Re: [Doh] New Privacy Considerations Section Proposal

Daniel Stenberg <daniel@haxx.se> Thu, 21 June 2018 11:29 UTC

Return-Path: <daniel@haxx.se>
X-Original-To: doh@ietfa.amsl.com
Delivered-To: doh@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F3A1A131239 for <doh@ietfa.amsl.com>; Thu, 21 Jun 2018 04:29:12 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.2
X-Spam-Level:
X-Spam-Status: No, score=-4.2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LbMAnGhgBzt8 for <doh@ietfa.amsl.com>; Thu, 21 Jun 2018 04:29:10 -0700 (PDT)
Received: from giant.haxx.se (www.haxx.se [IPv6:2a00:1a28:1200:9::2]) by ietfa.amsl.com (Postfix) with ESMTP id 960C2131241 for <doh@ietf.org>; Thu, 21 Jun 2018 04:29:10 -0700 (PDT)
Received: from giant.haxx.se (mail [127.0.0.1]) by giant.haxx.se (8.15.2/8.15.2/Debian-4) with ESMTPS id w5LBT7kU000795 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 21 Jun 2018 13:29:07 +0200
Received: from localhost (dast@localhost) by giant.haxx.se (8.15.2/8.15.2/Submit) with ESMTP id w5LBT7w3000791; Thu, 21 Jun 2018 13:29:07 +0200
X-Authentication-Warning: giant.haxx.se: dast owned process doing -bs
Date: Thu, 21 Jun 2018 13:29:07 +0200
From: Daniel Stenberg <daniel@haxx.se>
X-X-Sender: dast@giant.haxx.se
To: Howard Chu <hyc@symas.com>
cc: DoH WG <doh@ietf.org>
In-Reply-To: <fc01b1ca-c0ca-88af-abf4-5fcfc1d954a3@symas.com>
Message-ID: <alpine.DEB.2.20.1806211324270.21233@tvnag.unkk.fr>
References: <CAOdDvNpY4NpvSKW_D__jztDD_wkaRsJna9L+Br+hdnDnQ8w5SQ@mail.gmail.com> <CA+9kkMDt03Uv6UvtZw=mvo=+6dprGqUDMkC7Ef6bd=kb6vX_Fg@mail.gmail.com> <CAOdDvNrjZu-q63DUhNjf7fYjNux2ewv4DTZkGPvFRrGfBBJFMA@mail.gmail.com> <c67dc5cb-f6a5-4352-da59-71c4bb9ff98b@nostrum.com> <fc01b1ca-c0ca-88af-abf4-5fcfc1d954a3@symas.com>
User-Agent: Alpine 2.20 (DEB 67 2015-01-07)
X-fromdanielhimself: yes
MIME-Version: 1.0
Content-Type: text/plain; charset="US-ASCII"; format="flowed"
Archived-At: <https://mailarchive.ietf.org/arch/msg/doh/C5coli1Ze_QIp2suAULEgodKTAE>
Subject: Re: [Doh] New Privacy Considerations Section Proposal
X-BeenThere: doh@ietf.org
X-Mailman-Version: 2.1.26
Precedence: list
List-Id: DNS Over HTTPS <doh.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/doh>, <mailto:doh-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/doh/>
List-Post: <mailto:doh@ietf.org>
List-Help: <mailto:doh-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/doh>, <mailto:doh-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 21 Jun 2018 11:29:22 -0000

On Thu, 21 Jun 2018, Howard Chu wrote:

> that particular DNS/DoH server is unlikely to be serving any interesting web 
> pages for any clients. As such, the frequency of intermingled connections 
> should be low-to-zero.

That's a rather pessimistic view of the DoH future.

I think it is likely that some DoH server operators will be companies with 
distributed presence so that they can offer proximity to users; CDNs and the 
likes. CDNs also host web sites. They should thus be perfect candidates for 
serving both web content and DoH requests over the same connections. 
Especially in combination with the ORIGIN frame etc.

-- 

  / daniel.haxx.se