Re: [Doh] GDPR and DoH
Brian Dickson <brian.peter.dickson@gmail.com> Sat, 06 April 2019 19:57 UTC
Return-Path: <brian.peter.dickson@gmail.com>
X-Original-To: doh@ietfa.amsl.com
Delivered-To: doh@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6758A12036A for <doh@ietfa.amsl.com>; Sat, 6 Apr 2019 12:57:44 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.998
X-Spam-Level:
X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, MIME_QP_LONG_LINE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id gPjRpLCIIbDU for <doh@ietfa.amsl.com>; Sat, 6 Apr 2019 12:57:42 -0700 (PDT)
Received: from mail-pl1-x635.google.com (mail-pl1-x635.google.com [IPv6:2607:f8b0:4864:20::635]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E67EB120369 for <doh@ietf.org>; Sat, 6 Apr 2019 12:57:41 -0700 (PDT)
Received: by mail-pl1-x635.google.com with SMTP id y6so4889651pll.13 for <doh@ietf.org>; Sat, 06 Apr 2019 12:57:41 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=mHvu0DvIKf+yCNsX8QyPfZNEHVC9lXp/1HWi/3/xr5w=; b=FLcIODap1PcigsoQFENSC8gR2gLaYWJ1smDc6X1tWW4bo+vl8GLg78ItI51QkN4ClH seJXM9U3+o73cLN4Dtt2lIhYWbAQNJP7hjIjpk8M0FGOgMtPZyO80nyU1sdMrBql5sVe +AlYAwfLvaghTaI4K2Np/3GNAPp4V1dLzbCAvBjuwwq0VWDjy0BTMB7JCdD38BPtXvyZ Wpg0nIc0NutCqIf61qTaqY3Ovw4QJJQGZVG+sw69eOv01+mYq7M1gsYBulzPq8wyLQ/5 DA6hx1UlneNQ+WvhAMPtF+E/E5LPQyHmul7TiqMFRsjn14zyNMXsK4upzZBzfOs4UA8l t0Yw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=mHvu0DvIKf+yCNsX8QyPfZNEHVC9lXp/1HWi/3/xr5w=; b=HNbinN5FTsHmuvdV3HcR5z0S9gONUhUsn/yg/XxKZ7sjKaKw0Y8D/pvzf4EBc2QiCa 8lJnbiyiCe5aUquBemodaVVpin42VSvlSSIYII8Y969ylcrntYu0DztoCcg+EZRRL3zL 8QgoLA9nd3Q+P5bJER9YyD/dIU9WsyzU9kJP5cRldyRfCwJg1gIFgbEtSKELyjQJu8R7 WZr4SoLaTac5otVaJoB/dr8Qa5w2K+gLgUqSRmhVKy5b23pYoORZbRmMxAqp7txSt7Lm 70A/kly91woUo6Wb0xrfByHSQNvgb2u/BDYPZ5vL7JmBwlSS0XljbqhZ2XkKopor39mS X+6w==
X-Gm-Message-State: APjAAAU78qRRBmeimkWGXaOwlOgOdHX0HRoyXWE9+90pwEoG8V3x01oM zKNdLtEBdDhsvwuRQIEiVcgcVnnw
X-Google-Smtp-Source: APXvYqwlf0AYNHJHiUwo+Ggqj9kncMAgmS527bsjOhtuGaZ8DASYNB1h4E8nougFa7ilT+SCbVYoaw==
X-Received: by 2002:a17:902:70c8:: with SMTP id l8mr20982392plt.177.1554580661391; Sat, 06 Apr 2019 12:57:41 -0700 (PDT)
Received: from ?IPv6:2601:646:8881:1fb4:a916:414e:bbe:b7b0? ([2601:646:8881:1fb4:a916:414e:bbe:b7b0]) by smtp.gmail.com with ESMTPSA id f6sm22350747pgq.11.2019.04.06.12.57.40 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Sat, 06 Apr 2019 12:57:40 -0700 (PDT)
Content-Type: multipart/alternative; boundary="Apple-Mail-F78DD7FF-71A3-4B7C-801D-D70D6EEB95F1"
Mime-Version: 1.0 (1.0)
From: Brian Dickson <brian.peter.dickson@gmail.com>
X-Mailer: iPhone Mail (16E227)
In-Reply-To: <D6EE01DE-EE98-4CDE-A869-6205AD3D584A@gmail.com>
Date: Sat, 06 Apr 2019 12:57:40 -0700
Cc: DoH WG <doh@ietf.org>
Content-Transfer-Encoding: 7bit
Message-Id: <840A9DDA-DD95-421B-B330-2E0934ECD304@gmail.com>
References: <1700920918.12557.1552229700654@appsuite.open-xchange.com> <7667c4d7-2e78-0a27-84af-cf1c00fd4897@cs.tcd.ie> <1991054337.12802.1552259263075@appsuite.open-xchange.com> <eea64b30-aad0-a030-5360-1b1484f1d0e3@huitema.net> <CAPsNn2WhjHSEHJUEL8GB6X0d24fkajgPnY4YgkOQbXjyxb5q8Q@mail.gmail.com> <CACfw2hj07TDCxK9bm0T=JguKyuCEfW2zb_yRJnewjOYL4oxdjA@mail.gmail.com> <CACsn0cmk7NbF+ti0dU7Fp0PK8Gt4P5knC5hrHVLDY59-jaYYzA@mail.gmail.com> <6030358E-24FF-4033-B0A1-AB1123FED964@rfc1035.com> <5ce0d730-aac2-95c9-fead-64cbffa03d52@cs.tcd.ie> <D6EE01DE-EE98-4CDE-A869-6205AD3D584A@gmail.com>
To: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Archived-At: <https://mailarchive.ietf.org/arch/msg/doh/NzzfVisIss_Z76BT-0N1beQt4ec>
Subject: Re: [Doh] GDPR and DoH
X-BeenThere: doh@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: DNS Over HTTPS <doh.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/doh>, <mailto:doh-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/doh/>
List-Post: <mailto:doh@ietf.org>
List-Help: <mailto:doh-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/doh>, <mailto:doh-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 06 Apr 2019 19:57:45 -0000
Resending Sent from my iPhone > On Apr 6, 2019, at 11:53 AM, Stephen Farrell <stephen.farrell@cs.tcd.ie> wrote: > > > Hi Jim, > >> On 06/04/2019 19:30, Jim Reid wrote: >> >> >>> On 6 Apr 2019, at 19:04, Watson Ladd <watsonbladd@gmail.com> >>> wrote: >>> >>> You know you can just turn it off the same way you configure your >>> devices on your network. I also don't understand the GDRP issue >>> you raise: surely all DNS services have the same problems. >> >> Read this: >> https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/consent/what-is-valid-consent > > Too much text there for me sorry:-) > > FWIW, I also don't get the GDPR angle here. If it's meant as > an issue of consent related to selection of DNS server, ISTM > more or less the same - if by picking an ISP I'm supposed to > have consented to the ISP's choice of recursive that same > argument seems to apply for a browser-chosen recursive since > the user chose the browser. (And I'd actually argue there is > no valid consent as to choice of recursive in either case, > since IMO a person cannot consent to use of something they > don't know exists, and people in general do not know that > DNS recursives exist.) > > So can you explain the specific GDPR-related issue that you > think is relevant? > Stephen, It didn’t take me more than about 30 seconds of reading the linked article to get to the heart of the issue. It has to do with whether something that requires consent is a necessary part of the service or transaction. It has been clearly demonstrated that browsers do not have to provide DNS resolution (since they have not done so for about 25 years). This means that requiring the user to use the browser’s selection of DNS resolver, and implementing a DNS forwarder in the browser, would not be covered by the general acceptance of the browser’s terms. In other words, an extra level of informed user consent would be required for GDPR, and not accepting that second set of terms should not prevent the use of the browser. Tying the two together would be a violation, at least as I understand it as explained by the link Jim provided. >> >> If you need further advice on GDPR, consult a Data Protection >> Authority or a lawyer who specialises in this field. >> +1 Brian
- Re: [Doh] [dns-privacy] New: draft-bertola-bcp-do… nalini elkins
- Re: [Doh] [DNSOP] [dns-privacy] New: draft-bertol… nalini elkins
- Re: [Doh] [DNSOP] [dns-privacy] New: draft-bertol… Christian Huitema
- Re: [Doh] [DNSOP] [dns-privacy] New: draft-bertol… Paul Vixie
- Re: [Doh] [DNSOP] [dns-privacy] New: draft-bertol… nalini elkins
- Re: [Doh] [dns-privacy] [DNSOP] New: draft-bertol… Paul Vixie
- Re: [Doh] [dns-privacy] [DNSOP] New: draft-bertol… Christian Huitema
- Re: [Doh] [dns-privacy] [DNSOP] New: draft-bertol… Konda, Tirumaleswar Reddy
- Re: [Doh] [dns-privacy] [DNSOP] New: draft-bertol… nalini elkins
- Re: [Doh] [dns-privacy] [DNSOP] New: draft-bertol… Paul Vixie
- Re: [Doh] [dns-privacy] [DNSOP] New: draft-bertol… nalini elkins
- Re: [Doh] [dns-privacy] [DNSOP] New: draft-bertol… Brian Dickson
- Re: [Doh] [dns-privacy] [DNSOP] New: draft-bertol… Stephen Farrell
- Re: [Doh] [dns-privacy] [DNSOP] New: draft-bertol… nalini elkins
- Re: [Doh] [dns-privacy] [DNSOP] New: draft-bertol… Stephen Farrell
- Re: [Doh] [dns-privacy] [DNSOP] New: draft-bertol… Eliot Lear
- Re: [Doh] [dns-privacy] [DNSOP] New: draft-bertol… Daniel Stenberg
- Re: [Doh] [dns-privacy] [DNSOP] New: draft-bertol… Eric Rescorla
- Re: [Doh] [dns-privacy] [DNSOP] New: draft-bertol… Paul Vixie
- Re: [Doh] [dns-privacy] [DNSOP] New: draft-bertol… Konda, Tirumaleswar Reddy
- Re: [Doh] [EXTERNAL] [dns-privacy] [DNSOP] New: d… Eliot Lear
- Re: [Doh] [dns-privacy] [DNSOP] New: draft-bertol… Konda, Tirumaleswar Reddy
- Re: [Doh] [dns-privacy] [EXTERNAL] [DNSOP] New: d… Konda, Tirumaleswar Reddy
- Re: [Doh] [dns-privacy] New: draft-bertola-bcp-do… Stephane Bortzmeyer
- Re: [Doh] [dns-privacy] New: draft-bertola-bcp-do… Stephane Bortzmeyer
- Re: [Doh] [DNSOP] [dns-privacy] New: draft-bertol… Stephane Bortzmeyer
- Re: [Doh] [dns-privacy] [DNSOP] New: draft-bertol… Stephane Bortzmeyer
- Re: [Doh] [dns-privacy] [DNSOP] New: draft-bertol… Konda, Tirumaleswar Reddy
- Re: [Doh] [DNSOP] [dns-privacy] New: draft-bertol… Neil Cook
- Re: [Doh] [dns-privacy] [DNSOP] New: draft-bertol… Eric Rescorla
- Re: [Doh] [dns-privacy] [DNSOP] New: draft-bertol… Jim Reid
- Re: [Doh] [dns-privacy] New: draft-bertola-bcp-do… Neil Cook
- Re: [Doh] [DNSOP] [dns-privacy] New: draft-bertol… Jim Reid
- Re: [Doh] [dns-privacy] [EXTERNAL] [DNSOP] New: d… Eliot Lear
- Re: [Doh] [DNSOP] [dns-privacy] New: draft-bertol… Christian Huitema
- Re: [Doh] [dns-privacy] [DNSOP] New: draft-bertol… Konda, Tirumaleswar Reddy
- Re: [Doh] [DNSOP] [dns-privacy] New: draft-bertol… Neil Cook
- Re: [Doh] [EXTERNAL] Re: [dns-privacy] [DNSOP] Ne… Winfield, Alister
- Re: [Doh] [dns-privacy] New: draft-bertola-bcp-do… Stephane Bortzmeyer
- Re: [Doh] [DNSOP] [dns-privacy] New: draft-bertol… Ralf Weber
- Re: [Doh] [dns-privacy] [DNSOP] New: draft-bertol… Paul Vixie
- Re: [Doh] [DNSOP] [dns-privacy] New: draft-bertol… Paul Vixie
- Re: [Doh] [DNSOP] [dns-privacy] New: draft-bertol… Christian Huitema
- Re: [Doh] [DNSOP] [dns-privacy] New: draft-bertol… Paul Vixie
- Re: [Doh] [DNSOP] [dns-privacy] New: draft-bertol… Michael Sinatra
- Re: [Doh] [dns-privacy] New: draft-bertola-bcp-do… Yishai Beeri (yishaib)
- Re: [Doh] [DNSOP] [dns-privacy] New: draft-bertol… Christian Huitema
- Re: [Doh] [DNSOP] [dns-privacy] New: draft-bertol… Paul Vixie
- Re: [Doh] [DNSOP] [dns-privacy] New: draft-bertol… Paul Vixie
- Re: [Doh] [DNSOP] [dns-privacy] New: draft-bertol… Stephen Farrell
- Re: [Doh] [DNSOP] [dns-privacy] New: draft-bertol… Paul Vixie
- Re: [Doh] [DNSOP] [dns-privacy] New: draft-bertol… Stephen Farrell
- Re: [Doh] [DNSOP] [dns-privacy] New: draft-bertol… Paul Vixie
- Re: [Doh] [dns-privacy] [DNSOP] New: draft-bertol… Brian Dickson
- Re: [Doh] [DNSOP] [dns-privacy] New: draft-bertol… Stephen Farrell
- Re: [Doh] [DNSOP] [dns-privacy] New: draft-bertol… Mark Andrews
- Re: [Doh] [dns-privacy] [DNSOP] New: draft-bertol… Paul Wouters
- Re: [Doh] [dns-privacy] [DNSOP] New: draft-bertol… Paul Wouters
- Re: [Doh] [dns-privacy] [DNSOP] New: draft-bertol… Stephen Farrell
- Re: [Doh] [DNSOP] [dns-privacy] New: draft-bertol… Raymond Burkholder
- Re: [Doh] [dns-privacy] [DNSOP] New: draft-bertol… Vittorio Bertola
- Re: [Doh] [DNSOP] [dns-privacy] New: draft-bertol… nalini elkins
- Re: [Doh] [DNSOP] [dns-privacy] New: draft-bertol… Vittorio Bertola
- Re: [Doh] [DNSOP] [dns-privacy] New: draft-bertol… Raymond Burkholder
- Re: [Doh] [dns-privacy] [DNSOP] New: draft-bertol… Christian Huitema
- Re: [Doh] [dns-privacy] [DNSOP] New: draft-bertol… Vittorio Bertola
- Re: [Doh] [DNSOP] [dns-privacy] New: draft-bertol… Christian Huitema
- Re: [Doh] [dns-privacy] [DNSOP] New: draft-bertol… Christian Huitema
- Re: [Doh] [DNSOP] [dns-privacy] New: draft-bertol… Eliot Lear
- Re: [Doh] [dns-privacy] [DNSOP] New: draft-bertol… Konda, Tirumaleswar Reddy
- Re: [Doh] [DNSOP] [dns-privacy] New: draft-bertol… Paul Vixie
- Re: [Doh] [DNSOP] [dns-privacy] New: draft-bertol… Paul Vixie
- Re: [Doh] [DNSOP] [dns-privacy] New: draft-bertol… Paul Vixie
- Re: [Doh] [dns-privacy] [DNSOP] New: draft-bertol… Brian Haberman
- Re: [Doh] [DNSOP] [dns-privacy] New: draft-bertol… Raymond Burkholder
- Re: [Doh] [dns-privacy] [DNSOP] New: draft-bertol… Livingood, Jason
- Re: [Doh] [DNSOP] [dns-privacy] New: draft-bertol… Brian Dickson
- Re: [Doh] [DNSOP] [dns-privacy] New: draft-bertol… Christian Huitema
- Re: [Doh] [dns-privacy] [DNSOP] New: draft-bertol… Stephen Farrell
- Re: [Doh] [dns-privacy] [DNSOP] New: draft-bertol… Brian Dickson
- Re: [Doh] [dns-privacy] [DNSOP] New: draft-bertol… Stephen Farrell
- Re: [Doh] [dns-privacy] [DNSOP] New: draft-bertol… Michael Sinatra
- Re: [Doh] [dns-privacy] [DNSOP] New: draft-bertol… Stephen Farrell
- Re: [Doh] [dns-privacy] [DNSOP] New: draft-bertol… Adam Roach
- Re: [Doh] [dns-privacy] [DNSOP] New: draft-bertol… Michael Sinatra
- Re: [Doh] [DNSOP] [dns-privacy] New: draft-bertol… william manning
- Re: [Doh] [dns-privacy] [DNSOP] New: draft-bertol… Watson Ladd
- [Doh] GDPR and DoH Jim Reid
- Re: [Doh] GDPR and DoH Stephen Farrell
- Re: [Doh] GDPR and DoH Brian Dickson
- Re: [Doh] GDPR and DoH Watson Ladd
- Re: [Doh] GDPR and DoH Stephen Farrell
- Re: [Doh] GDPR and DoH Brian Dickson
- Re: [Doh] GDPR and DoH Stephen Farrell
- Re: [Doh] GDPR and DoH Brian Dickson
- Re: [Doh] GDPR and DoH Stephen Farrell
- Re: [Doh] GDPR and DoH Brian Dickson
- Re: [Doh] GDPR and DoH Adam Roach
- Re: [Doh] GDPR and DoH Brian Dickson
- Re: [Doh] GDPR and DoH Christian Huitema
- Re: [Doh] GDPR and DoH Vittorio Bertola
- Re: [Doh] GDPR and DoH Jim Reid
- Re: [Doh] GDPR and DoH Stephen Farrell
- Re: [Doh] GDPR and DoH Christian Huitema
- Re: [Doh] GDPR and DoH Stephen Farrell
- Re: [Doh] GDPR and DoH Adam Roach
- Re: [Doh] GDPR and DoH Adam Roach
- Re: [Doh] GDPR and DoH Jim Reid
- Re: [Doh] GDPR and DoH Jim Reid
- Re: [Doh] GDPR and DoH Jim Reid
- Re: [Doh] GDPR and DoH Stephen Farrell
- Re: [Doh] GDPR and DoH Vittorio Bertola
- Re: [Doh] GDPR and DoH Stephen Farrell
- Re: [Doh] [DNSOP] [dns-privacy] New: draft-bertol… Paul Vixie
- Re: [Doh] GDPR and DoH S Moonesamy
- Re: [Doh] GDPR and DoH Livingood, Jason
- Re: [Doh] GDPR and DoH Livingood, Jason