Re: [Doh] [Ext] Re: Use cases and URLs

Mark Nottingham <> Wed, 07 March 2018 22:46 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 7772B12D886 for <>; Wed, 7 Mar 2018 14:46:27 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2.72
X-Spam-Status: No, score=-2.72 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (2048-bit key) header.b=eHmZtov/; dkim=pass (2048-bit key) header.b=N3DGCQyW
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id wKhOJh9OkFvs for <>; Wed, 7 Mar 2018 14:46:25 -0800 (PST)
Received: from ( []) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id CBF1A127419 for <>; Wed, 7 Mar 2018 14:46:25 -0800 (PST)
Received: from compute3.internal (compute3.nyi.internal []) by mailout.nyi.internal (Postfix) with ESMTP id C9A0521023; Wed, 7 Mar 2018 17:46:24 -0500 (EST)
Received: from frontend1 ([]) by compute3.internal (MEProxy); Wed, 07 Mar 2018 17:46:24 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; h=cc :content-transfer-encoding:content-type:date:from:in-reply-to :message-id:mime-version:references:subject:to:x-me-sender :x-me-sender:x-sasl-enc; s=fm2; bh=ZVoHQ6QCqOsT9AwwX+i+IguDcVu/L YwOViMuV9YfDF0=; b=eHmZtov/lO9nAm+3rrDUer3AHpqTAmSGSFj6LjfujPshE 3+b5Ci4bf298dFj32pdpUBADQETBPXU+BQfOf+9l5yLOvCzMkIOya4LawY5TL15k Pm7ntSn6crXFh2oymHyo3x4hzH4jv6Xnw68qPbanFjUSlng7ukGMf87Z6Kh0pQ4Z WaAHxIgvxsU5lKVJPiGwkdPBYySJBrv4oYvXnf9Z5gMKnysxxnrPGL+sOEOJSS9o Fkd2A7YT8QARQ+tjjz/XveYgdtBZEEttttCCHmWxqDc0f4ve+3NdoBPB93JquoZF 6YWgZV7T+TuaHTDCMMeA5z+20bbONza1rSRLiKetw==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=; h=cc:content-transfer-encoding:content-type :date:from:in-reply-to:message-id:mime-version:references :subject:to:x-me-sender:x-me-sender:x-sasl-enc; s=fm2; bh=ZVoHQ6 QCqOsT9AwwX+i+IguDcVu/LYwOViMuV9YfDF0=; b=N3DGCQyWdu5SuCj+IEp6mK JfzKUO6kHMntTGJVJylUBqMr7vTYefAulMYlT1bUnFOfZMxHlj4zH4F7ickky3Ih mg7dnXmu7Ha7XiJSrCHNUFBpF77UrMSy+CSY0EMYTzkApNumi/cUZ/i8VEArzywU UkqqBY0V0KHPYQx9pJZ++ZjaNysxq5x/THU6PoD8o5hNqagI31TM4ITkkq/8rYhh uAQjrch1tRkvbeJXP2xtQTUGAqEvfG6YjZYcIbjAlL8qgzNiPJvloL+nrbD+w8D1 dHr/N/Zg2/AHUyCCAze1jdsw7jl49W9LHn3EIWpYYr8Gdc8miIcE5l5G4wb2cx8w ==
X-ME-Sender: <xms:wGugWsikVwmUf-XsEP-MSsZkEVQ8WDGnyKQAi9DgdjsyEaCpz10nDQ>
Received: from [] (unknown []) by (Postfix) with ESMTPA id C5BCF7E3C6; Wed, 7 Mar 2018 17:46:23 -0500 (EST)
Content-Type: text/plain; charset=us-ascii
Mime-Version: 1.0 (Mac OS X Mail 11.2 \(3445.5.20\))
From: Mark Nottingham <>
In-Reply-To: <>
Date: Thu, 8 Mar 2018 09:46:19 +1100
Cc: "" <>
Content-Transfer-Encoding: quoted-printable
Message-Id: <>
References: <> <> <> <> <>
To: Paul Hoffman <>
X-Mailer: Apple Mail (2.3445.5.20)
Archived-At: <>
Subject: Re: [Doh] [Ext] Re: Use cases and URLs
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: DNS Over HTTPS <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Wed, 07 Mar 2018 22:46:27 -0000

> On 8 Mar 2018, at 8:30 am, Paul Hoffman <> wrote:
> On Mar 7, 2018, at 1:41 AM, Mark Nottingham <> wrote:
>> Is making it super-easy for non-technical end users to configure a new DNS server a feature or a bug?
> It has been considered a feature for as long as there has been an Internet. That is, every operating system allows users to do this in the operating system. Why should browsers be different?
> The question is parallel to "Is making it super-easy for non-technical end users to configure a new search engine a feature or a bug?". Some parties feel that it is a bug because users will pick a new, crappy search engine based on bad advice. Some parties feel that it is a feature because some search engines have better privacy policies than others, or have better ways of providing results, and so on.

Sure, they're both attack vectors. I note that to configure a new search engine in most browsers, you need to type in what is effectively a URL template.

Also, we don't make decisions based upon what people feel in the IETF -- we decide based upon rough consensus and running code. Is there *any* implementer interest in what you're describing?

Mark Nottingham