Re: [Doh] [Ext] panel discussion on DoH/DoC
Adam Roach <adam@nostrum.com> Thu, 07 February 2019 16:41 UTC
Return-Path: <adam@nostrum.com>
X-Original-To: doh@ietfa.amsl.com
Delivered-To: doh@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4770A124BF6 for <doh@ietfa.amsl.com>; Thu, 7 Feb 2019 08:41:38 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.078
X-Spam-Level:
X-Spam-Status: No, score=-0.078 tagged_above=-999 required=5 tests=[DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, T_SPF_HELO_PERMERROR=0.01, T_SPF_PERMERROR=0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=nostrum.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id V-JsEOW5U0FX for <doh@ietfa.amsl.com>; Thu, 7 Feb 2019 08:41:36 -0800 (PST)
Received: from nostrum.com (raven-v6.nostrum.com [IPv6:2001:470:d:1130::1]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 95F941271FF for <doh@ietf.org>; Thu, 7 Feb 2019 08:41:36 -0800 (PST)
Received: from MacBook-Pro.roach.at (99-152-146-228.lightspeed.dllstx.sbcglobal.net [99.152.146.228]) (authenticated bits=0) by nostrum.com (8.15.2/8.15.2) with ESMTPSA id x17GfCPT060382 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NO); Thu, 7 Feb 2019 10:41:14 -0600 (CST) (envelope-from adam@nostrum.com)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=nostrum.com; s=default; t=1549557674; bh=8by/jpjCWw12XKmaBkKKPf4fhx49otdE2upy40gTrPA=; h=Subject:To:Cc:References:From:Date:In-Reply-To; b=SN29nG69lMJn+hm9PCUEQXwkUSNN2VHxqltLlza9Ld3m237CxKCbhhIzWkvjHwwzG XcRn6023HHOuPOSwfxB3RQNao1RjKfk/pAenmOrj7rE0fcNuoObMDI/X2aYmZXdP2E 5xcoB8TdL/0W8jZr9ftkFHrioM78+As4ND4AWAmg=
X-Authentication-Warning: raven.nostrum.com: Host 99-152-146-228.lightspeed.dllstx.sbcglobal.net [99.152.146.228] claimed to be MacBook-Pro.roach.at
To: Paul Hoffman <paul.hoffman@icann.org>
Cc: DoH WG <doh@ietf.org>
References: <20190207105106.GB1772@server.ds9a.nl> <C7C3BAF7-4BD4-4EE2-B3F2-1F8B49222980@fugue.com> <20190207130313.7g7hf4swaopnr75e@nic.fr> <FD7BFAFF-88B9-49BF-A652-3649ADCD53F9@fugue.com> <7A2202F4-FAE9-4282-BC0B-8229A9A6E016@icann.org> <54d1803d-c0a1-1324-8c0c-41214d05eaa9@nostrum.com> <7A52C280-F26A-4C2E-B77E-2A8C019151F3@icann.org>
From: Adam Roach <adam@nostrum.com>
Message-ID: <64c7992e-88c2-facb-ced5-1b912ae3216b@nostrum.com>
Date: Thu, 07 Feb 2019 10:41:07 -0600
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.13; rv:60.0) Gecko/20100101 Thunderbird/60.5.0
MIME-Version: 1.0
In-Reply-To: <7A52C280-F26A-4C2E-B77E-2A8C019151F3@icann.org>
Content-Type: multipart/alternative; boundary="------------5DE247B9F9C09A21786BD2F4"
Content-Language: en-US
Archived-At: <https://mailarchive.ietf.org/arch/msg/doh/HVDsLo4yTVwIgG0RBuNXbCUOLwQ>
Subject: Re: [Doh] [Ext] panel discussion on DoH/DoC
X-BeenThere: doh@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: DNS Over HTTPS <doh.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/doh>, <mailto:doh-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/doh/>
List-Post: <mailto:doh@ietf.org>
List-Help: <mailto:doh-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/doh>, <mailto:doh-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 07 Feb 2019 16:41:38 -0000
On 2/7/19 10:06 AM, Paul Hoffman wrote: > On Feb 7, 2019, at 7:46 AM, Adam Roach <adam@nostrum.com> wrote: >> On 2/7/19 9:36 AM, Paul Hoffman wrote: >>>> although not the use case that subsequently emerged, where browsers do it instead of using the local resolver. >>> A browser vendor (Mozilla) does use a cloud provider as their default DoH server. That browser vendor has not explained why. >> >> The claim that Firefox has a cloud provider as its default DoH server isn't wrong on its face, but the implication that Firefox uses DoH by default is. > Sorry, I certainly didn't mean to imply that. The dialog where you can turn on DoH is completely clear that it is off by default. > >> The claim that Mozilla has not explained why, however, is flatly false. There's been a lot of electronic ink spilled on the topic; including, notably: https://blog.nightly.mozilla.org/2018/06/01/improving-dns-privacy-in-firefox/ > We disagree that that article from six months ago explains why Cloudflare is still the default provider. I thought the following text in the article I cited was pretty clear: "We’ve chosen Cloudflare because they agreed to a very strong privacy agreement <https://developers.cloudflare.com/1.1.1.1/commitment-to-privacy/privacy-policy/firefox/> that protects your data." If you want a little more meat on that statement, I'll clarify that the agreement here isn't just some informal "put these words up on a webpage" kid of thing. There's a formal legal agreement in place between Mozilla and Cloudflare that ensures that Cloudflare is handling DoH queries with the standards of privacy that Mozilla demands as part of its core mission. /a
- [Doh] panel discussion on DoH/DoC bert hubert
- Re: [Doh] panel discussion on DoH/DoC Ted Lemon
- Re: [Doh] panel discussion on DoH/DoC Stephane Bortzmeyer
- Re: [Doh] panel discussion on DoH/DoC Ted Lemon
- Re: [Doh] panel discussion on DoH/DoC Shane Kerr
- Re: [Doh] panel discussion on DoH/DoC Vittorio Bertola
- Re: [Doh] panel discussion on DoH/DoC Ralf Weber
- Re: [Doh] panel discussion on DoH/DoC Ted Lemon
- Re: [Doh] panel discussion on DoH/DoC Jim Reid
- Re: [Doh] panel discussion on DoH/DoC Ted Lemon
- Re: [Doh] panel discussion on DoH/DoC Jim Reid
- Re: [Doh] panel discussion on DoH/DoC Valentin Gosu
- Re: [Doh] panel discussion on DoH/DoC Vittorio Bertola
- Re: [Doh] panel discussion on DoH/DoC Jim Reid
- Re: [Doh] panel discussion on DoH/DoC Joseph Lorenzo Hall
- Re: [Doh] [Ext] panel discussion on DoH/DoC Paul Hoffman
- Re: [Doh] [Ext] panel discussion on DoH/DoC Adam Roach
- Re: [Doh] [Ext] panel discussion on DoH/DoC Eliot Lear
- Re: [Doh] [Ext] panel discussion on DoH/DoC Paul Hoffman
- Re: [Doh] [Ext] panel discussion on DoH/DoC Ask Bjørn Hansen
- Re: [Doh] [Ext] panel discussion on DoH/DoC Jim Reid
- Re: [Doh] [Ext] panel discussion on DoH/DoC Adam Roach
- Re: [Doh] [Ext] panel discussion on DoH/DoC Adam Roach
- Re: [Doh] [Ext] panel discussion on DoH/DoC bert hubert
- Re: [Doh] [Ext] panel discussion on DoH/DoC Eliot Lear
- Re: [Doh] [Ext] panel discussion on DoH/DoC Adam Roach
- Re: [Doh] panel discussion on DoH/DoC Shane Kerr
- Re: [Doh] panel discussion on DoH/DoC Joseph Lorenzo Hall
- Re: [Doh] panel discussion on DoH/DoC Martin Thomson
- Re: [Doh] panel discussion on DoH/DoC Andrew Sullivan
- Re: [Doh] panel discussion on DoH/DoC Eric Rescorla
- Re: [Doh] panel discussion on DoH/DoC Andrew Sullivan
- Re: [Doh] panel discussion on DoH/DoC Stephen Farrell
- Re: [Doh] panel discussion on DoH/DoC Eliot Lear
- Re: [Doh] panel discussion on DoH/DoC Vittorio Bertola
- Re: [Doh] panel discussion on DoH/DoC Eric Rescorla
- Re: [Doh] panel discussion on DoH/DoC Jim Reid
- Re: [Doh] panel discussion on DoH/DoC Eric Rescorla
- Re: [Doh] panel discussion on DoH/DoC Stephen Farrell