IETF Logo Mail Archive

Re: [Doh] Mozilla's plans re: DoH

Matthew Pounsett <matt@conundrum.com> Wed, 27 March 2019 10:19 UTC

Return-Path: <matt@conundrum.com>
X-Original-To: doh@ietfa.amsl.com
Delivered-To: doh@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 00EFF120622 for <doh@ietfa.amsl.com>; Wed, 27 Mar 2019 03:19:02 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=conundrum-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id WYkLFHqKaA3E for <doh@ietfa.amsl.com>; Wed, 27 Mar 2019 03:18:59 -0700 (PDT)
Received: from mail-io1-xd31.google.com (mail-io1-xd31.google.com [IPv6:2607:f8b0:4864:20::d31]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D175012028F for <doh@ietf.org>; Wed, 27 Mar 2019 03:18:56 -0700 (PDT)
Received: by mail-io1-xd31.google.com with SMTP id b6so13568060iog.0 for <doh@ietf.org>; Wed, 27 Mar 2019 03:18:56 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=conundrum-com.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=cdquF1/kgPeQqtLe1yoVfzH00Kp4T25QwmeynntOuT0=; b=RXfMH1JmGBmDuA4q6P8bmnt5Qt4TWYgSOmh0Kbo1tYva1WMd423dLuh9pI3zsunjDJ gYPJ9gupvuh7YjQmYEGXayI20Drc2U7oV3nG12QxuBvng4QtOY7F/E2GzzRhG+bKlV4G usrzSnw6e9S3ChMLj2+yiWfS0efdFVjZT5BQ40lPRRbmHnTOc7TehTJHzIkYAS2NnWXq KiAUHgiDMvcneFdzTOgti76ebhO9qCK8GFHp+DfQ1M6qD0uQqUxjdGLzCk0WybaQUdYY CEV5mCzlSFBLx5xcXEsSWfWpJGJOePmH6VzhLk8GkSU3e3o945wn6fw0B35PAZMrMkOh gBiQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=cdquF1/kgPeQqtLe1yoVfzH00Kp4T25QwmeynntOuT0=; b=ZzR/QlFzBNf8vbzqTnA3TIJhwsxpxXZ1prs/+EwL6qMTDYbg6Af35AONDYRUpbAETG 6f0pt+cFZtrCCugGvyRu3G5VpOWb5h85bLJWiVnbOyxYPPaI/5tZsE2XXJEZ8JY/122q 2HgVukuUjWW9JvP6HtSrVl4XB7NFksaKbHAcpyDgyXAhexcHV0rGBJtZoAq183JvqisL dN6NMzK0bUXNmYaTi9NpL3WtKK8Toh+oy2YrrzeU5740pEc6JDmfZ7p2oUzS2h4qrm0e rAdyF2MGyuOshqkGfpQZQ9AhuPIZ3UoL3em/lHEYpzR9lwj8C2/ss5cP/lvtu8cyQLdl f7HA==
X-Gm-Message-State: APjAAAXv68PtZX6+1XeH8NlchGr7VWdSytG/iVsy5vIuuZxOlgRylWQO QWtlhKBG1FtfKQxSuMHzNkN5Qy1hOsHX0ssFUsBZPQ==
X-Google-Smtp-Source: APXvYqyWfZ+3D3QE/lnI9/uJbpb8ubqde2S0nDNNlkZCL4bdv1OEMzijyp0kZ/V3T/9wbXVWPLqojtY16MekLZGtME0=
X-Received: by 2002:a6b:ec15:: with SMTP id c21mr5172314ioh.152.1553681936024; Wed, 27 Mar 2019 03:18:56 -0700 (PDT)
MIME-Version: 1.0
References: <CABcZeBOk5bM+3G2Jd3Lu33Z08gc=AeoZ8UFHzN6AYk4f_hjZ8Q@mail.gmail.com> <CABcZeBPUh6x=D+GfKg11+4bRouZdm1LcZvLm1jd4UUEJA832BQ@mail.gmail.com>
In-Reply-To: <CABcZeBPUh6x=D+GfKg11+4bRouZdm1LcZvLm1jd4UUEJA832BQ@mail.gmail.com>
From: Matthew Pounsett <matt@conundrum.com>
Date: Wed, 27 Mar 2019 11:18:41 +0100
Message-ID: <CAAiTEH_Cpt6ir4vpoAxdVcks+vHqJwcDd7N9DKjV7CC74ON2qQ@mail.gmail.com>
To: Eric Rescorla <ekr@rtfm.com>
Cc: DoH WG <doh@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000e428d2058510c346"
Archived-At: <https://mailarchive.ietf.org/arch/msg/doh/G_znCp5VVykCYATrUfqsFsN1YZk>
Subject: Re: [Doh] Mozilla's plans re: DoH
X-BeenThere: doh@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: DNS Over HTTPS <doh.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/doh>, <mailto:doh-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/doh/>
List-Post: <mailto:doh@ietf.org>
List-Help: <mailto:doh-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/doh>, <mailto:doh-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 27 Mar 2019 10:19:04 -0000

On Wed, 27 Mar 2019 at 10:25, Eric Rescorla <ekr@rtfm.com> wrote:

>     1. Copies of Firefox will be configured with a set of TRRs. Different
>     regions may have different TRR sets or different defaults. In addition
>     we may have DoH/TRR on by default in some regions and not others,
>     especially initially.
>

Can I suggest you pick a default behaviour and stick with it?  This idea of
having a different default configuration depending on what region the user
is in (at what point?  at the time they downloaded it?  installed it?  at
runtime? how big is a "region" and how are you determining which one the
user is in?) is going to be a bit of a support nightmare for IT departments
with users in different regions.

I'm also curious what your fallback plan is in the event that DoH is
disabled or unreachable.  One hopes DoT will be tried next, before falling
back to plan DNS.

v2.23.0 | Report a Bug | By Email