Re: [Doh] [Ext] panel discussion on DoH/DoC

Adam Roach <adam@nostrum.com> Thu, 07 February 2019 15:46 UTC

Return-Path: <adam@nostrum.com>
X-Original-To: doh@ietfa.amsl.com
Delivered-To: doh@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 57B96126D00 for <doh@ietfa.amsl.com>; Thu, 7 Feb 2019 07:46:12 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.079
X-Spam-Level:
X-Spam-Status: No, score=-0.079 tagged_above=-999 required=5 tests=[DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, T_SPF_HELO_PERMERROR=0.01, T_SPF_PERMERROR=0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=nostrum.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id c0O0-luHdEbt for <doh@ietfa.amsl.com>; Thu, 7 Feb 2019 07:46:10 -0800 (PST)
Received: from nostrum.com (raven-v6.nostrum.com [IPv6:2001:470:d:1130::1]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9444E12008F for <doh@ietf.org>; Thu, 7 Feb 2019 07:46:10 -0800 (PST)
Received: from MacBook-Pro.roach.at (99-152-146-228.lightspeed.dllstx.sbcglobal.net [99.152.146.228]) (authenticated bits=0) by nostrum.com (8.15.2/8.15.2) with ESMTPSA id x17Fk54B051014 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NO); Thu, 7 Feb 2019 09:46:06 -0600 (CST) (envelope-from adam@nostrum.com)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=nostrum.com; s=default; t=1549554367; bh=FuBVXOkHiIyIumazdvK/Z7XVh3eL8WZPf6mopnawcPc=; h=Subject:To:Cc:References:From:Date:In-Reply-To; b=oFhCecDpuMYFBkOLv2TJGqIbv4JVuP82Vwy86wL7nQxz3sgfduFNzPzZESRjwdlIR vN7XNTHmEm/4R1wHMXPhts6Ay3mVv64FEzk+bFhO9R1y51cSHorM8petESNlvAY/Du OI79QDu/JIVOkmMiXQGHuyzI6wWnaTeJnw3onW3Q=
X-Authentication-Warning: raven.nostrum.com: Host 99-152-146-228.lightspeed.dllstx.sbcglobal.net [99.152.146.228] claimed to be MacBook-Pro.roach.at
To: Paul Hoffman <paul.hoffman@icann.org>, Ted Lemon <mellon@fugue.com>
Cc: DoH WG <doh@ietf.org>
References: <20190207105106.GB1772@server.ds9a.nl> <C7C3BAF7-4BD4-4EE2-B3F2-1F8B49222980@fugue.com> <20190207130313.7g7hf4swaopnr75e@nic.fr> <FD7BFAFF-88B9-49BF-A652-3649ADCD53F9@fugue.com> <7A2202F4-FAE9-4282-BC0B-8229A9A6E016@icann.org>
From: Adam Roach <adam@nostrum.com>
Message-ID: <54d1803d-c0a1-1324-8c0c-41214d05eaa9@nostrum.com>
Date: Thu, 07 Feb 2019 09:46:00 -0600
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.13; rv:60.0) Gecko/20100101 Thunderbird/60.5.0
MIME-Version: 1.0
In-Reply-To: <7A2202F4-FAE9-4282-BC0B-8229A9A6E016@icann.org>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Transfer-Encoding: 7bit
Content-Language: en-US
Archived-At: <https://mailarchive.ietf.org/arch/msg/doh/AP-q_08yCJA_yTZZbZF0vU89Lqo>
Subject: Re: [Doh] [Ext] panel discussion on DoH/DoC
X-BeenThere: doh@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: DNS Over HTTPS <doh.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/doh>, <mailto:doh-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/doh/>
List-Post: <mailto:doh@ietf.org>
List-Help: <mailto:doh-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/doh>, <mailto:doh-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 07 Feb 2019 15:46:12 -0000

On 2/7/19 9:36 AM, Paul Hoffman wrote:
>
>> although not the use case that subsequently emerged, where browsers do it instead of using the local resolver.
> A browser vendor (Mozilla) does use a cloud provider as their default DoH server. That browser vendor has not explained why.


The claim that Firefox has a cloud provider as its default DoH server 
isn't wrong on its face, but the implication that Firefox uses DoH by 
default is.

The claim that Mozilla has not explained why, however, is flatly false. 
There's been a lot of electronic ink spilled on the topic; including, 
notably: 
https://blog.nightly.mozilla.org/2018/06/01/improving-dns-privacy-in-firefox/

/a