Re: [Doh] New Privacy Considerations Section Proposal
Patrick McManus <pmcmanus@mozilla.com> Thu, 21 June 2018 00:58 UTC
Return-Path: <pmcmanus@mozilla.com>
X-Original-To: doh@ietfa.amsl.com
Delivered-To: doh@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7FE51130F49 for <doh@ietfa.amsl.com>; Wed, 20 Jun 2018 17:58:13 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.233
X-Spam-Level:
X-Spam-Status: No, score=-1.233 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, SPF_SOFTFAIL=0.665, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tqYJOY7c3nR8 for <doh@ietfa.amsl.com>; Wed, 20 Jun 2018 17:58:12 -0700 (PDT)
Received: from linode64.ducksong.com (linode6only.ducksong.com [IPv6:2600:3c02::f03c:91ff:fe6e:e8da]) by ietfa.amsl.com (Postfix) with ESMTP id 1FE15130ED3 for <doh@ietf.org>; Wed, 20 Jun 2018 17:58:12 -0700 (PDT)
Received: from mail-oi0-f41.google.com (mail-oi0-f41.google.com [209.85.218.41]) by linode64.ducksong.com (Postfix) with ESMTPSA id 94F2D3A03B for <doh@ietf.org>; Wed, 20 Jun 2018 20:58:10 -0400 (EDT)
Received: by mail-oi0-f41.google.com with SMTP id 14-v6so1365131oie.3 for <doh@ietf.org>; Wed, 20 Jun 2018 17:58:10 -0700 (PDT)
X-Gm-Message-State: APt69E3nDcR80pEzPQY1fkHVD4rOUDWYodiDcz6sGt4hrFcPwz8ZhelV kRVbpMrOHv9ZfLeMxicRrq5MTPqlp5lgGIXeS4M=
X-Google-Smtp-Source: ADUXVKLzUHZvr2otUEUJd2qTrE1wloFuicgZECueyDKGV1myWL0fe4Zqg3YrSHHzhaWmL68CpTWe4ZRM8Qs2v3aF9PE=
X-Received: by 2002:aca:acb:: with SMTP id k72-v6mr12274769oiy.132.1529542690340; Wed, 20 Jun 2018 17:58:10 -0700 (PDT)
MIME-Version: 1.0
Received: by 2002:a4a:8a32:0:0:0:0:0 with HTTP; Wed, 20 Jun 2018 17:58:09 -0700 (PDT)
In-Reply-To: <a8f12fe6-57d8-70ed-dc68-126c972b75f4@riseup.net>
References: <CAOdDvNpY4NpvSKW_D__jztDD_wkaRsJna9L+Br+hdnDnQ8w5SQ@mail.gmail.com> <a8f12fe6-57d8-70ed-dc68-126c972b75f4@riseup.net>
From: Patrick McManus <pmcmanus@mozilla.com>
Date: Wed, 20 Jun 2018 20:58:09 -0400
X-Gmail-Original-Message-ID: <CAOdDvNrfQuN4ePV2qeh9jChmaOhjp9VQWD4xeiNBUgSSJAre5Q@mail.gmail.com>
Message-ID: <CAOdDvNrfQuN4ePV2qeh9jChmaOhjp9VQWD4xeiNBUgSSJAre5Q@mail.gmail.com>
To: nusenu <nusenu-lists@riseup.net>
Cc: DoH WG <doh@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000ba136c056f1c68ba"
Archived-At: <https://mailarchive.ietf.org/arch/msg/doh/XxbpNRfhDrMqBbTxEP1gKr9Gt_Q>
Subject: Re: [Doh] New Privacy Considerations Section Proposal
X-BeenThere: doh@ietf.org
X-Mailman-Version: 2.1.26
Precedence: list
List-Id: DNS Over HTTPS <doh.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/doh>, <mailto:doh-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/doh/>
List-Post: <mailto:doh@ietf.org>
List-Help: <mailto:doh-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/doh>, <mailto:doh-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 21 Jun 2018 00:58:14 -0000
Hi Nusenu, On Wed, Jun 20, 2018 at 8:06 PM, nusenu <nusenu-lists@riseup.net> wrote: > > It does not introduce new concerns when compared with HTTPS > but it does introduce new privacy converns when compared with > DNS over UDP, TCP or TLS (RFC7858), > I started to go down this path, but it pretty quickly became clear that comprehensive treatment of this kind of comparison is a different document - though I think describing things in layers does a decent job of pointing out where these various properties come into play. DoH needs to describe the properties of DoH.. the proposed text certainly doesn't try and hide from the fingerprintability of the http system doh is using. The IP layer paragraph includes mitigations, the paragraphs about > the other layers are missing mitigations. > > those mitigations are there to provide context/scope to the addressing problem - not advice on how to mitigate it :) For most of the other features the mitigation is "don't use it" which of course has a cost.
- Re: [Doh] New Privacy Considerations Section Prop… Adam Roach
- Re: [Doh] New Privacy Considerations Section Prop… Adam Roach
- Re: [Doh] New Privacy Considerations Section Prop… Ted Hardie
- Re: [Doh] New Privacy Considerations Section Prop… Ted Hardie
- Re: [Doh] New Privacy Considerations Section Prop… Patrick McManus
- Re: [Doh] New Privacy Considerations Section Prop… nusenu
- Re: [Doh] New Privacy Considerations Section Prop… Patrick McManus
- Re: [Doh] New Privacy Considerations Section Prop… Sara Dickinson
- Re: [Doh] New Privacy Considerations Section Prop… Eric Rescorla
- Re: [Doh] New Privacy Considerations Section Prop… Patrick McManus
- Re: [Doh] New Privacy Considerations Section Prop… Sara Dickinson
- Re: [Doh] New Privacy Considerations Section Prop… Sara Dickinson
- Re: [Doh] New Privacy Considerations Section Prop… Patrick McManus
- Re: [Doh] New Privacy Considerations Section Prop… Patrick McManus
- Re: [Doh] New Privacy Considerations Section Prop… Howard Chu
- Re: [Doh] New Privacy Considerations Section Prop… nusenu
- Re: [Doh] New Privacy Considerations Section Prop… Howard Chu
- Re: [Doh] New Privacy Considerations Section Prop… Mateusz Jończyk
- Re: [Doh] New Privacy Considerations Section Prop… bert hubert
- Re: [Doh] New Privacy Considerations Section Prop… nusenu
- Re: [Doh] New Privacy Considerations Section Prop… nusenu
- Re: [Doh] New Privacy Considerations Section Prop… Sara Dickinson
- Re: [Doh] New Privacy Considerations Section Prop… Daniel Stenberg
- Re: [Doh] New Privacy Considerations Section Prop… Howard Chu
- Re: [Doh] New Privacy Considerations Section Prop… nusenu
- Re: [Doh] New Privacy Considerations Section Prop… Patrick McManus
- Re: [Doh] New Privacy Considerations Section Prop… nusenu
- Re: [Doh] New Privacy Considerations Section Prop… Hewitt, Rory
- Re: [Doh] New Privacy Considerations Section Prop… Adam Roach
- Re: [Doh] New Privacy Considerations Section Prop… Patrick McManus
- Re: [Doh] [Ext] New Privacy Considerations Sectio… Ted Hardie
- Re: [Doh] [Ext] New Privacy Considerations Sectio… Paul Hoffman
- Re: [Doh] New Privacy Considerations Section Prop… Ted Hardie
- [Doh] New Privacy Considerations Section Proposal Patrick McManus
- Re: [Doh] New Privacy Considerations Section Prop… Loganaden Velvindron