Re: [Doh] [DNSOP] [dns-privacy] New: draft-bertola-bcp-doh-clients

Eliot Lear <> Wed, 13 March 2019 05:04 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 051DB130DE3; Tue, 12 Mar 2019 22:04:25 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -14.5
X-Spam-Status: No, score=-14.5 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id uZddekRXptaw; Tue, 12 Mar 2019 22:04:23 -0700 (PDT)
Received: from ( []) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 3E1EE130DC9; Tue, 12 Mar 2019 22:04:22 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;;; l=6642; q=dns/txt; s=iport; t=1552453462; x=1553663062; h=from:message-id:mime-version:subject:date:in-reply-to:cc: to:references; bh=Y21T41ED/1s9TGHrDFbm0pRGqn1V4ytDkgmG28XAZSs=; b=HuGBLgipm6O0Zi5ZqOj7nzO3WNuu/CvhLuxZFgkQHtUSA9nnOSAXxUmw YN5fUSgXoAVzjC85fOo+nOE5ktzyDwPIp3fOF1iUy59olrNxYeRGEc7Kg qpYZ8o6crXX3WEiS5QQTsHQzpd4II1afAMotuzA0iT/ow3tSd2rQ8CEcC k=;
X-Files: signature.asc : 488
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: =?us-ascii?q?A0AHAAAQj4hc/xbLJq1kGQEBAQEBAQE?= =?us-ascii?q?BAQEBAQcBAQEBAQGBUwIBAQEBAQsBgndxEieECoh5jGaSNoV1gXsIAwEBGAE?= =?us-ascii?q?KhEkChFs2Bw0BAQMBAQkBAwJtHAyFSgEBAQMBAQEhSwYFBQsLGCoCAicwBhO?= =?us-ascii?q?DIgGBbQgPr06BLx+FJoRjCgWBLwGBSIl7gX+BOB+CTIMeAQGEazGCJgOMJoR?= =?us-ascii?q?RTJJuCYRbjjoZkz6aYoJuAgQGBQIVgU4CL4FWMxoIGxU7KgGCQT6BU4h7hUA?= =?us-ascii?q?+AzCRQwEB?=
X-IronPort-AV: E=Sophos;i="5.58,473,1544486400"; d="asc'?scan'208,217";a="10707558"
Received: from (HELO ([]) by with ESMTP/TLS/DHE-RSA-SEED-SHA; 13 Mar 2019 05:04:19 +0000
Received: from ( []) by (8.15.2/8.15.2) with ESMTPS id x2D54I3b027990 (version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Wed, 13 Mar 2019 05:04:19 GMT
From: Eliot Lear <>
Message-Id: <>
Content-Type: multipart/signed; boundary="Apple-Mail=_838E1E39-B8CF-4C4F-B893-6B856C6106FB"; protocol="application/pgp-signature"; micalg=pgp-sha256
Mime-Version: 1.0 (Mac OS X Mail 12.2 \(3445.102.3\))
Date: Wed, 13 Mar 2019 06:04:17 +0100
In-Reply-To: <>
Cc: Paul Vixie <>, dnsop <>, "" <>, "" <>, Stephen Farrell <>
To: Christian Huitema <>
References: <> <5342244.Q90AZAhhXk@linux-9daj> <> <2356055.DoC3vY7yXE@linux-9daj> <>
X-Mailer: Apple Mail (2.3445.102.3)
Archived-At: <>
Subject: Re: [Doh] [DNSOP] [dns-privacy] New: draft-bertola-bcp-doh-clients
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: DNS Over HTTPS <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Wed, 13 Mar 2019 05:04:25 -0000


This conversation has gone to the zoo.  What is or is not political doesn’t matter at this stage in the game, and neither is arguing over rights over bits.  If people want to do that I suggest doing so in the HRPC WG and with a draft in hand.  Flaming back and forth without an objective of actually modifying text or developing a work proposal is quite pointless.

What is important is to document the technical ramifications of the changes brought about by DoH.  To move things forward, can we simply go through the drafts in the side meeting, and indicate what administrators might do about any perceived negative effects?  Whether those effects seem negative to you only matters if there is a proposal for the IETF to take on new work to “correct” them.


> On 13 Mar 2019, at 03:59, Christian Huitema <> wrote:
> On 3/12/2019 2:11 PM, Paul Vixie wrote:
>>> I don't see why, based on your argument, your concerns
>>> trump his.
>>> Can you explain?
>> he's trying to achieve a political aim using technology. that is not the
>> purpose for which the internet engineering task force, or the internet itself,
>> was convened. it is not why our employers pay our travel costs. and it is not
>> why the rest of the world trusts our outputs.
> Sorry, but no. I am vying for network transparency, and I believe that if filtering is to be enforced, it should be controlled by the user. You are claiming that safety mandates giving the network operator full control over name resolution. Both of these positions come from specific visions about how the network should work. Neither is more a political goal than the other.
> -- Christian Huitema
> _______________________________________________
> Doh mailing list