IETF Logo Mail Archive

[Doh] Googles Experimental DoH Endpoint.

"Winfield, Alister" <Alister.Winfield@sky.uk> Thu, 16 May 2019 20:24 UTC

Return-Path: <Alister.Winfield@sky.uk>
X-Original-To: doh@ietfa.amsl.com
Delivered-To: doh@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 92C751202E0 for <doh@ietfa.amsl.com>; Thu, 16 May 2019 13:24:26 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, T_DKIMWL_WL_HIGH=-0.01, T_MIME_MALF=0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=sky.uk
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 43WTrF6SaAzi for <doh@ietfa.amsl.com>; Thu, 16 May 2019 13:24:19 -0700 (PDT)
Received: from EUR04-HE1-obe.outbound.protection.outlook.com (mail-eopbgr70041.outbound.protection.outlook.com [40.107.7.41]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DBDCF1202E1 for <doh@ietf.org>; Thu, 16 May 2019 13:24:14 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sky.uk; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=T5bB6Ut7+tq2netUXrQ1Ql0BLPJY1T8jw6bSnIJ6a0Y=; b=VEW9YVd/Z4M8DgevfE0/I1tUL4W1gjMZaPF7qhVqjRqv6LujAEtsN870xzuMZvnDXB8DUmDY4MfP8c2beolcGJGgT5pgN6tVda5+OE1E9n1uwv+1O0gy6OTzk6eijOiMKR6Ds9IqO3MxCAPke0NcG7LVxAloghGXJXa2bcOTeus=
Received: from DB6PR0601MB2184.eurprd06.prod.outlook.com (10.168.51.153) by DB6PR0601MB2421.eurprd06.prod.outlook.com (10.169.215.15) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1900.16; Thu, 16 May 2019 20:24:08 +0000
Received: from DB6PR0601MB2184.eurprd06.prod.outlook.com ([fe80::883b:b573:ea6d:2d54]) by DB6PR0601MB2184.eurprd06.prod.outlook.com ([fe80::883b:b573:ea6d:2d54%3]) with mapi id 15.20.1878.024; Thu, 16 May 2019 20:24:08 +0000
From: "Winfield, Alister" <Alister.Winfield@sky.uk>
To: "doh@ietf.org" <doh@ietf.org>
Thread-Topic: Googles Experimental DoH Endpoint.
Thread-Index: AQHVDCVQeEeedLcigU6Yk5iVYmPLhA==
Date: Thu, 16 May 2019 20:24:08 +0000
Message-ID: <BF0C7A3C-17F5-4BD0-AD7C-25922B085D23@sky.uk>
Accept-Language: en-GB, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/10.19.0.190512
authentication-results: spf=none (sender IP is ) smtp.mailfrom=Alister.Winfield@sky.uk;
x-originating-ip: [2a02:c7d:e2db:2400:a54d:161b:5775:e7a3]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 33b036e0-0204-4555-12d2-08d6da3c733e
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600141)(711020)(4605104)(2017052603328)(7193020); SRVR:DB6PR0601MB2421;
x-ms-traffictypediagnostic: DB6PR0601MB2421:
x-microsoft-antispam-prvs: <DB6PR0601MB24217B3BAE6FE4EC66D791CAE30A0@DB6PR0601MB2421.eurprd06.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:2331;
x-forefront-prvs: 0039C6E5C5
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(136003)(396003)(39860400002)(346002)(376002)(366004)(189003)(199004)(53936002)(6116002)(99286004)(2616005)(476003)(5660300002)(46003)(8676002)(81166006)(81156014)(1730700003)(7736002)(72206003)(478600001)(8936002)(14454004)(25786009)(74482002)(2906002)(15974865002)(86362001)(2351001)(82746002)(36756003)(102836004)(14444005)(5024004)(33656002)(6436002)(5640700003)(256004)(64756008)(6506007)(73956011)(76116006)(68736007)(71190400001)(66946007)(91956017)(66556008)(6306002)(6486002)(6512007)(66446008)(58126008)(66476007)(83716004)(2501003)(71200400001)(54896002)(6916009)(486006)(316002)(186003)(3480700005); DIR:OUT; SFP:1101; SCL:1; SRVR:DB6PR0601MB2421; H:DB6PR0601MB2184.eurprd06.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:0;
received-spf: None (protection.outlook.com: sky.uk does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: v140PqROig+psbXiN/cSdEugOqLA/dem6+K5/x9aGoDHefEKU6N6i8wsmUVTgdascHO76QP/2leDeeuAL/AwVcyEEgNbqy6NHhdhq3C6uavuopUaWPxmc6iEBgxLO/+abeG39Ay39tS1dwTbd9YjH46DPkI4tTbNoS+ORFMZwQz744pGKEi5e6j6bbUKn24v6hX7n5fFj6v9cEbNNy5/eTNfMT1U5Jb+k51ez7df6mpv0xyTank/D/9Y+WGbS8o2XYGRntgMDUxTcV4V/c+YI5nnbypx1jeaU4CigGGknot1xEKtKaQyYXwrSRAYiSNI8Ee0SXTwszhcq6ZHnJQMmxpiNCL4blZ/sCQ3tCHorgLbId2fEOCWQj74QZK19mEgtd+dEAse+SpZ7KrJZF0pkaE5bDcYt9xEvZoAc9vBWSA=
Content-Type: multipart/alternative; boundary="_000_BF0C7A3C17F54BD0AD7C25922B085D23skyuk_"
MIME-Version: 1.0
X-OriginatorOrg: sky.uk
X-MS-Exchange-CrossTenant-Network-Message-Id: 33b036e0-0204-4555-12d2-08d6da3c733e
X-MS-Exchange-CrossTenant-originalarrivaltime: 16 May 2019 20:24:08.4123 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 68b865d5-cf18-4b2b-82a4-a4eddb9c5237
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DB6PR0601MB2421
Archived-At: <https://mailarchive.ietf.org/arch/msg/doh/95MtwTSUxcSVCUCxjaBhpx0m98Y>
Subject: [Doh] Googles Experimental DoH Endpoint.
X-BeenThere: doh@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: DNS Over HTTPS <doh.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/doh>, <mailto:doh-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/doh/>
List-Post: <mailto:doh@ietf.org>
List-Help: <mailto:doh-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/doh>, <mailto:doh-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 16 May 2019 20:24:27 -0000

oh by the way I noticed this and it seems counter to the claim of DoH only running on 8.8.8.8.


To keep it short I’ve removed the SSL setup step from the example.



$ openssl s_client -connect search.google.com:443 -servername search.google.com

…

---



GET /experimental?dns=AAABAAABAAAAAAAAA3d3dwdleGFtcGxlA2NvbQAAAQAB HTTP/1.1

host: dns.google.com



HTTP/1.1 200 OK

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload

Access-Control-Allow-Origin: *

Date: Tue, 14 May 2019 13:49:53 GMT

Expires: Tue, 14 May 2019 13:49:53 GMT

Cache-Control: private, max-age=20595

Content-Type: application/dns-message

Server: HTTP server (unknown)

Content-Length: 49

X-XSS-Protection: 0

X-Frame-Options: SAMEORIGIN

Alt-Svc: quic=":443"; ma=2592000; v="46,44,43,39"



??wwwexamplecom?

                Ps]??"^C

$


Tried a few more gmail.google.com, www.youtube.com, news.google.com

So I guess it’s their entire web estate

--
Alister Winfield.
Information in this email including any attachments may be privileged, confidential and is intended exclusively for the addressee. The views expressed may not be official policy, but the personal views of the originator. If you have received it in error, please notify the sender by return e-mail and delete it from your system. You should not reproduce, distribute, store, retransmit, use or disclose its contents to anyone. Please note we reserve the right to monitor all e-mail communication through our internal and external networks. SKY and the SKY marks are trademarks of Sky Limited and Sky International AG and are used under licence.

Sky UK Limited (Registration No. 2906991), Sky-In-Home Service Limited (Registration No. 2067075), Sky Subscribers Services Limited (Registration No. 2340150) and Sky CP Limited (Registration No. 9513259) are direct or indirect subsidiaries of Sky Limited (Registration No. 2247735). All of the companies mentioned in this paragraph are incorporated in England and Wales and share the same registered office at Grant Way, Isleworth, Middlesex TW7 5QD

v2.23.0 | Report a Bug | By Email