Re: [Doh] Mozilla's plans re: DoH

Adam Roach <> Fri, 29 March 2019 20:02 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 183B812032A for <>; Fri, 29 Mar 2019 13:02:30 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.679
X-Spam-Status: No, score=-1.679 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_INVALID=0.1, DKIM_SIGNED=0.1, T_SPF_HELO_PERMERROR=0.01, T_SPF_PERMERROR=0.01, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Authentication-Results: (amavisd-new); dkim=fail (1024-bit key) reason="fail (message has been altered)"
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id 4O3qojXM_vQJ for <>; Fri, 29 Mar 2019 13:02:28 -0700 (PDT)
Received: from ( [IPv6:2001:470:d:1130::1]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 2153A120327 for <>; Fri, 29 Mar 2019 13:02:27 -0700 (PDT)
Received: from Orochi.local ([]) (authenticated bits=0) by (8.15.2/8.15.2) with ESMTPSA id x2TK2JeL027394 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NO); Fri, 29 Mar 2019 15:02:22 -0500 (CDT) (envelope-from
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple;; s=default; t=1553889743; bh=FhYWDktojLbf52iYE/Jxbp0/xbOue3xgpOtercRqx58=; h=Subject:To:References:From:Date:In-Reply-To; b=Car98IluFmSL506gpBkyW0/Ssg/VO/GhOP9rxmIqnVcbFYQlNxhWJgM3FIg1HLXgH UAiWWLt1delAaj3XWYNNZ+BwHcHAODqG6iw2+spkKBswP+kHt2iBoyRtm8VUraQ3j3 HwIVUmIyEps4lH0KiaBk8q0gsWH84a1qIjEKPBdo=
X-Authentication-Warning: Host [] claimed to be Orochi.local
To: "Livingood, Jason" <>, Eric Rescorla <>, DoH WG <>
References: <> <>
From: Adam Roach <>
Message-ID: <>
Date: Fri, 29 Mar 2019 21:02:19 +0100
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.13; rv:60.0) Gecko/20100101 Thunderbird/60.6.1
MIME-Version: 1.0
In-Reply-To: <>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 7bit
Content-Language: en-US
Archived-At: <>
Subject: Re: [Doh] Mozilla's plans re: DoH
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: DNS Over HTTPS <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Fri, 29 Mar 2019 20:02:30 -0000

On 3/29/19 19:30, Livingood, Jason wrote:
>> [2] Many networks redirect NXDOMAIN to a search/advertising page.
> [JL] This is a reply on this somewhat minor point because NXDOMAIN was also raised at the side meeting. I wonder if folks have more specific references to networks that are *currently* engaged in NXDOMAIN redirection.

I can get you the specific IP addresses returned once I'm back home, but 
I know with absolute certainty that AT&T (Uverse) and T-Mobile both 
perform such interception. I'm *pretty* certain that Spectrum does as 
well, although I'll have to double-check this to be 100% sure.

I see evidence that Verizon does so as well, at least based on

I see that Comcast turned its DNS hijacking off back in 2012. I fear 
this makes Comcast fairly unique within the US.