IETF Logo Mail Archive

Re: [Doh] [Ext] New Privacy Considerations Section Proposal

Paul Hoffman <paul.hoffman@icann.org> Wed, 20 June 2018 22:26 UTC

Return-Path: <paul.hoffman@icann.org>
X-Original-To: doh@ietfa.amsl.com
Delivered-To: doh@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E4BDE1277BB for <doh@ietfa.amsl.com>; Wed, 20 Jun 2018 15:26:10 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.201
X-Spam-Level:
X-Spam-Status: No, score=-4.201 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id q6i5Pfcel3t6 for <doh@ietfa.amsl.com>; Wed, 20 Jun 2018 15:26:09 -0700 (PDT)
Received: from out.west.pexch112.icann.org (pfe112-ca-2.pexch112.icann.org [64.78.40.10]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 91EDD127148 for <doh@ietf.org>; Wed, 20 Jun 2018 15:26:09 -0700 (PDT)
Received: from PMBX112-W1-CA-1.pexch112.icann.org (64.78.40.21) by PMBX112-W1-CA-1.pexch112.icann.org (64.78.40.21) with Microsoft SMTP Server (TLS) id 15.0.1367.3; Wed, 20 Jun 2018 15:26:07 -0700
Received: from PMBX112-W1-CA-1.pexch112.icann.org ([64.78.40.21]) by PMBX112-W1-CA-1.PEXCH112.ICANN.ORG ([64.78.40.21]) with mapi id 15.00.1367.000; Wed, 20 Jun 2018 15:26:07 -0700
From: Paul Hoffman <paul.hoffman@icann.org>
To: Ted Hardie <ted.ietf@gmail.com>
CC: DoH WG <doh@ietf.org>
Thread-Topic: [Ext] [Doh] New Privacy Considerations Section Proposal
Thread-Index: AQHUCOWuWYRKmbUUfUmQgJXMMaykuQ==
Date: Wed, 20 Jun 2018 22:26:07 +0000
Message-ID: <DE749C02-B9B3-49D7-9C82-6F186309A811@icann.org>
References: <CAOdDvNpY4NpvSKW_D__jztDD_wkaRsJna9L+Br+hdnDnQ8w5SQ@mail.gmail.com> <CA+9kkMDt03Uv6UvtZw=mvo=+6dprGqUDMkC7Ef6bd=kb6vX_Fg@mail.gmail.com>
In-Reply-To: <CA+9kkMDt03Uv6UvtZw=mvo=+6dprGqUDMkC7Ef6bd=kb6vX_Fg@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-exchange-messagesentrepresentingtype: 1
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [192.0.32.234]
Content-Type: text/plain; charset="us-ascii"
Content-ID: <90BB3ABB1DE6AE4BB6245C1AE18A0D66@pexch112.icann.org>
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/doh/6axXnTt8xuZ08MFCEI56ZRAz0K4>
Subject: Re: [Doh] [Ext] New Privacy Considerations Section Proposal
X-BeenThere: doh@ietf.org
X-Mailman-Version: 2.1.26
Precedence: list
List-Id: DNS Over HTTPS <doh.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/doh>, <mailto:doh-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/doh/>
List-Post: <mailto:doh@ietf.org>
List-Help: <mailto:doh-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/doh>, <mailto:doh-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 20 Jun 2018 22:26:11 -0000

On Jun 20, 2018, at 3:14 PM, Ted Hardie <ted.ietf@gmail.com> wrote:
> 
> Repeating the comment I made at Github:
> 
> Is there a reason not to make a recommendation for the case of a DOH-only service?  The current text says:
> 
> Implementations of DoH clients and servers need to consider the benefit
> and privacy impact of all these features, and their deployment context,
> when deciding whether or not to enable them.
> 
> Would you consider a recommendation like "For DOH clients which do not intermingle DOH requests with other HTTP suppression of these headers and other potentially identifying headers is an appropriate data minimization strategy."?

That could be added, but it would need a *lot* more text because your proposed text only deals with one layer (HTTP) while the text above it also talks about fingerprinting with TLS, TCP, and IP (in reverse order). The WG can decide whether adding recommendations for just one layer is worthwhile or possibly misleading about the overall privacy.

--Paul Hoffman

v2.23.0 | Report a Bug | By Email