Re: [Doh] [Ext] Goals of DOH
Ted Lemon <mellon@fugue.com> Tue, 24 April 2018 01:09 UTC
Return-Path: <mellon@fugue.com>
X-Original-To: doh@ietfa.amsl.com
Delivered-To: doh@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 57D8412DB71 for <doh@ietfa.amsl.com>; Mon, 23 Apr 2018 18:09:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.61
X-Spam-Level:
X-Spam-Status: No, score=-2.61 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, T_DKIMWL_WL_MED=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=fugue-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Ubtx-FofbH-c for <doh@ietfa.amsl.com>; Mon, 23 Apr 2018 18:09:39 -0700 (PDT)
Received: from mail-qk0-x233.google.com (mail-qk0-x233.google.com [IPv6:2607:f8b0:400d:c09::233]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id ABD14126FDC for <doh@ietf.org>; Mon, 23 Apr 2018 18:09:39 -0700 (PDT)
Received: by mail-qk0-x233.google.com with SMTP id x22so271980qkb.12 for <doh@ietf.org>; Mon, 23 Apr 2018 18:09:39 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fugue-com.20150623.gappssmtp.com; s=20150623; h=mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=ZjbxhgC/gOKT4I84+PneLkslOlwE5aoUn5+kAMWt8tM=; b=OHQAT1SKifw5tqeoY2i8Wo+NC32/Gn3SDzFNd7KXL3la/wQXV9C6GMqiXnmPa2Xyck lS6XERHnal7FO2+D6UKWOpCr1PD6COM2J+jbFpabOwOOMVOtkPtNGAkUQB+VAN0RSDy8 fOSEdEtOPTNOUD+a86z+SgFfbeu3m77iCQ6irRdEg2WSuTfzDD/eXT7WOavtPG5SVLDc crvW8Jb+qSOXXh+gkSXjR/y+yosZMUNbJRCkUj6LhV+xT6cahUtadXOwG2nAA+I4JYGc o1X7G2KvYvuM2Lg4unEpAsSmMO/Y4BcxD68neKiqJLGoo98Z3TyPNlsj1ygNGzMsPaI6 /7pg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=ZjbxhgC/gOKT4I84+PneLkslOlwE5aoUn5+kAMWt8tM=; b=p4WGqyCgvxYozz6/oRdOQvNORhlWP4U4SMfjhc/CRgtfFWYOFNx7olE/l0R7qddghx 3eFb5AlbOKKWUJsRD4TsVvsBQ+hykSPZlpOyMLYoAg5qlbehGGh2naJOHDAi3hSwPCyz uKYOIn9yh6gtJ3fIdhFs6lIpujOQM2gQqDkfRm30+Q6H/X943fA58jt/I/ByzkfjUbBv MSVvxx4yV3rX6dyUy0H61UR2DfGbtpAn6VY7dkebCgjfLVJNx7dGGO47RvRtxKINXDUt n8hGOaczaVPiaooFCzGUYNUBTgnpno4fZ01/E1OstNNdnJ4E9VnojK4+4CJfZxWbXMkN F1ng==
X-Gm-Message-State: ALQs6tB22fuNXdM8nOvKhD/HPmsogfCSVxjaV3DQ+57JZF3YuEeQcyjv VcQc1vTDcPAtuviGfRDkUXqL6g==
X-Google-Smtp-Source: AB8JxZoKsOEzidBoJg1aFVZqNky22xxEkWoCxHOY9JBn3zFurEqMLZ1LQMG9hdqZ6jiRN3nyzuaJVw==
X-Received: by 10.55.103.200 with SMTP id b191mr23852592qkc.229.1524532178693; Mon, 23 Apr 2018 18:09:38 -0700 (PDT)
Received: from cavall.lan (c-24-60-163-103.hsd1.nh.comcast.net. [24.60.163.103]) by smtp.gmail.com with ESMTPSA id k184sm11059299qkc.11.2018.04.23.18.09.37 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 23 Apr 2018 18:09:38 -0700 (PDT)
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (Mac OS X Mail 11.3 \(3445.6.18\))
From: Ted Lemon <mellon@fugue.com>
In-Reply-To: <622D86EB-C050-4E8C-8C4F-0BBE1515A706@icann.org>
Date: Mon, 23 Apr 2018 21:09:36 -0400
Cc: DoH WG <doh@ietf.org>
Content-Transfer-Encoding: quoted-printable
Message-Id: <2E34ABCC-A254-45C6-BCE7-D9C0DF70F793@fugue.com>
References: <f17cbdf0-cd88-9fa9-c83d-26e2cf13b8c1@o2.pl> <21B4DD30-46B0-4E63-833E-FDE66EF28F95@icann.org> <765e9e5a-9b8c-fa1c-85b5-da824807e609@o2.pl> <CAOdDvNrC6VGQtCYgLOoRvwCGn0kRJuchncFj4m5r_KZ-ig7=NA@mail.gmail.com> <28678acd-f67d-7f95-273f-26ed1115d3ee@o2.pl> <75B0BB57-A222-4328-A155-E5C351DEB7CC@icann.org> <3457562c-5576-18ea-a764-d485d870b5ea@o2.pl> <CAOdDvNqft5RwHcf1Ds-nzCZ=ha1weBTwbP4KzMLoHHwJQt0bVQ@mail.gmail.com> <46145a1e-99a9-405f-9f5c-4b85005feaf9@o2.pl> <BFBE3B13-15DF-45D5-8E8A-A4DC5B476357@icann.org> <CAHbrMsBHV5z5oNJrTvmvAPO79PRSufgGSY_NFePz34xNX4R+vQ@mail.gmail.com> <BF72EBFC-ACFB-49BE-BE7F-5F1AA81E73B0@bangj.com> <302013A3-DA11-4398-A226-64939FC4DA46@icann.org> <978B235F-9700-43DB-833B-C1AA02438E52@bangj.com> <5B2F997F-E5DF-4A97-B73B-2EC699113898@fugue.com> <AD8D65FE-E2AE-4922-B6E0-98BC0C295C2D@icann.org> <88005194-4B09-4682-BE0A-0085EFF5A338@fugue.com> <622D86EB-C050-4E8C-8C4F-0BBE1515A706@icann.org>
To: Paul Hoffman <paul.hoffman@icann.org>
X-Mailer: Apple Mail (2.3445.6.18)
Archived-At: <https://mailarchive.ietf.org/arch/msg/doh/nHhMquM1rQETsWVhAQgp8zIT3sg>
Subject: Re: [Doh] [Ext] Goals of DOH
X-BeenThere: doh@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: DNS Over HTTPS <doh.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/doh>, <mailto:doh-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/doh/>
List-Post: <mailto:doh@ietf.org>
List-Help: <mailto:doh-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/doh>, <mailto:doh-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 24 Apr 2018 01:09:41 -0000
On Apr 23, 2018, at 8:43 PM, Paul Hoffman <paul.hoffman@icann.org> wrote: >> Providing confidentiality and connectivity is as well. Of course, a less provoking way of saying what I said might be "to prevent abuse by network operators," but it's kind of a toss-up. > > It's focusing on a subset of "network operators" and pretending that it is the complete set. Argh. No. When you are examining a threat model, there is no difference between "the network operator could be attacking me in a way I can't detect" and "the network operator _is_ attacking me in a way I can't detect." The point of what I was saying is not that network operators are evil. Many of the things that they do to the DNS that DoH would prevent are actually to the benefit of the average end user. The point also isn't that there is no use for DoH other than subverting the intentions of operators. But very clearly, that is one of the things that it can do, and it is very clearly stated in the charter as the primary goal.
- [Doh] Fallback to untrusted DOH servers Mateusz Jończyk
- Re: [Doh] Fallback to untrusted DOH servers Ted Lemon
- Re: [Doh] [Ext] Fallback to untrusted DOH servers Paul Hoffman
- Re: [Doh] Fallback to untrusted DOH servers Mateusz Jończyk
- Re: [Doh] [Ext] Fallback to untrusted DOH servers Mateusz Jończyk
- Re: [Doh] [Ext] Fallback to untrusted DOH servers Patrick McManus
- Re: [Doh] [Ext] Fallback to untrusted DOH servers Paul Hoffman
- Re: [Doh] [Ext] Fallback to untrusted DOH servers Mateusz Jończyk
- Re: [Doh] [Ext] Fallback to untrusted DOH servers Mateusz Jończyk
- Re: [Doh] [Ext] Fallback to untrusted DOH servers Patrick McManus
- Re: [Doh] [Ext] Fallback to untrusted DOH servers Mateusz Jończyk
- Re: [Doh] [Ext] Fallback to untrusted DOH servers Paul Hoffman
- Re: [Doh] [Ext] Fallback to untrusted DOH servers Ben Schwartz
- Re: [Doh] [Ext] Fallback to untrusted DOH servers Ted Lemon
- Re: [Doh] [Ext] Fallback to untrusted DOH servers Tom Pusateri
- Re: [Doh] [Ext] Fallback to untrusted DOH servers Paul Hoffman
- Re: [Doh] [Ext] Fallback to untrusted DOH servers Tom Pusateri
- Re: [Doh] [Ext] Fallback to untrusted DOH servers Ted Lemon
- Re: [Doh] [Ext] Fallback to untrusted DOH servers Tom Pusateri
- [Doh] Goals of DOH Paul Hoffman
- Re: [Doh] Goals of DOH Ted Lemon
- Re: [Doh] [Ext] Goals of DOH Paul Hoffman
- Re: [Doh] [Ext] Goals of DOH Ted Lemon