Re: [Doh] DoH

John Carr <> Thu, 28 March 2019 16:20 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 8FDA212008A for <>; Thu, 28 Mar 2019 09:20:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id D3Rkw-UKf5ka for <>; Thu, 28 Mar 2019 09:20:11 -0700 (PDT)
Received: from ( []) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 46A24120096 for <>; Thu, 28 Mar 2019 09:20:10 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=selector1-johncarr-eu; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=wDGESrIxtT3wbpPH9ncjkcK1bytscaX7zjTiE1qyejo=; b=j14GsW0o0f4mDlqrYbCtg7jcXYQoH1QH389xmfJhhZPfscX83b2g3gW2ypYeL10CPNePNJdhWTpdOc2Ybuk6uMfgR5e0J/acAxfxouYAEFSijOINmisuzOxL2neueb8u8/UnEQgumPsUibhm8YIPnRBwdaS81M1lad6RazRl73A=
Received: from ( by ( with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1750.15; Thu, 28 Mar 2019 16:20:07 +0000
Received: from ([fe80::6cd4:7f3a:2e8e:670b]) by ([fe80::6cd4:7f3a:2e8e:670b%5]) with mapi id 15.20.1750.014; Thu, 28 Mar 2019 16:20:07 +0000
From: John Carr <>
To: Patrick McManus <>
CC: "" <>, "" <>
Thread-Topic: DoH
Thread-Index: AdTldH+LSciD1yZYTp6B3rJaUBvVvQACjd8AAADBcIA=
Date: Thu, 28 Mar 2019 16:20:07 +0000
Message-ID: <>
References: <> <>
In-Reply-To: <>
Accept-Language: en-GB, en-US
Content-Language: en-US
authentication-results: spf=none (sender IP is );
x-originating-ip: []
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: c7d14966-953f-43f5-ac20-08d6b3993e6e
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(7021145)(8989299)(5600127)(711020)(4605104)(4534185)(7022145)(4603075)(4627221)(201702281549075)(8990200)(7048125)(7024125)(7027125)(7023125)(2017052603328)(7153060)(7193020); SRVR:DB7PR03MB4761;
x-ms-traffictypediagnostic: DB7PR03MB4761:
x-ms-exchange-purlcount: 2
x-microsoft-antispam-prvs: <>
x-forefront-prvs: 0990C54589
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(396003)(39830400003)(346002)(376002)(366004)(136003)(189003)(199004)(6506007)(4326008)(53546011)(55016002)(6916009)(186003)(9686003)(53386004)(53936002)(229853002)(486006)(236005)(790700001)(6116002)(54896002)(446003)(3846002)(11346002)(6246003)(102836004)(2906002)(76176011)(26005)(6306002)(316002)(606006)(25786009)(508600001)(54906003)(99286004)(476003)(7696005)(86362001)(106356001)(97736004)(5660300002)(966005)(14444005)(52536014)(66574012)(7736002)(221733001)(105586002)(33656002)(66066001)(6436002)(74482002)(14454004)(81156014)(68736007)(8936002)(71200400001)(74316002)(256004)(81166006)(7116003)(71190400001)(8676002)(3480700005); DIR:OUT; SFP:1102; SCL:1; SRVR:DB7PR03MB4761;; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None ( does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: lBYZY3217nfcyddKBY/fYnGaitlgvUBfuin9q95k+23TqhhzyiAUYoFw1EPgHHy1MUYFnJwc38V/nGum9zrfIAwiapL9ejf+uaf644iC+O1kL5G9AAgC3IHvuT2ZS6mYTpPM8YeAVLrBcbzr7pw1wI+raq18rc5XjJPTVnfNluoA2nlEs8871nQdFIqM3/AVP4gxyD7R+hfQEb3FOz69yS+KazaAzURSC7Nd0tEiWIwgsTmQOsDBR0H9BLXKWYcQ7tYv5ly0Wds0W+ZvOBw7z/bBzVrScfFbjPBChztsZl00/CzemnBqJhjEqhE3G+GaUcvaVmyN8xhICc6DL/5hB7iz9g8YW16Pe2ycqLR+fhysl68yxn/cUEOn72MYU0eMiwpleqCWqOwGpokpo3LT7KeOUTNHE+hWdwd4gUOdKkI=
Content-Type: multipart/alternative; boundary="_000_DB7PR03MB4698A645255E883C9CC07AC3C6590DB7PR03MB4698eurp_"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: c7d14966-953f-43f5-ac20-08d6b3993e6e
X-MS-Exchange-CrossTenant-originalarrivaltime: 28 Mar 2019 16:20:07.7992 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 116a4049-d222-4a18-a59e-1c70be95b47b
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DB7PR03MB4761
Archived-At: <>
X-Mailman-Approved-At: Thu, 28 Mar 2019 09:29:52 -0700
Subject: Re: [Doh] DoH
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: DNS Over HTTPS <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Thu, 28 Mar 2019 16:20:14 -0000

Many thanks. I represent children’s organizations which do not have  the resources to track the complexities or ins and outs of some of these sorts of issues.

Perhaps there is someone on the list who knows the answer to my question? Or are you saying I must wade through the whole shooting match and work it for myself?


From: Patrick McManus <>
Sent: 28 March 2019 15:56
To: John Carr <>
Subject: Re: DoH

Hi John - I cannot speak for the IETF, nor am I in a position to effectively summarize all of the inputs over the year long process in building RFC 8484. However the consensus opinion of that work is reflected in that document. I can also refer you to the datatracker page for the working group which includes the mailing list archives and minutes from in person meetings while doing the work. The final consensus document does contain some related content in section 10.

Best Regards,

On Thu, Mar 28, 2019 at 3:54 PM John Carr <<>> wrote:
Hi Both,

I refer to the IETF project on DNS queries over HTTPS (DoH)

Could you tell me if, in the course of the deliberations which have been taking place within the IETF structures in respect of DoH, any consideration was given, or is being given, to the implications of this standard in terms of its likely impact on filtering solutions which have been implemented either  on routers within individual households, or by ISPs or other access providers, where the purpose of the filtering is either to restrict access to known illegal content or it is to restrict access to content which is considered inappropriate, e.g. for younger family members?

Many thanks,

John  Carr
Children’s Charities’ Coalition on Internet Safety<>