Re: [Doh] Request for the DOH WG to adopt draft-hoffman-resolver-associated-doh

Vittorio Bertola <vittorio.bertola@open-xchange.com> Wed, 23 January 2019 14:39 UTC

Return-Path: <vittorio.bertola@open-xchange.com>
X-Original-To: doh@ietfa.amsl.com
Delivered-To: doh@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E0038123FFD for <doh@ietfa.amsl.com>; Wed, 23 Jan 2019 06:39:48 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.301
X-Spam-Level:
X-Spam-Status: No, score=-4.301 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=open-xchange.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 16KSGoQRrRaT for <doh@ietfa.amsl.com>; Wed, 23 Jan 2019 06:39:47 -0800 (PST)
Received: from mx4.open-xchange.com (alcatraz.open-xchange.com [87.191.39.187]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 82159124408 for <doh@ietf.org>; Wed, 23 Jan 2019 06:39:47 -0800 (PST)
Received: from open-xchange.com (imap.open-xchange.com [10.20.30.10]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx4.open-xchange.com (Postfix) with ESMTPS id 95E596A262; Wed, 23 Jan 2019 15:39:45 +0100 (CET)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=open-xchange.com; s=201705; t=1548254385; bh=SXUuMZCLB43Q92SyQpKCFLXj3XbgWRxHiT7pTDhCp1k=; h=Date:From:To:Cc:In-Reply-To:References:Subject:From; b=IGN/PXrp3XmI4BxdruYCKYROSHtm/B3nos3FAN+WrJDSgnZWyalXnF33ltmaQ3W+5 yw4LxVz0uTpLRYGZs2nCi01S9oeaVj9tDR8SjKHzTthbrbVJk0G4OiTpKLO/v1lV2x 2DGs4qt8dWFfT8KbB/L5uEakalJbSm7uWuKY9CAIRxcRIYoRBZePqokBJzfmBRpjK2 tUMn8i/QAUmcDFh5HXzk9oa5X3D6lbXS9xT6Z18YVKSqQPVmw96WRkh8/6XBKUO0FG Fm+6ihuIPofpc3pIBTuHfwIu8zwZWPc3lxjJGPgK2aFfDeXHztv/8pa7nTK4fCRjeE CdZFLRElXgqXQ==
Received: from appsuite-gw1.open-xchange.com (appsuite-gw1.open-xchange.com [10.20.28.81]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by open-xchange.com (Postfix) with ESMTPSA id 8879C3C084D; Wed, 23 Jan 2019 15:39:45 +0100 (CET)
Date: Wed, 23 Jan 2019 15:39:45 +0100
From: Vittorio Bertola <vittorio.bertola@open-xchange.com>
To: Daniel Stenberg <daniel@haxx.se>
Cc: DoH WG <doh@ietf.org>
Message-ID: <2112742428.56808.1548254385497@appsuite.open-xchange.com>
In-Reply-To: <alpine.DEB.2.20.1901230812390.17402@tvnag.unkk.fr>
References: <8999D6F3-600E-4F1A-903C-10F8CAA6E4F3@icann.org> <alpine.DEB.2.20.1901230812390.17402@tvnag.unkk.fr>
MIME-Version: 1.0
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: 7bit
X-Priority: 3
Importance: Medium
X-Mailer: Open-Xchange Mailer v7.10.1-Rev3
X-Originating-Client: open-xchange-appsuite
Archived-At: <https://mailarchive.ietf.org/arch/msg/doh/TYoRrdcxSUhMEu-WxfVrtlpxeBk>
Subject: Re: [Doh] Request for the DOH WG to adopt draft-hoffman-resolver-associated-doh
X-BeenThere: doh@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: DNS Over HTTPS <doh.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/doh>, <mailto:doh-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/doh/>
List-Post: <mailto:doh@ietf.org>
List-Help: <mailto:doh-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/doh>, <mailto:doh-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 23 Jan 2019 14:39:49 -0000

> Il 23 gennaio 2019 alle 8.25 Daniel Stenberg <daniel@haxx.se> ha scritto:
> 
> For me, one of the key elements and features with DoH is that I as a user have 
> picked a DNS provider I decide to trust. Be it a global CDN provider or my own 
> cloud instance. Any other way, with the ISP or my local network admins telling 
> me what server to use, is a major setback in my view.

This could be true for you and me, but average users have no idea of what the DNS is - they only make one choice, they pick an *ISP* that they decide to trust. They pay to get "Internet access" from that company and expect that company to provide all it takes for "the Internet to work", including DNS resolution, without them having to do anything; this has been the default situation for the last 20 years at least.

So it's fine if smarter users make changes to this default and pick a DNS provider different from their connectivity provider, and it's fine to empower them to do so, but it's not fine to break the way the Internet normally works for most people, which includes an automated and effortless mechanism to get the DNS resolution service from the ISP when connecting to the network.

Regards,
-- 

Vittorio Bertola | Head of Policy & Innovation, Open-Xchange
vittorio.bertola@open-xchange.com
Office @ Via Treviso 12, 10144 Torino, Italy