Re: [Doh] GDPR and DoH

Christian Huitema <huitema@huitema.net> Sat, 06 April 2019 23:39 UTC

Return-Path: <huitema@huitema.net>
X-Original-To: doh@ietfa.amsl.com
Delivered-To: doh@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4F8B312024A for <doh@ietfa.amsl.com>; Sat, 6 Apr 2019 16:39:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.602
X-Spam-Level:
X-Spam-Status: No, score=-2.602 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jPfWpgu9bklb for <doh@ietfa.amsl.com>; Sat, 6 Apr 2019 16:39:30 -0700 (PDT)
Received: from mx43-out1.antispamcloud.com (mx43-out1.antispamcloud.com [138.201.61.189]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2AC6612023B for <doh@ietf.org>; Sat, 6 Apr 2019 16:39:30 -0700 (PDT)
Received: from xsmtp01.mail2web.com ([168.144.250.230]) by mx35.antispamcloud.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.89) (envelope-from <huitema@huitema.net>) id 1hCuuE-0002vX-L7 for doh@ietf.org; Sun, 07 Apr 2019 01:39:27 +0200
Received: from [10.5.2.16] (helo=xmail06.myhosting.com) by xsmtp01.mail2web.com with esmtps (TLS-1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.63) (envelope-from <huitema@huitema.net>) id 1hCuuB-0002g4-Um for doh@ietf.org; Sat, 06 Apr 2019 19:39:24 -0400
Received: (qmail 6456 invoked from network); 6 Apr 2019 23:39:21 -0000
Received: from unknown (HELO [172.20.5.18]) (Authenticated-user:_huitema@huitema.net@[63.64.30.197]) (envelope-sender <huitema@huitema.net>) by xmail06.myhosting.com (qmail-ldap-1.03) with ESMTPA for <stephen.farrell@cs.tcd.ie>; 6 Apr 2019 23:39:20 -0000
Content-Type: text/plain; charset=us-ascii
Mime-Version: 1.0 (1.0)
From: Christian Huitema <huitema@huitema.net>
X-Mailer: iPhone Mail (16D57)
In-Reply-To: <CAH1iCiqWWS+t5qQnSvtjcj7NJZ=Pof=COC2aXN0NpEWps828Tg@mail.gmail.com>
Date: Sat, 6 Apr 2019 16:39:18 -0700
Cc: Adam Roach <adam@nostrum.com>, DoH WG <doh@ietf.org>, Stephen Farrell <stephen.farrell@cs.tcd.ie>
Content-Transfer-Encoding: quoted-printable
Message-Id: <60D48133-8B84-42BA-BE45-464448115D32@huitema.net>
References: <1700920918.12557.1552229700654@appsuite.open-xchange.com> <7667c4d7-2e78-0a27-84af-cf1c00fd4897@cs.tcd.ie> <1991054337.12802.1552259263075@appsuite.open-xchange.com> <eea64b30-aad0-a030-5360-1b1484f1d0e3@huitema.net> <CAPsNn2WhjHSEHJUEL8GB6X0d24fkajgPnY4YgkOQbXjyxb5q8Q@mail.gmail.com> <CACfw2hj07TDCxK9bm0T=JguKyuCEfW2zb_yRJnewjOYL4oxdjA@mail.gmail.com> <CACsn0cmk7NbF+ti0dU7Fp0PK8Gt4P5knC5hrHVLDY59-jaYYzA@mail.gmail.com> <6030358E-24FF-4033-B0A1-AB1123FED964@rfc1035.com> <5ce0d730-aac2-95c9-fead-64cbffa03d52@cs.tcd.ie> <D6EE01DE-EE98-4CDE-A869-6205AD3D584A@gmail.com> <6654d063-de2d-9aeb-2ad5-bea3d5c7bea3@cs.tcd.ie> <F838CF7D-9389-4A4A-ADA6-824E7BA4FE21@gmail.com> <ead4d1b3-f8b7-3d8e-877b-734ffa132c67@cs.tcd.ie> <BFEDACF7-F539-4466-A9F3-5688EA4993B8@gmail.com> <346c2bdb-1c9c-369f-1959-a3ec964c0c52@nostrum.com> <CAH1iCiqWWS+t5qQnSvtjcj7NJZ=Pof=COC2aXN0NpEWps828Tg@mail.gmail.com>
To: Brian Dickson <brian.peter.dickson@gmail.com>
X-Originating-IP: 168.144.250.230
X-Spampanel-Domain: xsmtpout.mail2web.com
X-Spampanel-Username: 168.144.250.0/24
Authentication-Results: antispamcloud.com; auth=pass smtp.auth=168.144.250.0/24@xsmtpout.mail2web.com
X-Spampanel-Outgoing-Class: ham
X-Spampanel-Outgoing-Evidence: Combined (0.06)
X-Recommended-Action: accept
X-Filter-ID: EX5BVjFpneJeBchSMxfU5p33l10nfHJXP1F2INxAPXd602E9L7XzfQH6nu9C/Fh9KJzpNe6xgvOx q3u0UDjvO25BUjnzxeaqnrPDaA78u19VMZsRZacTbJPGp/MBC6BxUbTo3PayzAiqrejaKsAWXUh5 mNm/WjPqhYqCeBiCKwzwNnO0oYiZjOnC1Xa7kCO2TVBS2vrwtWcdwsh8YEcVdPvRa7MR4hgRIg8N 1QlY4G4/E7SMkAew92PUfpE24E7rwZ+JqwRq4dm7gx9VmMD3oQl+86MkQJ6nrl0gGH3bP6cMPaBP aKeQW+/QlaOdv8isl/qMm08Zpim2AHUKEWvQ6G/bWfgucjnNmABpGhD9TTttrFCuZ0NkwnSz2Luu o1u9uevuNfM1HjkNEFwape+IgNezYqxGMqsKjARq8PBC4qjMauXIUif1JzGdiG0o4ggCmdySlZou 9qHIGOZDEEo7Oyc1nq0gsY582CWqKjiRB3ukywmZtiDkyd4mEBjJGGEJE2d52fY0d/1mkgffWkdO 4QEiRQv+PVjjwa+Z5RFCOMTc/0DL0kGticgfK7BXdIl5xnsMi381k+gKZDYa33nZ/Vg0XbbclXqN XyBM+egShRtk354Leo8WHhg9Xcph2esmZk4AVtnYApSiFQp1w3dnUjMTi5Xt/sRoctxyu5EZ7wRl sQ6lNTZIrBtlLeoEHaVN0z6bhalFEM/pjPCQA+BAlsfj3cQFz5QBYZW/yDwrWuVZYSpQQtCkh8qZ SV0LCxte0izqaqktMWLWpBplm6d3QAAgQwCTByJrbjHMNe80eXQhu1/rdU1t/SWu+yxj6TsAzBpI RKEYj3P5LT70ZY4uK//KzSfzfwEldM3jWkCPmDu9UshveVgoiypAicYsWUtd9a2LHJVD1n7GG0fP 4s+aIo4cvttr0tmBjeIn/Z/emtVQvYq5Gwe6V5p1dZXUJLl9UHdlPJIlgYKUOVb4Kg3Ivfi62j4u w/K+m8SGihSRsuS3byv3CjhKpQiDxiH2EAzS5xSvMev/h5X3p2+rThvFRg==
X-Report-Abuse-To: spam@quarantine9.antispamcloud.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/doh/yVOXkVCX862t6cF3B9fOybwv8kQ>
Subject: Re: [Doh] GDPR and DoH
X-BeenThere: doh@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: DNS Over HTTPS <doh.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/doh>, <mailto:doh-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/doh/>
List-Post: <mailto:doh@ietf.org>
List-Help: <mailto:doh-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/doh>, <mailto:doh-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 06 Apr 2019 23:39:32 -0000

 

> On Apr 6, 2019, at 4:10 PM, Brian Dickson <brian.peter.dickson@gmail.com> wrote:
> 
> For the other cases, I agree with Jim and Watson. I wanted to make the distinction above, since those are apples and oranges (rooted in changing the DNS provider, irrespective of anything else).

As a general principle, we could certainly agree that the flow of DNS requests provides lots of sensitive information about the usage of the device, including means of identifying the user. So yes, the choice of a specific resolver has important consequences on the user's privacy. As much as possible, the user should be informed of the consequences and able to choose.

But then, the choice of staying with the default network configuration also has consequences. And it has different consequences on different networks. So ideally the user should be informed of these consequences too and given a choice. 

-- Christian Huitema