Re: [Doh] [dns-privacy] [DNSOP] New: draft-bertola-bcp-doh-clients

Eliot Lear <lear@cisco.com> Mon, 11 March 2019 18:18 UTC

From: Eliot Lear <lear@cisco.com>
Message-Id: <36C6BE4B-5919-4658-9AF1-AB1572E5999C@cisco.com>
Content-Type: multipart/signed; boundary="Apple-Mail=_295A2059-7727-4DA6-A31E-32969A940D0C"; protocol="application/pgp-signature"; micalg="pgp-sha256"
Mime-Version: 1.0 (Mac OS X Mail 12.2 \(3445.102.3\))
Date: Mon, 11 Mar 2019 19:18:38 +0100
In-Reply-To: <76386691-c1aa-c48a-9b0d-67eb36a08a4f@redbarn.org>
Cc: nalini elkins <nalini.elkins@e-dco.com>, "Konda, Tirumaleswar Reddy" <TirumaleswarReddy_Konda@mcafee.com>, "doh@ietf.org" <doh@ietf.org>, "dnsop@ietf.org" <dnsop@ietf.org>, "Ackermann, Michael" <mackermann@bcbsm.com>, Christian Huitema <huitema@huitema.net>, "dns-privacy@ietf.org" <dns-privacy@ietf.org>, Vittorio Bertola <vittorio.bertola=40open-xchange.com@dmarc.ietf.org>, Stephen Farrell <stephen.farrell@cs.tcd.ie>
To: Paul Vixie <paul@redbarn.org>
References: <1700920918.12557.1552229700654@appsuite.open-xchange.com> <7667c4d7-2e78-0a27-84af-cf1c00fd4897@cs.tcd.ie> <1991054337.12802.1552259263075@appsuite.open-xchange.com> <eea64b30-aad0-a030-5360-1b1484f1d0e3@huitema.net> <CAPsNn2WhjHSEHJUEL8GB6X0d24fkajgPnY4YgkOQbXjyxb5q8Q@mail.gmail.com> <e62efaf3-4a35-4a52-5ed4-dee2e7fafe72@huitema.net> <69f989ba-0939-b917-b586-9e3af3fb8b74@redbarn.org> <CAPsNn2XNCzgAdfJtxBVboAe+d6sbCiV2fZv9185wm+HN+3zRdg@mail.gmail.com> <BYAPR16MB279065EE519680E7FC9A637CEA480@BYAPR16MB2790.namprd16.prod.outlook.com> <CAPsNn2Up1AtJJCdmu_9NC4jfzc-8dtE+QjUzRxMBUwaN44gvOg@mail.gmail.com> <76386691-c1aa-c48a-9b0d-67eb36a08a4f@redbarn.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/doh/fnFZSpoMuUeA58aJLomkN12-JNE>
Subject: Re: [Doh] [dns-privacy] [DNSOP] New: draft-bertola-bcp-doh-clients
Precedence: list

Hi Paul,

> On 11 Mar 2019, at 19:12, Paul Vixie <paul@redbarn.org> wrote:
> 
> 
> 
> nalini elkins wrote on 2019-03-11 10:26:
>> Tiru,
>> Thanks for your comments.
>> > Enterprise networks are already able to block DoH services,
> i wonder if everyone here knows that TLS 1.3 and encrypted headers is going to push a SOCKS agenda onto enterprises that had not previously needed one, and that simply blocking every external endpoint known or tested to support DoH will be the cheaper alternative, even if that makes millions of other endpoints at google, cloudflare, cisco, and ibm unreachable as a side effect?

That or it will require a bit more management at the MDM level.  I’m hoping the latter.  And I hope that one output of all of these documents will be a recommendation regarding MDM interfaces.

Eliot

Attachment: signature.asc

Re: [Doh] [dns-privacy] New: draft-bertola-bcp-do… nalini elkins
Re: [Doh] [DNSOP] [dns-privacy] New: draft-bertol… nalini elkins
Re: [Doh] [DNSOP] [dns-privacy] New: draft-bertol… Christian Huitema
Re: [Doh] [DNSOP] [dns-privacy] New: draft-bertol… Paul Vixie
Re: [Doh] [DNSOP] [dns-privacy] New: draft-bertol… nalini elkins
Re: [Doh] [dns-privacy] [DNSOP] New: draft-bertol… Paul Vixie
Re: [Doh] [dns-privacy] [DNSOP] New: draft-bertol… Christian Huitema
Re: [Doh] [dns-privacy] [DNSOP] New: draft-bertol… Konda, Tirumaleswar Reddy
Re: [Doh] [dns-privacy] [DNSOP] New: draft-bertol… nalini elkins
Re: [Doh] [dns-privacy] [DNSOP] New: draft-bertol… Paul Vixie
Re: [Doh] [dns-privacy] [DNSOP] New: draft-bertol… nalini elkins
Re: [Doh] [dns-privacy] [DNSOP] New: draft-bertol… Brian Dickson
Re: [Doh] [dns-privacy] [DNSOP] New: draft-bertol… Stephen Farrell
Re: [Doh] [dns-privacy] [DNSOP] New: draft-bertol… nalini elkins
Re: [Doh] [dns-privacy] [DNSOP] New: draft-bertol… Stephen Farrell
Re: [Doh] [dns-privacy] [DNSOP] New: draft-bertol… Eliot Lear
Re: [Doh] [dns-privacy] [DNSOP] New: draft-bertol… Daniel Stenberg
Re: [Doh] [dns-privacy] [DNSOP] New: draft-bertol… Eric Rescorla
Re: [Doh] [dns-privacy] [DNSOP] New: draft-bertol… Paul Vixie
Re: [Doh] [dns-privacy] [DNSOP] New: draft-bertol… Konda, Tirumaleswar Reddy
Re: [Doh] [EXTERNAL] [dns-privacy] [DNSOP] New: d… Eliot Lear
Re: [Doh] [dns-privacy] [DNSOP] New: draft-bertol… Konda, Tirumaleswar Reddy
Re: [Doh] [dns-privacy] [EXTERNAL] [DNSOP] New: d… Konda, Tirumaleswar Reddy
Re: [Doh] [dns-privacy] New: draft-bertola-bcp-do… Stephane Bortzmeyer
Re: [Doh] [dns-privacy] New: draft-bertola-bcp-do… Stephane Bortzmeyer
Re: [Doh] [DNSOP] [dns-privacy] New: draft-bertol… Stephane Bortzmeyer
Re: [Doh] [dns-privacy] [DNSOP] New: draft-bertol… Stephane Bortzmeyer
Re: [Doh] [dns-privacy] [DNSOP] New: draft-bertol… Konda, Tirumaleswar Reddy
Re: [Doh] [DNSOP] [dns-privacy] New: draft-bertol… Neil Cook
Re: [Doh] [dns-privacy] [DNSOP] New: draft-bertol… Eric Rescorla
Re: [Doh] [dns-privacy] [DNSOP] New: draft-bertol… Jim Reid
Re: [Doh] [dns-privacy] New: draft-bertola-bcp-do… Neil Cook
Re: [Doh] [DNSOP] [dns-privacy] New: draft-bertol… Jim Reid
Re: [Doh] [dns-privacy] [EXTERNAL] [DNSOP] New: d… Eliot Lear
Re: [Doh] [DNSOP] [dns-privacy] New: draft-bertol… Christian Huitema
Re: [Doh] [dns-privacy] [DNSOP] New: draft-bertol… Konda, Tirumaleswar Reddy
Re: [Doh] [DNSOP] [dns-privacy] New: draft-bertol… Neil Cook
Re: [Doh] [EXTERNAL] Re: [dns-privacy] [DNSOP] Ne… Winfield, Alister
Re: [Doh] [dns-privacy] New: draft-bertola-bcp-do… Stephane Bortzmeyer
Re: [Doh] [DNSOP] [dns-privacy] New: draft-bertol… Ralf Weber
Re: [Doh] [dns-privacy] [DNSOP] New: draft-bertol… Paul Vixie
Re: [Doh] [DNSOP] [dns-privacy] New: draft-bertol… Paul Vixie
Re: [Doh] [DNSOP] [dns-privacy] New: draft-bertol… Christian Huitema
Re: [Doh] [DNSOP] [dns-privacy] New: draft-bertol… Paul Vixie
Re: [Doh] [DNSOP] [dns-privacy] New: draft-bertol… Michael Sinatra
Re: [Doh] [dns-privacy] New: draft-bertola-bcp-do… Yishai Beeri (yishaib)
Re: [Doh] [DNSOP] [dns-privacy] New: draft-bertol… Christian Huitema
Re: [Doh] [DNSOP] [dns-privacy] New: draft-bertol… Paul Vixie
Re: [Doh] [DNSOP] [dns-privacy] New: draft-bertol… Paul Vixie
Re: [Doh] [DNSOP] [dns-privacy] New: draft-bertol… Stephen Farrell
Re: [Doh] [DNSOP] [dns-privacy] New: draft-bertol… Paul Vixie
Re: [Doh] [DNSOP] [dns-privacy] New: draft-bertol… Stephen Farrell
Re: [Doh] [DNSOP] [dns-privacy] New: draft-bertol… Paul Vixie
Re: [Doh] [dns-privacy] [DNSOP] New: draft-bertol… Brian Dickson
Re: [Doh] [DNSOP] [dns-privacy] New: draft-bertol… Stephen Farrell
Re: [Doh] [DNSOP] [dns-privacy] New: draft-bertol… Mark Andrews
Re: [Doh] [dns-privacy] [DNSOP] New: draft-bertol… Paul Wouters
Re: [Doh] [dns-privacy] [DNSOP] New: draft-bertol… Paul Wouters
Re: [Doh] [dns-privacy] [DNSOP] New: draft-bertol… Stephen Farrell
Re: [Doh] [DNSOP] [dns-privacy] New: draft-bertol… Raymond Burkholder
Re: [Doh] [dns-privacy] [DNSOP] New: draft-bertol… Vittorio Bertola
Re: [Doh] [DNSOP] [dns-privacy] New: draft-bertol… nalini elkins
Re: [Doh] [DNSOP] [dns-privacy] New: draft-bertol… Vittorio Bertola
Re: [Doh] [DNSOP] [dns-privacy] New: draft-bertol… Raymond Burkholder
Re: [Doh] [dns-privacy] [DNSOP] New: draft-bertol… Christian Huitema
Re: [Doh] [dns-privacy] [DNSOP] New: draft-bertol… Vittorio Bertola
Re: [Doh] [DNSOP] [dns-privacy] New: draft-bertol… Christian Huitema
Re: [Doh] [dns-privacy] [DNSOP] New: draft-bertol… Christian Huitema
Re: [Doh] [DNSOP] [dns-privacy] New: draft-bertol… Eliot Lear
Re: [Doh] [dns-privacy] [DNSOP] New: draft-bertol… Konda, Tirumaleswar Reddy
Re: [Doh] [DNSOP] [dns-privacy] New: draft-bertol… Paul Vixie
Re: [Doh] [DNSOP] [dns-privacy] New: draft-bertol… Paul Vixie
Re: [Doh] [DNSOP] [dns-privacy] New: draft-bertol… Paul Vixie
Re: [Doh] [dns-privacy] [DNSOP] New: draft-bertol… Brian Haberman
Re: [Doh] [DNSOP] [dns-privacy] New: draft-bertol… Raymond Burkholder
Re: [Doh] [dns-privacy] [DNSOP] New: draft-bertol… Livingood, Jason
Re: [Doh] [DNSOP] [dns-privacy] New: draft-bertol… Brian Dickson
Re: [Doh] [DNSOP] [dns-privacy] New: draft-bertol… Christian Huitema
Re: [Doh] [dns-privacy] [DNSOP] New: draft-bertol… Stephen Farrell
Re: [Doh] [dns-privacy] [DNSOP] New: draft-bertol… Brian Dickson
Re: [Doh] [dns-privacy] [DNSOP] New: draft-bertol… Stephen Farrell
Re: [Doh] [dns-privacy] [DNSOP] New: draft-bertol… Michael Sinatra
Re: [Doh] [dns-privacy] [DNSOP] New: draft-bertol… Stephen Farrell
Re: [Doh] [dns-privacy] [DNSOP] New: draft-bertol… Adam Roach
Re: [Doh] [dns-privacy] [DNSOP] New: draft-bertol… Michael Sinatra
Re: [Doh] [DNSOP] [dns-privacy] New: draft-bertol… william manning
Re: [Doh] [dns-privacy] [DNSOP] New: draft-bertol… Watson Ladd
[Doh] GDPR and DoH Jim Reid
Re: [Doh] GDPR and DoH Stephen Farrell
Re: [Doh] GDPR and DoH Brian Dickson
Re: [Doh] GDPR and DoH Watson Ladd
Re: [Doh] GDPR and DoH Stephen Farrell
Re: [Doh] GDPR and DoH Brian Dickson
Re: [Doh] GDPR and DoH Stephen Farrell
Re: [Doh] GDPR and DoH Brian Dickson
Re: [Doh] GDPR and DoH Stephen Farrell
Re: [Doh] GDPR and DoH Brian Dickson
Re: [Doh] GDPR and DoH Adam Roach
Re: [Doh] GDPR and DoH Brian Dickson
Re: [Doh] GDPR and DoH Christian Huitema
Re: [Doh] GDPR and DoH Vittorio Bertola
Re: [Doh] GDPR and DoH Jim Reid
Re: [Doh] GDPR and DoH Stephen Farrell
Re: [Doh] GDPR and DoH Christian Huitema
Re: [Doh] GDPR and DoH Stephen Farrell
Re: [Doh] GDPR and DoH Adam Roach
Re: [Doh] GDPR and DoH Adam Roach
Re: [Doh] GDPR and DoH Jim Reid
Re: [Doh] GDPR and DoH Jim Reid
Re: [Doh] GDPR and DoH Jim Reid
Re: [Doh] GDPR and DoH Stephen Farrell
Re: [Doh] GDPR and DoH Vittorio Bertola
Re: [Doh] GDPR and DoH Stephen Farrell
Re: [Doh] [DNSOP] [dns-privacy] New: draft-bertol… Paul Vixie
Re: [Doh] GDPR and DoH S Moonesamy
Re: [Doh] GDPR and DoH Livingood, Jason
Re: [Doh] GDPR and DoH Livingood, Jason

Re: [Doh] [dns-privacy] [DNSOP] New: draft-bertola-bcp-doh-clients

Attachment: signature.asc