFdcFnWYp1JPh96ZKjiqBwMv/H0kw==
Message-ID: <7a8bceaf-b224-257e-52fc-154d45c28305@cs.tcd.ie>
Date: Sun, 7 Apr 2019 15:07:04 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.6.1
MIME-Version: 1.0
In-Reply-To: <AE840785-E355-4BCA-A9E1-AFFA069D801C@rfc1035.com>
Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="sTboWOgTUTBDW6nzsf5gqkRvgXC1nvZ9Z"
Archived-At: <https://mailarchive.ietf.org/arch/msg/doh/-mzAqUx1ATiRxD0c6eQ23uT_YPo>
Subject: Re: [Doh] GDPR and DoH
X-BeenThere: doh@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: DNS Over HTTPS <doh.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/doh>, <mailto:doh-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/doh/>
List-Post: <mailto:doh@ietf.org>
List-Help: <mailto:doh-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/doh>, <mailto:doh-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 07 Apr 2019 14:07:14 -0000

Hiya,

On 07/04/2019 14:33, Jim Reid wrote:
> 
> 
>> On 6 Apr 2019, at 19:53, Stephen Farrell
>> <stephen.farrell@cs.tcd.ie> wrote:
>> 
>> FWIW, I also don't get the GDPR angle here. If it's meant as an
>> issue of consent related to selection of DNS server....
>> 
>> So can you explain the specific GDPR-related issue that you think
>> is relevant?
> 
> Hi Stephen. When has relevance ever mattered on an IETF list? :-)

Either never or always, depending who you're arguing with:-)

> 
> From a strict protocol design perspective, GDPR issues probably never
> matter for the IETF. After all the IETF doesn’t exist so it can’t be
> sued or prosecuted. 

Didn't you notice the LLC thing? :-)

> GDPR does however have an impact on how IETF
> protocols get used and deployed. Sometimes that might impact need to
> be assessed in an IETF setting, just like how IETF docs are expected
> to have security and human rights considerations these days.

I agree that we need to consider GDPR issues, where they exist.
The question I'm posing here is whether there are any new GDPR
issues caused by DoT/DoH and I'm just not seeing them. I can
totally accept that there are privacy/GDPR issues in providing
DNS service that have been largely or totally ignored until
very recently.

(Security considerations btw are needed in drafts, but human
rights considerations are not a requirement, and nor should they
be IMO.)

> 
> GDPR is already covered in the T&Cs between an ISP and the end user.
> Or should be.

As far as DNS query privacy is concerned, that doesn't appear
to be explicitly mentioned by my ISP. Maybe that's an outlier
but I'd be surprised. So I don't accept that "already covered"
is correct, for DNS query privacy.

(Separately, I also don't accept that one can get informed
consent from a person who doesn't understand the question being
asked. So from my POV, all this "click to accept" crap is
just crap and no more. I do realise that some lawyers likely
disagree.)

> [You’ve probably been bombarded by GDPR tweaks to the
> T&Cs for your bank, utility providers, etc.] When DoH is used, this
> is likely to introduce third parties - the DoH service provider and a
> DoH client. 

An ISP could as easily be forwarding all my queries to a quad-N
service, and/or be providing a sample-point for passive DNS, so
ISTM these aren't really new issues at all. (WRT passive DNS, even
if no stub IP addresses are provided, I suspect one could identify
or re-identify based on patterns of QNAMEs and timing.)

> GDPR compliance will be an issue for them, particularly
> the requirement to get meaningful consent from the end user. How
> these third parties do that is unlikely to be a topic for the IETF.

Except people keep raising this as an issue, but without being
specific enough for me at least to understand if there is or is
not any effect on protocols.

From the above, it sounds like you agree there is no effect on
the DoH WG. If that's right then we should accept that there is
no GDPR discussion to have here.

> 
> That said, I think it’s important that this WG is at least aware of
> these problems and documents them somehow. ie It produces an RFC
> which somewhere says something like "If you’re responsible for a DoH
> platform, make sure you’ve sorted out the GDPR concerns”. 

I think that's way too vague to be useful in an I-D. An I-D that
had such text could be described as possibly baselessly generating
FUD, which'd be bad.

I think [1] could provide a fine place to discuss these issues,
but perhaps it needs a permutation applied to the title so that
becomes "Privacy Recommendations for DNS Service Operators." I'm
not sure if we'd find rough consensus to try tackle all the issues
that'd raise though.

S.

[1] https://tools.ietf.org/html/draft-ietf-dprive-bcp-op


> _______________________________________________ Doh mailing list 
> Doh@ietf.org https://www.ietf.org/mailman/listinfo/doh
>