Re: [Doh] [Ext] A question of trust (was Re: Draft -09 and WGLC #2)

Paul Hoffman <paul.hoffman@icann.org> Wed, 30 May 2018 14:46 UTC

Return-Path: <paul.hoffman@icann.org>
X-Original-To: doh@ietfa.amsl.com
Delivered-To: doh@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CCF4412D88A for <doh@ietfa.amsl.com>; Wed, 30 May 2018 07:46:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.201
X-Spam-Level:
X-Spam-Status: No, score=-4.201 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9M762XCMqHCq for <doh@ietfa.amsl.com>; Wed, 30 May 2018 07:46:23 -0700 (PDT)
Received: from out.west.pexch112.icann.org (pfe112-ca-2.pexch112.icann.org [64.78.40.10]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2C57D12D86E for <doh@ietf.org>; Wed, 30 May 2018 07:46:23 -0700 (PDT)
Received: from PMBX112-W1-CA-1.pexch112.icann.org (64.78.40.21) by PMBX112-W1-CA-1.pexch112.icann.org (64.78.40.21) with Microsoft SMTP Server (TLS) id 15.0.1367.3; Wed, 30 May 2018 07:46:21 -0700
Received: from PMBX112-W1-CA-1.pexch112.icann.org ([64.78.40.21]) by PMBX112-W1-CA-1.PEXCH112.ICANN.ORG ([64.78.40.21]) with mapi id 15.00.1367.000; Wed, 30 May 2018 07:46:21 -0700
From: Paul Hoffman <paul.hoffman@icann.org>
To: Andrew Sullivan <ajs@anvilwalrusden.com>
CC: "doh@ietf.org" <doh@ietf.org>
Thread-Topic: [Ext] [Doh] A question of trust (was Re: Draft -09 and WGLC #2)
Thread-Index: AQHT+CT5Axi7M/HFtUWkwFRL5Ez03w==
Date: Wed, 30 May 2018 14:46:21 +0000
Message-ID: <197F1CB0-DFA5-4720-94E0-223D708B0D79@icann.org>
References: <382ba525100a4561b086fe8b8b6527be@ustx2ex-dag1mb3.msg.corp.akamai.com> <603D7553-D1A9-4DCC-9E74-199059C56A9F@sinodun.com> <1daad94d-99c1-803a-f52c-1dd17adefb7a@o2.pl> <CAOdDvNrpLwF5jpn1YA4-HXsfGxVkdds+xHVd6Bxy0Ux+3nrcrA@mail.gmail.com> <CA9BEE64-9F16-4CCC-A1E0-4C7FD45C455C@icann.org> <20180528161043.GB12038@mx4.yitter.info> <CABkgnnV3kKFCzKLfPf_0WZh95jr2vEt652Rb4EozfqROCVsJdA@mail.gmail.com> <CAOdDvNrPU9WM3WgcX1AVF39D3bGdxCKgPAF_afhfv2Qt0pZR5g@mail.gmail.com> <DB7D40D6-455A-48DD-AB98-DF2CF0866222@sinodun.com> <CAOdDvNopKvs18jQizgyiAQq8UyB4GwdqyXfXPa+25pNrxWg8pA@mail.gmail.com> <20180530143833.GB3110@mx4.yitter.info>
In-Reply-To: <20180530143833.GB3110@mx4.yitter.info>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-exchange-messagesentrepresentingtype: 1
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [192.0.32.234]
Content-Type: text/plain; charset="us-ascii"
Content-ID: <E0A417F9F72FBA478C23A31A1BBD306F@pexch112.icann.org>
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/doh/ExUJU-fnwmqXpVrxLrbhZi4JrFA>
Subject: Re: [Doh] [Ext] A question of trust (was Re: Draft -09 and WGLC #2)
X-BeenThere: doh@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: DNS Over HTTPS <doh.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/doh>, <mailto:doh-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/doh/>
List-Post: <mailto:doh@ietf.org>
List-Help: <mailto:doh-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/doh>, <mailto:doh-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 30 May 2018 14:46:25 -0000

On May 30, 2018, at 7:38 AM, Andrew Sullivan <ajs@anvilwalrusden.com>; wrote:
> 
> Hi,
> 
> On Tue, May 29, 2018 at 09:22:54PM -0400, Patrick McManus wrote:
>>    I support only specifying direct configuration in this document but either
>>    way making it more explicit.
>> 
>> 
>> I would describe [in]direct (or not) as one aspect of discovery, and the
>> working group has chosen to stay away from discovery in this document.
> 
> To people who are used to the model of, "I got my resolver from DHCP,"
> a thing you get from DHCP is not obviously "discovery".  It's
> (auto)configuration.  It's not hard to see how a hotspot portal is
> going to extend that metaphor using DOH, and it is still not clear to
> me that this text is saying, "Don't do that," though I think it might
> be.  

The new text from the pull request is hopefully clearer:

A DNS API client MUST NOT use a different URI simply because it was discovered
outside of the client's configuration, or because a server offers an unsolicited response
that appears to be a valid answer to a DNS query. This
specification does not extend DNS resolution privileges to URIs that
are not recognized by the DNS API client as configured URIs. Such
scenarios may create additional operational, tracking, and security
hazards that require limitations for safe usage. A future
specification may support this use case.

That "future specification" might come out of DRIU, or from this WG.

--Paul Hoffman