Re: [Doh] Mozilla's plans re: DoH

Neil Cook <> Wed, 27 March 2019 16:15 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id BA8D71202F9 for <>; Wed, 27 Mar 2019 09:15:18 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.107
X-Spam-Status: No, score=-1.107 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RDNS_NONE=0.793, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id tkDl44lFoxoM for <>; Wed, 27 Mar 2019 09:15:17 -0700 (PDT)
Received: from (unknown [IPv6:2604:a880:0:1010::add:2001]) by (Postfix) with ESMTP id 2AA261202E4 for <>; Wed, 27 Mar 2019 09:15:17 -0700 (PDT)
Received: from [] (unknown []) by (Postfix) with ESMTPSA id CE9B21D8251 for <>; Wed, 27 Mar 2019 16:11:33 +0000 (UTC)
From: Neil Cook <>
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
Mime-Version: 1.0 (Mac OS X Mail 12.1 \(3445.101.1\))
Date: Wed, 27 Mar 2019 16:15:14 +0000
References: <> <>
To: DoH WG <>
In-Reply-To: <>
Message-Id: <>
X-Mailer: Apple Mail (2.3445.101.1)
X-VADE-SPAMCAUSE: gggruggvucftvghtrhhoucdtuddrgedutddrkedvgdekudcutefuodetggdotefrodftvfcurfhrohhfihhlvgemucfpgffknfevqffqmfenuceurghilhhouhhtmecufedttdenucenucfjughrpefhtgfgggfuffhfvfgjkffosehtqhhmtdhhtdejnecuhfhrohhmpefpvghilhcuvehoohhkuceonhgvihhlrdgtohhokhesnhhofigrrhgvrdgtohdruhhkqeenucfkphepudejiedruddvrddutdejrddufedvnecurfgrrhgrmhepihhnvghtpedujeeirdduvddruddtjedrudefvddphhgvlhhopegluddtrddutddurddvrdduheegngdpmhgrihhlfhhrohhmpefpvghilhcuvehoohhkuceonhgvihhlrdgtohhokhesnhhofigrrhgvrdgtohdruhhkqedprhgtphhtthhopeguohhhsehivghtfhdrohhrghenucevlhhushhtvghrufhiiigvpedt
Archived-At: <>
Subject: Re: [Doh] Mozilla's plans re: DoH
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: DNS Over HTTPS <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Wed, 27 Mar 2019 16:15:19 -0000

> On 27 Mar 2019, at 09:24, Eric Rescorla <> wrote:
> Now with the numbered lists correctly formatted:
> I’ve heard a number of questions about Mozilla’s plans around
> DoH. We’ve made a number of public statements, but it might be useful
> to try to put this all in one place.
> In context, the problem we are attempting to solve here is attack on
> the user’s name resolution from an attacker with full or partial
> control of the network, as contemplated by Section 3 of BCP 72 as well
> as BCP 188. There’s ample evidence of monitoring/manipulation of user
> traffic via this vector [0][1][2]. Importantly, this includes cases
> where the entity which owns the network infrastructure monitors and/or
> modifies DNS requests and responses without the user’s consent.

But Mozilla doesn’t know whether the modification is with or without the user’s consent. As the various drafts that have been presented this week attempt to make clear, there are a large number of use cases where users actively want the modification of their DNS (parental control, enterprise networks, malware/phishing detection, botnet C&C communication disruption etc.), indeed they may even be paying for such a service.

So the Mozilla answer to possible DNS modification without user’s consent is to enable over-the-top DNS resolution for all users, using an opt-out model (how a normal user is supposed to understand what they’ve been opted into brings up all kinds of user consent issues itself), and sending all DNS requests to a third-party with whom the user almost certainly has no relationship, contractual or otherwise, and potentially located in a third-party country.

To summarise, in an attempt to deal with a possible (but essentially unknown) issue of user consent, Mozilla "would like to deploy it by default for our users.” 

All the above seems rich with irony and contradiction.