Re: [Doh] New Privacy Considerations Section Proposal
Patrick McManus <pmcmanus@mozilla.com> Thu, 21 June 2018 12:57 UTC
Return-Path: <pmcmanus@mozilla.com>
X-Original-To: doh@ietfa.amsl.com
Delivered-To: doh@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BD5F11310A7 for <doh@ietfa.amsl.com>; Thu, 21 Jun 2018 05:57:31 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.233
X-Spam-Level:
X-Spam-Status: No, score=-1.233 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, SPF_SOFTFAIL=0.665, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id W3Erf9uJqebY for <doh@ietfa.amsl.com>; Thu, 21 Jun 2018 05:57:30 -0700 (PDT)
Received: from linode64.ducksong.com (www.ducksong.com [192.155.95.102]) by ietfa.amsl.com (Postfix) with ESMTP id 28D8A131242 for <doh@ietf.org>; Thu, 21 Jun 2018 05:57:30 -0700 (PDT)
Received: from mail-oi0-f52.google.com (mail-oi0-f52.google.com [209.85.218.52]) by linode64.ducksong.com (Postfix) with ESMTPSA id C3F573A03B for <doh@ietf.org>; Thu, 21 Jun 2018 08:57:29 -0400 (EDT)
Received: by mail-oi0-f52.google.com with SMTP id c128-v6so2787975oig.11 for <doh@ietf.org>; Thu, 21 Jun 2018 05:57:29 -0700 (PDT)
X-Gm-Message-State: APt69E3ADaM2hGKPa+i9Q+CGYF3zOvBh22SL298U5eKo/2CgcKe1+63f 9OqFtphEcXG1SPrrP/7ICT3FKjblMZcbm8Gevfk=
X-Google-Smtp-Source: ADUXVKKsSDSJ7iEQudePq2XBtnYm53ST/pXlqzP6153GP4lbLNmxqhsMdcMsy7idGIkYErUR7v+o2ySbpTeR5+D7/0U=
X-Received: by 2002:aca:41d6:: with SMTP id o205-v6mr14662572oia.38.1529585849575; Thu, 21 Jun 2018 05:57:29 -0700 (PDT)
MIME-Version: 1.0
Received: by 2002:a4a:8a32:0:0:0:0:0 with HTTP; Thu, 21 Jun 2018 05:57:29 -0700 (PDT)
In-Reply-To: <9fe2b4d7-14a7-934d-cd38-a7396dfec48a@riseup.net>
References: <CAOdDvNpY4NpvSKW_D__jztDD_wkaRsJna9L+Br+hdnDnQ8w5SQ@mail.gmail.com> <a8f12fe6-57d8-70ed-dc68-126c972b75f4@riseup.net> <CAOdDvNrfQuN4ePV2qeh9jChmaOhjp9VQWD4xeiNBUgSSJAre5Q@mail.gmail.com> <9fe2b4d7-14a7-934d-cd38-a7396dfec48a@riseup.net>
From: Patrick McManus <pmcmanus@mozilla.com>
Date: Thu, 21 Jun 2018 08:57:29 -0400
X-Gmail-Original-Message-ID: <CAOdDvNqQVDn3SVpPNwm4bj63dps41x7EPu3VENGYUdAVh0cDxQ@mail.gmail.com>
Message-ID: <CAOdDvNqQVDn3SVpPNwm4bj63dps41x7EPu3VENGYUdAVh0cDxQ@mail.gmail.com>
To: nusenu <nusenu-lists@riseup.net>
Cc: DoH WG <doh@ietf.org>
Content-Type: multipart/alternative; boundary="00000000000037b963056f267520"
Archived-At: <https://mailarchive.ietf.org/arch/msg/doh/6-GcQocDQWf8vH62iIdB77HdYLY>
Subject: Re: [Doh] New Privacy Considerations Section Proposal
X-BeenThere: doh@ietf.org
X-Mailman-Version: 2.1.26
Precedence: list
List-Id: DNS Over HTTPS <doh.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/doh>, <mailto:doh-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/doh/>
List-Post: <mailto:doh@ietf.org>
List-Help: <mailto:doh-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/doh>, <mailto:doh-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 21 Jun 2018 12:57:39 -0000
On Thu, Jun 21, 2018 at 7:08 AM, nusenu <nusenu-lists@riseup.net> wrote: > > > So because a comprehensive treatment is hard and obviously not the primary > goal of the > document a comparative statement of the privacy implications of DoH wrt > other DNS protocols > from Sara's text is no longer mentioned at all? > > I feel like it is absolutely mentioned! The text makes clear that issues arise at the IP, TCP, TLS, and HTTPS layers. UDP-based DNS suffers from IP issues, TCP-based DNS suffers from TCP and IP based issues, DNS over TLS suffers from IP, TCP, and TLS based issues, and DoH adds HTTP issues to the mix. The DoH spec is going to focus on DoH.. if another document would like to comprehensively discuss all of this that's fine by me but its not practical to do here. I'll add a small clarifying bit to the text for people to try out - but this is already most of the text. > I'd like to understand the reasoning for NOT including specific privacy > friendly > recommendations in the document, because currently the document mentions > DoH uses and requires HTTP but does not redefine it. DoH is not a mere tunnel for DNS and applications should leverage what features fit their needs. The specification(s) for those features are where you need to look to make a decision or you turn things over to a library. the high level issues but doesn't give specific advise on what to do about > it > - the implementors are basically on their own - > this is non-normative considerations text - it is highlighting what you need to consider. The primary consideration is that you are now in the HTTP ecosystem. A couple other messages have asked to highlight that the HTTP ecosystem is different than the DNS ecosystem and I'm fine with including that.
- Re: [Doh] New Privacy Considerations Section Prop… Adam Roach
- Re: [Doh] New Privacy Considerations Section Prop… Adam Roach
- Re: [Doh] New Privacy Considerations Section Prop… Ted Hardie
- Re: [Doh] New Privacy Considerations Section Prop… Ted Hardie
- Re: [Doh] New Privacy Considerations Section Prop… Patrick McManus
- Re: [Doh] New Privacy Considerations Section Prop… nusenu
- Re: [Doh] New Privacy Considerations Section Prop… Patrick McManus
- Re: [Doh] New Privacy Considerations Section Prop… Sara Dickinson
- Re: [Doh] New Privacy Considerations Section Prop… Eric Rescorla
- Re: [Doh] New Privacy Considerations Section Prop… Patrick McManus
- Re: [Doh] New Privacy Considerations Section Prop… Sara Dickinson
- Re: [Doh] New Privacy Considerations Section Prop… Sara Dickinson
- Re: [Doh] New Privacy Considerations Section Prop… Patrick McManus
- Re: [Doh] New Privacy Considerations Section Prop… Patrick McManus
- Re: [Doh] New Privacy Considerations Section Prop… Howard Chu
- Re: [Doh] New Privacy Considerations Section Prop… nusenu
- Re: [Doh] New Privacy Considerations Section Prop… Howard Chu
- Re: [Doh] New Privacy Considerations Section Prop… Mateusz Jończyk
- Re: [Doh] New Privacy Considerations Section Prop… bert hubert
- Re: [Doh] New Privacy Considerations Section Prop… nusenu
- Re: [Doh] New Privacy Considerations Section Prop… nusenu
- Re: [Doh] New Privacy Considerations Section Prop… Sara Dickinson
- Re: [Doh] New Privacy Considerations Section Prop… Daniel Stenberg
- Re: [Doh] New Privacy Considerations Section Prop… Howard Chu
- Re: [Doh] New Privacy Considerations Section Prop… nusenu
- Re: [Doh] New Privacy Considerations Section Prop… Patrick McManus
- Re: [Doh] New Privacy Considerations Section Prop… nusenu
- Re: [Doh] New Privacy Considerations Section Prop… Hewitt, Rory
- Re: [Doh] New Privacy Considerations Section Prop… Adam Roach
- Re: [Doh] New Privacy Considerations Section Prop… Patrick McManus
- Re: [Doh] [Ext] New Privacy Considerations Sectio… Ted Hardie
- Re: [Doh] [Ext] New Privacy Considerations Sectio… Paul Hoffman
- Re: [Doh] New Privacy Considerations Section Prop… Ted Hardie
- [Doh] New Privacy Considerations Section Proposal Patrick McManus
- Re: [Doh] New Privacy Considerations Section Prop… Loganaden Velvindron