Re: [Doh] [Ext] some privacy ponderings wrt HTTPs and plain DNS

Paul Hoffman <paul.hoffman@icann.org> Mon, 18 June 2018 21:39 UTC

Return-Path: <paul.hoffman@icann.org>
X-Original-To: doh@ietfa.amsl.com
Delivered-To: doh@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8735A130E45 for <doh@ietfa.amsl.com>; Mon, 18 Jun 2018 14:39:55 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.201
X-Spam-Level:
X-Spam-Status: No, score=-4.201 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RoxsfqNK0YqA for <doh@ietfa.amsl.com>; Mon, 18 Jun 2018 14:39:53 -0700 (PDT)
Received: from out.west.pexch112.icann.org (pfe112-ca-2.pexch112.icann.org [64.78.40.10]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EDD0E129C6B for <doh@ietf.org>; Mon, 18 Jun 2018 14:39:52 -0700 (PDT)
Received: from PMBX112-W1-CA-1.pexch112.icann.org (64.78.40.21) by PMBX112-W1-CA-1.pexch112.icann.org (64.78.40.21) with Microsoft SMTP Server (TLS) id 15.0.1367.3; Mon, 18 Jun 2018 14:39:51 -0700
Received: from PMBX112-W1-CA-1.pexch112.icann.org ([64.78.40.21]) by PMBX112-W1-CA-1.PEXCH112.ICANN.ORG ([64.78.40.21]) with mapi id 15.00.1367.000; Mon, 18 Jun 2018 14:39:51 -0700
From: Paul Hoffman <paul.hoffman@icann.org>
To: Benno Overeinder <benno@NLnetLabs.nl>
CC: "doh@ietf.org" <doh@ietf.org>
Thread-Topic: [Ext] [Doh] some privacy ponderings wrt HTTPs and plain DNS
Thread-Index: AQHUB0zjWCHz8GK0x0CSSDrpxOrvLg==
Date: Mon, 18 Jun 2018 21:39:51 +0000
Message-ID: <AA306D47-E241-4DF6-9685-5578A7C9CA1D@icann.org>
References: <20180618112116.GB9195@server.ds9a.nl> <d137a136-d456-8de2-b682-512edd86b1f7@riseup.net> <E4082C8A-8D16-4F13-82ED-C9F68F66A2A1@sinodun.com> <CAOdDvNrnfxxQ__G_kKn4Fe4jcwcQUZfOb4aNAE6+bjvSrfLcmA@mail.gmail.com> <0D08F629-1719-440D-B4B4-A474CF90B865@sinodun.com> <CAOdDvNrKhV83ZmCX=KWHx49PtFVO2eTzY+GOxjEzEVd6Auj4Nw@mail.gmail.com> <910b8990-d962-ffd1-caa6-591d60e93e7e@NLnetLabs.nl>
In-Reply-To: <910b8990-d962-ffd1-caa6-591d60e93e7e@NLnetLabs.nl>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-exchange-messagesentrepresentingtype: 1
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [192.0.32.234]
Content-Type: text/plain; charset="us-ascii"
Content-ID: <7CE0AB9256A5E94C8B0482C537B9D443@pexch112.icann.org>
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/doh/U0MAu7Knv1pRBwW5AvPuO_0W10k>
Subject: Re: [Doh] [Ext] some privacy ponderings wrt HTTPs and plain DNS
X-BeenThere: doh@ietf.org
X-Mailman-Version: 2.1.26
Precedence: list
List-Id: DNS Over HTTPS <doh.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/doh>, <mailto:doh-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/doh/>
List-Post: <mailto:doh@ietf.org>
List-Help: <mailto:doh-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/doh>, <mailto:doh-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 18 Jun 2018 21:39:56 -0000

On Jun 18, 2018, at 2:02 PM, Benno Overeinder <benno@NLnetLabs.nl> wrote:
> 
> I understand it is difficult to cover all variants, but as
> you mention above, one can describe the extremes and how these relate
> to, for example, privacy considerations used in the DPRIVE WG RFCs and
> Internet drafts.

Note that what is being asked for here are a set of privacy considerations that go beyond what was considered in the DPRIVE WG for DNS-over-TLS, RFC 7858. The type of user profiling that triggered this thread also applies to things like TLS extensions, ordering of messages, TCP behavior in the setup, and so on, but those considerations were not listed in RFC 7858.

--Paul Hoffman