IETF Logo Mail Archive

Re: [Doh] New Privacy Considerations Section Proposal

Sara Dickinson <sara@sinodun.com> Thu, 21 June 2018 13:57 UTC

Return-Path: <sara@sinodun.com>
X-Original-To: doh@ietfa.amsl.com
Delivered-To: doh@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 510861310D1 for <doh@ietfa.amsl.com>; Thu, 21 Jun 2018 06:57:00 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.2
X-Spam-Level:
X-Spam-Status: No, score=-4.2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7o0t3t26UvSr for <doh@ietfa.amsl.com>; Thu, 21 Jun 2018 06:56:58 -0700 (PDT)
Received: from balrog.mythic-beasts.com (balrog.mythic-beasts.com [IPv6:2a00:1098:0:82:1000:0:2:1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 067951310E6 for <doh@ietf.org>; Thu, 21 Jun 2018 06:56:58 -0700 (PDT)
Received: from [62.232.251.194] (port=21146 helo=[192.168.12.23]) by balrog.mythic-beasts.com with esmtpsa (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from <sara@sinodun.com>) id 1fW04x-00074n-NZ; Thu, 21 Jun 2018 14:56:55 +0100
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 11.4 \(3445.8.2\))
From: Sara Dickinson <sara@sinodun.com>
In-Reply-To: <CAOdDvNqQVDn3SVpPNwm4bj63dps41x7EPu3VENGYUdAVh0cDxQ@mail.gmail.com>
Date: Thu, 21 Jun 2018 14:56:50 +0100
Cc: nusenu <nusenu-lists@riseup.net>, DoH WG <doh@ietf.org>
Content-Transfer-Encoding: quoted-printable
Message-Id: <60056EED-498C-4E85-85A0-48A646FE04DC@sinodun.com>
References: <CAOdDvNpY4NpvSKW_D__jztDD_wkaRsJna9L+Br+hdnDnQ8w5SQ@mail.gmail.com> <a8f12fe6-57d8-70ed-dc68-126c972b75f4@riseup.net> <CAOdDvNrfQuN4ePV2qeh9jChmaOhjp9VQWD4xeiNBUgSSJAre5Q@mail.gmail.com> <9fe2b4d7-14a7-934d-cd38-a7396dfec48a@riseup.net> <CAOdDvNqQVDn3SVpPNwm4bj63dps41x7EPu3VENGYUdAVh0cDxQ@mail.gmail.com>
To: Patrick McManus <pmcmanus@mozilla.com>
X-Mailer: Apple Mail (2.3445.8.2)
X-BlackCat-Spam-Score: 4
Archived-At: <https://mailarchive.ietf.org/arch/msg/doh/_j6WdOSG3ukvWqckzsqRTMGSuM0>
Subject: Re: [Doh] New Privacy Considerations Section Proposal
X-BeenThere: doh@ietf.org
X-Mailman-Version: 2.1.26
Precedence: list
List-Id: DNS Over HTTPS <doh.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/doh>, <mailto:doh-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/doh/>
List-Post: <mailto:doh@ietf.org>
List-Help: <mailto:doh-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/doh>, <mailto:doh-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 21 Jun 2018 13:57:10 -0000


> On 21 Jun 2018, at 13:57, Patrick McManus <pmcmanus@mozilla.com> wrote:
> 
> 
> DoH uses and requires HTTP but does not redefine it. DoH is not a mere tunnel for DNS and applications should leverage what features fit their needs. The specification(s) for those features are where you need to look to make a decision or you turn things over to a library.

One further issue - RFC7626 (DNS Privacy considerations) is currently an informative reference. If the draft  is going to argue that all implementors must make their own decision about balancing HTTP functionality against privacy then RFC7626 is a document they should be required to read. I think this should be a normative reference.

Nit: Section 2.5 in that document is called ‘In the server’ not ‘On the server’ as in the current PR text. 

Sara.

v2.23.0 | Report a Bug | By Email