Re: [Doh] New: draft-livingood-doh-implementation-risks-issues
Stephane Bortzmeyer <bortzmeyer@nic.fr> Sat, 09 March 2019 18:29 UTC
Return-Path: <stephane@laperouse.bortzmeyer.org>
X-Original-To: doh@ietfa.amsl.com
Delivered-To: doh@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 12BF4130EB9 for <doh@ietfa.amsl.com>; Sat, 9 Mar 2019 10:29:18 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.897
X-Spam-Level:
X-Spam-Status: No, score=-1.897 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HEADER_FROM_DIFFERENT_DOMAINS=0.001, LOTS_OF_MONEY=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id l8sfwtn7d9Lo for <doh@ietfa.amsl.com>; Sat, 9 Mar 2019 10:29:14 -0800 (PST)
Received: from ayla.bortzmeyer.org (ayla.bortzmeyer.org [92.243.4.211]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9833F130EC8 for <doh@ietf.org>; Sat, 9 Mar 2019 10:29:13 -0800 (PST)
Received: by ayla.bortzmeyer.org (Postfix, from userid 10) id D2CDAA052F; Sat, 9 Mar 2019 19:29:09 +0100 (CET)
Received: by godin (Postfix, from userid 1000) id D1BB4EC0B08; Sat, 9 Mar 2019 19:28:57 +0100 (CET)
Date: Sat, 09 Mar 2019 19:28:57 +0100
From: Stephane Bortzmeyer <bortzmeyer@nic.fr>
To: "Livingood, Jason" <Jason_Livingood@comcast.com>
Cc: DoH WG <doh@ietf.org>
Message-ID: <20190309182857.GA29321@laperouse.bortzmeyer.org>
References: <EA2A119D-06CF-4B0B-8994-86A99CD8AC0B@cable.comcast.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <EA2A119D-06CF-4B0B-8994-86A99CD8AC0B@cable.comcast.com>
X-Transport: UUCP rules
X-Operating-System: Ubuntu 18.04 (bionic)
X-Charlie: Je suis Charlie
User-Agent: Mutt/1.9.4 (2018-02-28)
Archived-At: <https://mailarchive.ietf.org/arch/msg/doh/mnZD36cZBXfR8cltVklOwOZ1Wg8>
Subject: Re: [Doh] New: draft-livingood-doh-implementation-risks-issues
X-BeenThere: doh@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: DNS Over HTTPS <doh.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/doh>, <mailto:doh-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/doh/>
List-Post: <mailto:doh@ietf.org>
List-Help: <mailto:doh-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/doh>, <mailto:doh-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 09 Mar 2019 18:29:20 -0000
On Sat, Mar 09, 2019 at 01:23:56AM +0000, Livingood, Jason <Jason_Livingood@comcast.com> wrote a message of 1765 lines which said: > FYI that this document has posted. I have requested 10 mins of > agenda time in the DOH WG at IETF 104. A few remarks (summary: a real issue but the draft obscures it, by piling a lot of questionable arguments, and by lacking rigor in separating DoH from the general issue of public DNS resolvers). > Separating the Protocol from Implementation Issues There have been already discussions about the need to discuss separately DoH-the-protocol and DoH-the-deployment. For the latter, Bert Hubert <https://blog.powerdns.com/2019/02/07/the-big-dns-privacy-debate-at-fosdem/> suggested DoC (DNS-over-Cloud). > Network operators, ranging from ISPs to enterprises, schools, and > others work hard to provide outstanding DNS and network performance, Nice but clearly false. One of the reasons why many users switch to public DNS resolvers is because many local networks and ISP do a lousy job (specially in some parts of the world). Not to mention those who simply announce 8.8.8.8 trough DHCP... > In addition, most also provide DNS-based services such as opt-in > parental controls for consumers or malware/security protection in > enterprises, content filtering in schools, etc. "most"? I doubt it. Source? > the current Centralized DoH implementation model does not appear to > make it possible for these operators to continue to play a value > added role in the delivery of network services Some people may consider that this is not something we want from the ISPs. "value added" is often the code word for violations of network neutrality. > with 30 companies being responsible for 30% of global traffic A very questionable metric. If you care only about bytes, video providers will always win. But other metrics could be used: is a video of a cute kitten more important than a PDF document which is a multi-million dollars contract? > The Dyn attack provides a vivid illustration of how DNS > infrastructure vulnerabilities - and DNS space concentration - can > wreak havoc on the stability of the Internet." Is it really relevant, since it was an attack on authoritative DNS servers? Having lot of local resolvers would not have changed its consequences. > DNS blocklists, which are one of the primary and most effective ways > to protect a network and its users against malware, phishing, spam, > DDoS attacks, etc. Can you explain how a blocklist on the DNS resolver protects against spam and dDoS? > Loss of Parental Controls or other Content Controls The draft seems to assume that lying DNS resolvers are a good thing (politically and technically) but I don't think there is an IETF consensus here. > Disruption of Legally-Mandated National-Level DNS Blocks It think it is a feature of DoH, not a bug. In Europe, for instance, many users switch to public DNS resolvers precisely to be able to bypass the lying resolver. > Smaller DNS Labor Market Certainly we, at the IETF, don't work just to preserve our jobs! Really, you pile way too many arguments to kill "centralized DoH", and some are really weak. > This document makes the following recommendations The most important is missing: help developers to create DoH servers that can be easily installed and managed so, instead of a few DoH providers, we can have many of them. (Currently, there is no easy way to download and install a DoH server.) > ICANN legal department assessment: > ICANN currently required Generic Top Level Domain (gTLD) operators > to meet certain technical criteria, as noted in Specification 6, > Part 1.1 of their Registry Agreement [48]. ICANN may need to > consider whether those DNS operators should or must add support for > DoT and/or DoH in the future Besides the fact that ICANN already suffers from a serious mission creep, gTLD operators operate authoritative servers so I don't see why you mention DoH or DoT, which are currently only for the stub-to-resolver link. > Develop Centralized DoH Data Privacy Guidelines/Frameworks draft-reid-operator-doh draft-dickinson-bcp-op draft-dickinson-doh-dohpe
- [Doh] New: draft-livingood-doh-implementation-ris… Livingood, Jason
- Re: [Doh] New: draft-livingood-doh-implementation… Stephane Bortzmeyer
- Re: [Doh] New: draft-livingood-doh-implementation… Ralf Weber
- Re: [Doh] New: draft-livingood-doh-implementation… Stephane Bortzmeyer
- Re: [Doh] New: draft-livingood-doh-implementation… Stephen Farrell
- Re: [Doh] New: draft-livingood-doh-implementation… Eliot Lear
- Re: [Doh] New: draft-livingood-doh-implementation… Stephen Farrell
- Re: [Doh] [EXTERNAL] Re: New: draft-livingood-doh… Livingood, Jason
- Re: [Doh] [EXTERNAL] Re: New: draft-livingood-doh… Livingood, Jason
- Re: [Doh] New: draft-livingood-doh-implementation… Livingood, Jason
- Re: [Doh] New: draft-livingood-doh-implementation… Ralf Weber
- Re: [Doh] New: draft-livingood-doh-implementation… Stephane Bortzmeyer
- Re: [Doh] New: draft-livingood-doh-implementation… Stephane Bortzmeyer
- Re: [Doh] [EXTERNAL] Re: New: draft-livingood-doh… Livingood, Jason
- Re: [Doh] New: draft-livingood-doh-implementation… Eliot Lear