IETF Logo Mail Archive

Re: [Doh] some privacy ponderings wrt HTTPs and plain DNS

Benno Overeinder <benno@NLnetLabs.nl> Mon, 18 June 2018 21:02 UTC

Return-Path: <benno@NLnetLabs.nl>
X-Original-To: doh@ietfa.amsl.com
Delivered-To: doh@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 75189130E39 for <doh@ietfa.amsl.com>; Mon, 18 Jun 2018 14:02:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.001
X-Spam-Level:
X-Spam-Status: No, score=-7.001 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=nlnetlabs.nl
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ubl7Rji9PVdg for <doh@ietfa.amsl.com>; Mon, 18 Jun 2018 14:02:14 -0700 (PDT)
Received: from dicht.nlnetlabs.nl (dicht.nlnetlabs.nl [185.49.140.10]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9FEAB127148 for <doh@ietf.org>; Mon, 18 Jun 2018 14:02:14 -0700 (PDT)
Received: from hydrogen.local (j48230.upc-j.chello.nl [24.132.48.230]) by dicht.nlnetlabs.nl (Postfix) with ESMTPSA id 906748F70 for <doh@ietf.org>; Mon, 18 Jun 2018 23:02:11 +0200 (CEST)
Authentication-Results: dicht.nlnetlabs.nl; dmarc=none header.from=NLnetLabs.nl
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=nlnetlabs.nl; s=default; t=1529355731; bh=XBKv3yrlG33V2x6B6Slg7AZ7WUYpu4TH+c+NkzWkjU4=; h=Subject:To:References:From:Date:In-Reply-To; b=wHIGp3LHIbo7I4kD6/UWNnJjgEILAhr+1lbzr7oQ41FbBnM4Rb5hTaAE7/8frntvk YAL6RcVnGIcRHAY2uflUR7UBrmfjgdNCBm4be5mEZAnKMmKJ0b2BqzqXKyCJsHUbXM Ebwm2LhACOqlxDeYoFFlvEAYLCpWx29MJr1jW1/I=
To: doh@ietf.org
References: <20180618112116.GB9195@server.ds9a.nl> <d137a136-d456-8de2-b682-512edd86b1f7@riseup.net> <E4082C8A-8D16-4F13-82ED-C9F68F66A2A1@sinodun.com> <CAOdDvNrnfxxQ__G_kKn4Fe4jcwcQUZfOb4aNAE6+bjvSrfLcmA@mail.gmail.com> <0D08F629-1719-440D-B4B4-A474CF90B865@sinodun.com> <CAOdDvNrKhV83ZmCX=KWHx49PtFVO2eTzY+GOxjEzEVd6Auj4Nw@mail.gmail.com>
From: Benno Overeinder <benno@NLnetLabs.nl>
Openpgp: preference=signencrypt
Message-ID: <910b8990-d962-ffd1-caa6-591d60e93e7e@NLnetLabs.nl>
Date: Mon, 18 Jun 2018 23:02:11 +0200
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.13; rv:52.0) Gecko/20100101 Thunderbird/52.8.0
MIME-Version: 1.0
In-Reply-To: <CAOdDvNrKhV83ZmCX=KWHx49PtFVO2eTzY+GOxjEzEVd6Auj4Nw@mail.gmail.com>
Content-Type: text/plain; charset="utf-8"
Content-Language: en-US
Content-Transfer-Encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/doh/ree49S64Rei9fctScAMyxvFqUx0>
Subject: Re: [Doh] some privacy ponderings wrt HTTPs and plain DNS
X-BeenThere: doh@ietf.org
X-Mailman-Version: 2.1.26
Precedence: list
List-Id: DNS Over HTTPS <doh.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/doh>, <mailto:doh-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/doh/>
List-Post: <mailto:doh@ietf.org>
List-Help: <mailto:doh-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/doh>, <mailto:doh-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 18 Jun 2018 21:02:18 -0000

On 18/06/2018 20:04, Patrick McManus wrote:
> 
> 
> On Mon, Jun 18, 2018 at 12:36 PM, Sara Dickinson <sara@sinodun.com
> <mailto:sara@sinodun.com>> wrote:
> 
>     Thanks for the list… it certainly provides context to understand
>     that HTTP as a substrate brings a significant overhead (as well as
>     all the benefits of such bells and whistles).
> 
>     So I think what I am hearing here is that the use of DoH effectively
>     comes at the price of accepting that additional overhead and all its
>     potential privacy/tracking issues because in practice it is rather
>     impossible and/or impractical to have ‘bare’ DoH that transmits only
>     as much information about the user as, for example, typical
>     DNS-over-TLS?
> 
> 
> 
> more impractical than impossible - at the extreme, you would be building
> a mere tunnel rather than really building an HTTP application. But its
> totally appropriate to highlight that there are various tradeoffs that
> can be made by implementations. e.g. firefox will not accept server
> cookies right now on DoH transactions nor will it allow authentication.
> But, in a different circumstance, a DoH client might want to use
> cookie-drive auth totally reasonably (imagine a subscription based DoH
> service) - so its not something the protocol should prohibit but we can
> mention..

Thank you, I would certainly appreciate some wording about the
consideration (or trade-off) between the various implementation
decisions.  I understand it is difficult to cover all variants, but as
you mention above, one can describe the extremes and how these relate
to, for example, privacy considerations used in the DPRIVE WG RFCs and
Internet drafts.

-- Benno

-- 
Benno J. Overeinder
NLnet Labs
https://www.nlnetlabs.nl/

v2.23.0 | Report a Bug | By Email