Re: [Doh] New Privacy Considerations Section Proposal

Ted Hardie <ted.ietf@gmail.com> Thu, 21 June 2018 17:44 UTC

Return-Path: <ted.ietf@gmail.com>
X-Original-To: doh@ietfa.amsl.com
Delivered-To: doh@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C6659130FE1 for <doh@ietfa.amsl.com>; Thu, 21 Jun 2018 10:44:27 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.998
X-Spam-Level:
X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 65TiHriwpP-G for <doh@ietfa.amsl.com>; Thu, 21 Jun 2018 10:44:24 -0700 (PDT)
Received: from mail-ot0-x231.google.com (mail-ot0-x231.google.com [IPv6:2607:f8b0:4003:c0f::231]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 69F6E131135 for <doh@ietf.org>; Thu, 21 Jun 2018 10:44:23 -0700 (PDT)
Received: by mail-ot0-x231.google.com with SMTP id r18-v6so4551699otk.1 for <doh@ietf.org>; Thu, 21 Jun 2018 10:44:23 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=c17IIP9CQoE88he0iLUedFlih0uaBonvZBoY+Nh3bNw=; b=o/buhXSfQc79PO1GYSFBqid2tRrUSzEHkW1EnJNjv+FXorM9oew6uUJ0ocrd3LwN1g xnZb9ltnj833GF1gbFFerCHtWqrEFGziR8NYNYqRNQWe3+D9xGgkkT4VDEGAuNZRhfoa fQg8UF3LI3+CU1XOvfBVx+My53ruw78GaAj9Mn9kK1d9qkZG86AKOsmnnYZ2l2+RPAX8 NxdVO8hbPznnGITGncIjGz3+yZq9ra/x/jbf0DJIeUfSfpxS4mcQHkPLjHHpz+epV7ny mOC1+Gxa2JVWRbkJPm07ndXRGnRat03X32lqhHCrzliZ/nD0DSe2t0XvovrBPttfVdnm 5a5w==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=c17IIP9CQoE88he0iLUedFlih0uaBonvZBoY+Nh3bNw=; b=Uvv4btUKC9zZ7j04OXzdikDhicXFhtZT04ZoPNh+VKK9yg42JO9BNOnvh7drfwKAfs Ka/vlsPF37kAuWEdd9h7e42On4+MWSxWPhiP4kpZ0OEU9aY05dM0ben8DySq78ofzADr ZKeBlznmAwBraj9Iyl7uvpEgmHRQDzh+S7u83pU0DXoM2ayNvbP8o+K1KYzG9LrQM5So V7Kz95wggDPqKIWQ1DHGUKxc39GCgMl4CmDhD+8q5bVLjBmERKABML+HivIriYPS7xlr Xs9Orcrwq/GwEUhIcr7nIJ09wr9El93yFZhSaUS62NU+7RmqNm1Yn9qmQIhOa0fs/OD+ Q3TA==
X-Gm-Message-State: APt69E31NYurg8ignruR2DfWV71r8wz21X/UfLty//geZgdSZ39o1TCa PzgowDHsQnzxi1wwWUVWTOuSDQj+0eVKw0dBmic=
X-Google-Smtp-Source: ADUXVKIsWS1ZtEhgd7KhNyU3PoYduNrpekOPf71y7cz1CGBykugs9M+2lQ6xxPnvXiD0KkuO48uqrb37AYPMgFO0toE=
X-Received: by 2002:a9d:282e:: with SMTP id m43-v6mr17278775otb.393.1529603062490; Thu, 21 Jun 2018 10:44:22 -0700 (PDT)
MIME-Version: 1.0
Received: by 2002:a4a:66c3:0:0:0:0:0 with HTTP; Thu, 21 Jun 2018 10:43:51 -0700 (PDT)
In-Reply-To: <CAOdDvNrV7ue7oG4QcuU4vcWH4XTQCm67QEb+XFavrgway3TQzw@mail.gmail.com>
References: <CAOdDvNpY4NpvSKW_D__jztDD_wkaRsJna9L+Br+hdnDnQ8w5SQ@mail.gmail.com> <CA+9kkMDt03Uv6UvtZw=mvo=+6dprGqUDMkC7Ef6bd=kb6vX_Fg@mail.gmail.com> <CAOdDvNrjZu-q63DUhNjf7fYjNux2ewv4DTZkGPvFRrGfBBJFMA@mail.gmail.com> <c67dc5cb-f6a5-4352-da59-71c4bb9ff98b@nostrum.com> <fc01b1ca-c0ca-88af-abf4-5fcfc1d954a3@symas.com> <CAOdDvNrV7ue7oG4QcuU4vcWH4XTQCm67QEb+XFavrgway3TQzw@mail.gmail.com>
From: Ted Hardie <ted.ietf@gmail.com>
Date: Thu, 21 Jun 2018 10:43:51 -0700
Message-ID: <CA+9kkMBV3dx-GgqHTpQdCYuPcs3KNXOkOWbHWaE33QFY9yfYig@mail.gmail.com>
To: Patrick McManus <pmcmanus@mozilla.com>
Cc: Howard Chu <hyc@symas.com>, Adam Roach <adam@nostrum.com>, DoH WG <doh@ietf.org>
Content-Type: multipart/alternative; boundary="0000000000002fec14056f2a7783"
Archived-At: <https://mailarchive.ietf.org/arch/msg/doh/fRELnlhKNb84qqf7bD3aIygxtVw>
Subject: Re: [Doh] New Privacy Considerations Section Proposal
X-BeenThere: doh@ietf.org
X-Mailman-Version: 2.1.26
Precedence: list
List-Id: DNS Over HTTPS <doh.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/doh>, <mailto:doh-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/doh/>
List-Post: <mailto:doh@ietf.org>
List-Help: <mailto:doh-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/doh>, <mailto:doh-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 21 Jun 2018 17:44:29 -0000

On Thu, Jun 21, 2018 at 5:57 AM, Patrick McManus <pmcmanus@mozilla.com>
wrote:

>
>
> On Thu, Jun 21, 2018 at 7:22 AM, Howard Chu <hyc@symas.com> wrote:
>
>>
>> I would expect this to be the common case - most of the time, clients'
>> HTTP(s) traffic will be to a wide variety of web servers, but only a single
>> DNS/DoH serve
>
>
> I strongly disagree with the view point that DoH clients and servers are
> dedicated only to DoH. The granularity of DoH is a URI (configured via a
> template).
>
> I understand that the use case of "use HTTPS's port and ALPN" to do
> something akin to DNS-over-TLS is the attractive use case for some. But
> we're using HTTP and trying to align with the ecosystem.
>

There is more than one HTTP ecosystem, and forcing some use cases to behave
as if they are using it differently does not make sense.  A DOH-only
request stream does not need to send information on accept-language; why
would it do so?

Ted




> Its not a tunnel. The introduction discusses some of this directly, and
> some other text addresses it obliquely. Note that a server may support more
> than one URI and that we jettisoned the .well-known of an earlier draft..
> that's all because URIs are the granularity of HTTP and that is also the
> scope of DoH.
>
>
>
>
>
>
>