Re: [Doh] [DNSOP] [dns-privacy] New: draft-bertola-bcp-doh-clients

Vittorio Bertola <vittorio.bertola@open-xchange.com> Wed, 13 March 2019 02:57 UTC

Return-Path: <vittorio.bertola@open-xchange.com>
X-Original-To: doh@ietfa.amsl.com
Delivered-To: doh@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1B8B91311A3; Tue, 12 Mar 2019 19:57:03 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.3
X-Spam-Level:
X-Spam-Status: No, score=-4.3 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=open-xchange.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id I9dJZkmu-2SZ; Tue, 12 Mar 2019 19:57:01 -0700 (PDT)
Received: from mx4.open-xchange.com (alcatraz.open-xchange.com [87.191.39.187]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 07617129B88; Tue, 12 Mar 2019 19:57:01 -0700 (PDT)
Received: from open-xchange.com (imap.open-xchange.com [10.20.30.10]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx4.open-xchange.com (Postfix) with ESMTPS id 352CE6A26A; Wed, 13 Mar 2019 03:56:59 +0100 (CET)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=open-xchange.com; s=201705; t=1552445819; bh=oXRkTmAP4LeKsLoCdNZ2M0kws9iKZgzZ3nZ/mhr9Skw=; h=Date:From:To:Cc:In-Reply-To:References:Subject:From; b=kSrC5gdS5UIawnKwF0tRw6HSSL19O80ZwK0iMSkiHSD8Qfc1uvKWR/Xqq5bZQbxOa eSlTi2+PqWGnpRq691v0jbAKjHcK8iPT/8He0zGPeL1OflwfnKiPnjJlz+uty8jjxA 5ZgR958g0A1yJWqk7DDtcwCy6QX8jRaqS6Cj+avD2jMr3tOQOvS5N5zEni49f7NP1F 877MNQAg8nGYuGIvpGDyzXPFGGbuXMgh7UcM9VF3P7PYE+CFrBq9MFGqsUqI6iYMtm hyjgwr+tHx+/QdseSk/Bf0/tgxGLFjrQcxFJWr1Smv5FlcNdDznBh+v0WAyPgFZ2wx G+PugBHZ2UX8Q==
Received: from appsuite-gw1.open-xchange.com (appsuite-gw1.open-xchange.com [10.20.28.81]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by open-xchange.com (Postfix) with ESMTPSA id 267FE3C0078; Wed, 13 Mar 2019 03:56:59 +0100 (CET)
Date: Wed, 13 Mar 2019 03:56:58 +0100 (CET)
From: Vittorio Bertola <vittorio.bertola@open-xchange.com>
To: Christian Huitema <huitema@huitema.net>
Cc: dns-privacy@ietf.org, doh@ietf.org, dnsop@ietf.org
Message-ID: <807193999.19916.1552445819087@appsuite.open-xchange.com>
In-Reply-To: <c2c2be47-0855-a9d1-dd53-2404edf4d02b@huitema.net>
References: <1700920918.12557.1552229700654@appsuite.open-xchange.com> <76386691-c1aa-c48a-9b0d-67eb36a08a4f@redbarn.org> <CABcZeBOWM0Ps-j3V-CK6VPy0LAqeo7-t7odUZy+dk9d-oCSDsg@mail.gmail.com> <4935758.NkxX2Kjbm0@linux-9daj> <c2c2be47-0855-a9d1-dd53-2404edf4d02b@huitema.net>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit
X-Priority: 3
Importance: Medium
X-Mailer: Open-Xchange Mailer v7.10.1-Rev9
X-Originating-Client: open-xchange-appsuite
Archived-At: <https://mailarchive.ietf.org/arch/msg/doh/Wk0QSxQbTJL7JtWMUeJOIvyU2Sg>
Subject: Re: [Doh] [DNSOP] [dns-privacy] New: draft-bertola-bcp-doh-clients
X-BeenThere: doh@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: DNS Over HTTPS <doh.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/doh>, <mailto:doh-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/doh/>
List-Post: <mailto:doh@ietf.org>
List-Help: <mailto:doh-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/doh>, <mailto:doh-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 13 Mar 2019 02:57:09 -0000

> Il 12 marzo 2019 alle 19.56 Christian Huitema <huitema@huitema.net> ha scritto:
> 
> You are saying that whoever happens to control part of the network path
> is entitled to override the user choices and impose their own. Really?
> As Stephane wrote, that may be legit in some circumstances, but much
> more questionable in others, such as a hotel Wi-Fi attempting to decide
> what sites I could or could not access.

The reaction I got from some policy people when I mentioned this kind of arguments going on here is "when did the IETF get the mandate to decide for everyone that content filtering by intermediaries is always bad? This is matter for competition / telco / human rights legislation, and will vary country by country."

To quote what you wrote in another message:

> There is a lot of difference between what can be imposed in a 
> police state and what looks legitimate in a user agreement in a 
> free country. And I sure hope that we maintain that difference. A 
> good result of that discussion would be to clarify these 
> differences.

Do you really think that this is the IETF's job? Deciding "what looks legitimate in a user agreement in a free country" (and presumably, also what tells "a police state" from "a free country") and enforcing such decision via technical measures?

Ciao,
-- 

Vittorio Bertola | Head of Policy & Innovation, Open-Xchange
vittorio.bertola@open-xchange.com
Office @ Via Treviso 12, 10144 Torino, Italy