Re: [Doh] [Ext] Are we missing an architecture? (was Re: DNS Camel thoughts: TC and message size)

Patrick McManus <> Wed, 13 June 2018 21:59 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 8986A130E97 for <>; Wed, 13 Jun 2018 14:59:05 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.234
X-Spam-Status: No, score=-1.234 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, SPF_SOFTFAIL=0.665] autolearn=no autolearn_force=no
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id Nyu5yS4kHwEL for <>; Wed, 13 Jun 2018 14:59:03 -0700 (PDT)
Received: from ( [IPv6:2600:3c02::f03c:91ff:fe6e:e8da]) by (Postfix) with ESMTP id 6B3C7130E96 for <>; Wed, 13 Jun 2018 14:59:03 -0700 (PDT)
Received: from ( []) by (Postfix) with ESMTPSA id 388DE3A05C for <>; Wed, 13 Jun 2018 17:59:02 -0400 (EDT)
Received: by with SMTP id a141-v6so3795194oii.8 for <>; Wed, 13 Jun 2018 14:59:02 -0700 (PDT)
X-Gm-Message-State: APt69E1gzCtW9FBxWxOc0ujCrwtzaGygr/MJ9u8MbCeTTM1V2hRR+aBP OitMs7jauhV1MSo53MHUoce75aPp7T+yzFcDOFI=
X-Google-Smtp-Source: ADUXVKIIzUKs9Trra1KcNFr+78rzX9desDRtCjSMtmb7oKSAKX7cWZOisZRsjrtMeYwBDdB5XHDZbT7QKjrvMd7YEuk=
X-Received: by 2002:aca:41d6:: with SMTP id o205-v6mr5634744oia.38.1528927141895; Wed, 13 Jun 2018 14:59:01 -0700 (PDT)
MIME-Version: 1.0
Received: by 2002:a4a:8a32:0:0:0:0:0 with HTTP; Wed, 13 Jun 2018 14:59:01 -0700 (PDT)
In-Reply-To: <20180613205637.GA23215@jurassic>
References: <> <> <> <> <> <> <> <> <20180613192030.GA2792@jurassic> <> <20180613205637.GA23215@jurassic>
From: Patrick McManus <>
Date: Wed, 13 Jun 2018 14:59:01 -0700
X-Gmail-Original-Message-ID: <>
Message-ID: <>
To: Mukund Sivaraman <>
Cc: Ben Schwartz <>, =?UTF-8?B?UGV0ciDFoHBhxI1law==?= <>, DoH WG <>
Content-Type: multipart/alternative; boundary="0000000000002e22a1056e8d17ba"
Archived-At: <>
Subject: Re: [Doh] [Ext] Are we missing an architecture? (was Re: DNS Camel thoughts: TC and message size)
X-Mailman-Version: 2.1.26
Precedence: list
List-Id: DNS Over HTTPS <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Wed, 13 Jun 2018 21:59:06 -0000

> DoH is not even an RFC yet and there has been an announcement from
> Mozilla that by default all its DNS queries will be sent to Cloudflare
> via DoH, and this is the default behavior that's all within the Firefox
> application. Is anybody else concerned about the Firefox DoH
> announcement?
You are overstating the announcement greatly. We're running some fairly
small experiments to see how this works. It has gotten a bit more publicity
than something at this scale normally does because its important to let
impacted users know how their data flow is changing - that's all. I hope it
makes for a better protocol.

This is part of the process of data driven decision making. sometimes known
as running  code - and it makes for successful protocols when the IETF does
it right. I'm happy to say that open standards are an important part of our
mission and we're confident that we won't accidentally create defacto
standards from Internet Drafts - that's something we think carefully about
and have done well managing with HTTP and TLS over the last few years (of
which we have shipped dozes on draft versions to much bigger populations in
service of creating the final consensus product) and I'm confident we'll be
fine aligning with the final DoH as well.

on the other hand, as I've told the HTTP WG on many occasions: this forum
is for open standards, its not the room I make product specific decisions
in (nor would I expect other participants to negotiate their product
decisions with me).