Re: [Doh] New Privacy Considerations Section Proposal

Patrick McManus <pmcmanus@mozilla.com> Thu, 21 June 2018 00:58 UTC

Return-Path: <pmcmanus@mozilla.com>
X-Original-To: doh@ietfa.amsl.com
Delivered-To: doh@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7FE51130F49 for <doh@ietfa.amsl.com>; Wed, 20 Jun 2018 17:58:13 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.233
X-Spam-Level:
X-Spam-Status: No, score=-1.233 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, SPF_SOFTFAIL=0.665, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tqYJOY7c3nR8 for <doh@ietfa.amsl.com>; Wed, 20 Jun 2018 17:58:12 -0700 (PDT)
Received: from linode64.ducksong.com (linode6only.ducksong.com [IPv6:2600:3c02::f03c:91ff:fe6e:e8da]) by ietfa.amsl.com (Postfix) with ESMTP id 1FE15130ED3 for <doh@ietf.org>; Wed, 20 Jun 2018 17:58:12 -0700 (PDT)
Received: from mail-oi0-f41.google.com (mail-oi0-f41.google.com [209.85.218.41]) by linode64.ducksong.com (Postfix) with ESMTPSA id 94F2D3A03B for <doh@ietf.org>; Wed, 20 Jun 2018 20:58:10 -0400 (EDT)
Received: by mail-oi0-f41.google.com with SMTP id 14-v6so1365131oie.3 for <doh@ietf.org>; Wed, 20 Jun 2018 17:58:10 -0700 (PDT)
X-Gm-Message-State: APt69E3nDcR80pEzPQY1fkHVD4rOUDWYodiDcz6sGt4hrFcPwz8ZhelV kRVbpMrOHv9ZfLeMxicRrq5MTPqlp5lgGIXeS4M=
X-Google-Smtp-Source: ADUXVKLzUHZvr2otUEUJd2qTrE1wloFuicgZECueyDKGV1myWL0fe4Zqg3YrSHHzhaWmL68CpTWe4ZRM8Qs2v3aF9PE=
X-Received: by 2002:aca:acb:: with SMTP id k72-v6mr12274769oiy.132.1529542690340; Wed, 20 Jun 2018 17:58:10 -0700 (PDT)
MIME-Version: 1.0
Received: by 2002:a4a:8a32:0:0:0:0:0 with HTTP; Wed, 20 Jun 2018 17:58:09 -0700 (PDT)
In-Reply-To: <a8f12fe6-57d8-70ed-dc68-126c972b75f4@riseup.net>
References: <CAOdDvNpY4NpvSKW_D__jztDD_wkaRsJna9L+Br+hdnDnQ8w5SQ@mail.gmail.com> <a8f12fe6-57d8-70ed-dc68-126c972b75f4@riseup.net>
From: Patrick McManus <pmcmanus@mozilla.com>
Date: Wed, 20 Jun 2018 20:58:09 -0400
X-Gmail-Original-Message-ID: <CAOdDvNrfQuN4ePV2qeh9jChmaOhjp9VQWD4xeiNBUgSSJAre5Q@mail.gmail.com>
Message-ID: <CAOdDvNrfQuN4ePV2qeh9jChmaOhjp9VQWD4xeiNBUgSSJAre5Q@mail.gmail.com>
To: nusenu <nusenu-lists@riseup.net>
Cc: DoH WG <doh@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000ba136c056f1c68ba"
Archived-At: <https://mailarchive.ietf.org/arch/msg/doh/XxbpNRfhDrMqBbTxEP1gKr9Gt_Q>
Subject: Re: [Doh] New Privacy Considerations Section Proposal
X-BeenThere: doh@ietf.org
X-Mailman-Version: 2.1.26
Precedence: list
List-Id: DNS Over HTTPS <doh.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/doh>, <mailto:doh-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/doh/>
List-Post: <mailto:doh@ietf.org>
List-Help: <mailto:doh-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/doh>, <mailto:doh-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 21 Jun 2018 00:58:14 -0000

Hi Nusenu,

On Wed, Jun 20, 2018 at 8:06 PM, nusenu <nusenu-lists@riseup.net> wrote:

>
> It does not introduce new concerns when compared with HTTPS
> but it does introduce new privacy converns when compared with
> DNS over UDP, TCP or TLS (RFC7858),
>

I started to go down this path, but it pretty quickly became clear that
comprehensive treatment of this kind of comparison is a different document
- though I think describing things in layers does a decent job of pointing
out where these various properties come into play. DoH needs to describe
the properties of DoH.. the proposed text certainly doesn't try and hide
from the fingerprintability of the http system doh is using.


The IP layer paragraph includes mitigations, the paragraphs about
> the other layers are missing mitigations.
>
>
those mitigations are there to provide context/scope to the addressing
problem - not advice on how to mitigate it :) For most of the other
features the mitigation is "don't use it" which of course has a cost.