Re: [Doh] Mozilla's plans re: DoH

Adam Roach <adam@nostrum.com> Fri, 29 March 2019 20:02 UTC

Return-Path: <adam@nostrum.com>
X-Original-To: doh@ietfa.amsl.com
Delivered-To: doh@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 183B812032A for <doh@ietfa.amsl.com>; Fri, 29 Mar 2019 13:02:30 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.679
X-Spam-Level:
X-Spam-Status: No, score=-1.679 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_INVALID=0.1, DKIM_SIGNED=0.1, T_SPF_HELO_PERMERROR=0.01, T_SPF_PERMERROR=0.01, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=fail (1024-bit key) reason="fail (message has been altered)" header.d=nostrum.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4O3qojXM_vQJ for <doh@ietfa.amsl.com>; Fri, 29 Mar 2019 13:02:28 -0700 (PDT)
Received: from nostrum.com (raven-v6.nostrum.com [IPv6:2001:470:d:1130::1]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2153A120327 for <doh@ietf.org>; Fri, 29 Mar 2019 13:02:27 -0700 (PDT)
Received: from Orochi.local ([62.168.35.69]) (authenticated bits=0) by nostrum.com (8.15.2/8.15.2) with ESMTPSA id x2TK2JeL027394 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NO); Fri, 29 Mar 2019 15:02:22 -0500 (CDT) (envelope-from adam@nostrum.com)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=nostrum.com; s=default; t=1553889743; bh=FhYWDktojLbf52iYE/Jxbp0/xbOue3xgpOtercRqx58=; h=Subject:To:References:From:Date:In-Reply-To; b=Car98IluFmSL506gpBkyW0/Ssg/VO/GhOP9rxmIqnVcbFYQlNxhWJgM3FIg1HLXgH UAiWWLt1delAaj3XWYNNZ+BwHcHAODqG6iw2+spkKBswP+kHt2iBoyRtm8VUraQ3j3 HwIVUmIyEps4lH0KiaBk8q0gsWH84a1qIjEKPBdo=
X-Authentication-Warning: raven.nostrum.com: Host [62.168.35.69] claimed to be Orochi.local
To: "Livingood, Jason" <Jason_Livingood@comcast.com>, Eric Rescorla <ekr@rtfm.com>, DoH WG <doh@ietf.org>
References: <CABcZeBOk5bM+3G2Jd3Lu33Z08gc=AeoZ8UFHzN6AYk4f_hjZ8Q@mail.gmail.com> <9E5DEDE1-14C1-48AA-B2EC-85A8CC20CBE7@cable.comcast.com>
From: Adam Roach <adam@nostrum.com>
Message-ID: <9ce6777e-5957-c5a9-78d2-977c446dd67f@nostrum.com>
Date: Fri, 29 Mar 2019 21:02:19 +0100
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.13; rv:60.0) Gecko/20100101 Thunderbird/60.6.1
MIME-Version: 1.0
In-Reply-To: <9E5DEDE1-14C1-48AA-B2EC-85A8CC20CBE7@cable.comcast.com>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 7bit
Content-Language: en-US
Archived-At: <https://mailarchive.ietf.org/arch/msg/doh/Y187twq4F10iAz0Ylj8FDhvvgvU>
Subject: Re: [Doh] Mozilla's plans re: DoH
X-BeenThere: doh@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: DNS Over HTTPS <doh.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/doh>, <mailto:doh-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/doh/>
List-Post: <mailto:doh@ietf.org>
List-Help: <mailto:doh-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/doh>, <mailto:doh-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 29 Mar 2019 20:02:30 -0000

On 3/29/19 19:30, Livingood, Jason wrote:
>> [2] Many networks redirect NXDOMAIN to a search/advertising page.
> [JL] This is a reply on this somewhat minor point because NXDOMAIN was also raised at the side meeting. I wonder if folks have more specific references to networks that are *currently* engaged in NXDOMAIN redirection.


I can get you the specific IP addresses returned once I'm back home, but 
I know with absolute certainty that AT&T (Uverse) and T-Mobile both 
perform such interception. I'm *pretty* certain that Spectrum does as 
well, although I'll have to double-check this to be 100% sure.

I see evidence that Verizon does so as well, at least based on 
https://www.verizon.com/support/residential/internet/home-network/settings/opt-out-of-dns-assist

I see that Comcast turned its DNS hijacking off back in 2012. I fear 
this makes Comcast fairly unique within the US.

/a