Re: [Doh] [DNSOP] Proposal for a side-meeting on services centralization at IETF 104 Prague

Paul Vixie <> Tue, 12 March 2019 18:52 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 1BA521312DD; Tue, 12 Mar 2019 11:52:46 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id n7tocuH6rwL6; Tue, 12 Mar 2019 11:52:44 -0700 (PDT)
Received: from ( [IPv6:2001:559:8000:cd::5]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 8CB271312D8; Tue, 12 Mar 2019 11:52:44 -0700 (PDT)
Received: from linux-9daj.localnet ( []) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by (Postfix) with ESMTPSA id 70691892C6; Tue, 12 Mar 2019 18:52:44 +0000 (UTC)
From: Paul Vixie <>
Cc: Stephane Bortzmeyer <>, Vittorio Bertola <>,,,
Date: Tue, 12 Mar 2019 18:52:43 +0000
Message-ID: <2044747.4WdMZHU4Qz@linux-9daj>
Organization: Vixie Freehold
In-Reply-To: <>
References: <> <> <>
MIME-Version: 1.0
Content-Transfer-Encoding: 7Bit
Content-Type: text/plain; charset="us-ascii"
Archived-At: <>
Subject: Re: [Doh] [DNSOP] Proposal for a side-meeting on services centralization at IETF 104 Prague
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: DNS Over HTTPS <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Tue, 12 Mar 2019 18:52:46 -0000

On Tuesday, 12 March 2019 09:01:42 UTC Stephane Bortzmeyer wrote:
> On Mon, Mar 11, 2019 at 06:57:03PM +0100,
>  Vittorio Bertola <> wrote
>  a message of 18 lines which said:
> > Moreover, centralization is not the only Do*-related problem
> > category that has been raised (my draft alone lists eight others).
> IMHO, this is precisely the biggest problem with these three drafts:
> they accumulate a lot of unrelated rants, and it is important to split
> between issues that are really DoH-specific from more general issues.

when you refer to something as a rant, you diminish and disrespect it.

any concern about the inability of a network operator to maintain possession 
of their RDNS control plane is on-topic for DoH, simply because RFC 8484's 
stated goal is to prevent on-path interference with DNS operations.

please do not relegate discussions about the loss of operator control over the 
RDNS control plane to some mailing list where DoH is not front-and-center. 
their intentions were clear. therefore they should participate in the results.

> Warren Kumari did a good job of sorting that out in
> <>. I
> quote him:
> 1: the protocol,
> 2: the deployment concerns,
> 3: "resolverless DNS",
> 4: the loss of visibility from encrypting the DNS

that is a useless distinction.

> IMHO, this makes several side meetings. People are welcome to organize
> more.

in usenet, we used to say "please take this to some mailing list" by which we 
meant "...that i won't be joining, so that i no longer have to listen to you."

so far, most responses to RDNS control plane ownership issues have received a 
similar response. "please find someone who cares, and talk to them about it."

that's going to make the coming fight harder. we should be looking to make it