Re: [Doh] [Ext] A question of trust (was Re: Draft -09 and WGLC #2)

Andrew Sullivan <ajs@anvilwalrusden.com> Thu, 31 May 2018 15:11 UTC

Return-Path: <ajs@anvilwalrusden.com>
X-Original-To: doh@ietfa.amsl.com
Delivered-To: doh@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D66C012E877 for <doh@ietfa.amsl.com>; Thu, 31 May 2018 08:11:58 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=yitter.info header.b=PT8N/u62; dkim=pass (1024-bit key) header.d=yitter.info header.b=cEa8j6pP
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id x7TtPh8IpeQ1 for <doh@ietfa.amsl.com>; Thu, 31 May 2018 08:11:57 -0700 (PDT)
Received: from mx4.yitter.info (mx4.yitter.info [159.203.56.111]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 14A94126CB6 for <doh@ietf.org>; Thu, 31 May 2018 08:11:57 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by mx4.yitter.info (Postfix) with ESMTP id 69839BDEF9 for <doh@ietf.org>; Thu, 31 May 2018 15:11:56 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yitter.info; s=default; t=1527779516; bh=s2+RNyrCWSDURhzbGkwqjgm8taMVOm9YaSVVhxGNQls=; h=Date:From:To:Subject:References:In-Reply-To:From; b=PT8N/u62xxqIvZVc8+CPtwIRLYbdGaPLrGw0IC4MxEAk5TrPwY8l8X18+DqSc8gXQ n26tXgIHfX2V32SVHMpr2jILv2AKGTVMH3NOgKKaWFmzBbXrYqRBn1LwGFmPIMcrEI qAbbUMYrnvzlrsRlbuQJ17qX57TNUNEIo4GhGt/o=
X-Virus-Scanned: Debian amavisd-new at crankycanuck.ca
Received: from mx4.yitter.info ([127.0.0.1]) by localhost (mx4.yitter.info [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qsS8EgQ4zwbC for <doh@ietf.org>; Thu, 31 May 2018 15:11:55 +0000 (UTC)
Date: Thu, 31 May 2018 11:11:51 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yitter.info; s=default; t=1527779515; bh=s2+RNyrCWSDURhzbGkwqjgm8taMVOm9YaSVVhxGNQls=; h=Date:From:To:Subject:References:In-Reply-To:From; b=cEa8j6pPpsnPzUE1s/fBWCrRvqOjBWtyl6HgpKR8UyHHEJ/R8SIT9qltMdEdqB8Gr 0OUus9PUs5Ae93zo78S3M6MZp751BFIUcmwbpSjg8uph36gcKztHOWlHoKIoumohgW 3IcL/xM54V1CZ8O5+UO3bZ251kDLY4Ow5A9aJDCQ=
From: Andrew Sullivan <ajs@anvilwalrusden.com>
To: doh@ietf.org
Message-ID: <20180531151151.GA3060@mx4.yitter.info>
References: <CA9BEE64-9F16-4CCC-A1E0-4C7FD45C455C@icann.org> <20180528161043.GB12038@mx4.yitter.info> <CABkgnnV3kKFCzKLfPf_0WZh95jr2vEt652Rb4EozfqROCVsJdA@mail.gmail.com> <CAOdDvNrPU9WM3WgcX1AVF39D3bGdxCKgPAF_afhfv2Qt0pZR5g@mail.gmail.com> <DB7D40D6-455A-48DD-AB98-DF2CF0866222@sinodun.com> <CAOdDvNopKvs18jQizgyiAQq8UyB4GwdqyXfXPa+25pNrxWg8pA@mail.gmail.com> <20180530143833.GB3110@mx4.yitter.info> <197F1CB0-DFA5-4720-94E0-223D708B0D79@icann.org> <3920ACC9-D167-4E2C-88E7-7A2AB317EA16@sinodun.com> <33BE0098-C168-4B75-9B8F-D31AB45749AA@icann.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <33BE0098-C168-4B75-9B8F-D31AB45749AA@icann.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/doh/zYrFbz_uzegQqcjd9IESlskuO_M>
Subject: Re: [Doh] [Ext] A question of trust (was Re: Draft -09 and WGLC #2)
X-BeenThere: doh@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: DNS Over HTTPS <doh.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/doh>, <mailto:doh-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/doh/>
List-Post: <mailto:doh@ietf.org>
List-Help: <mailto:doh-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/doh>, <mailto:doh-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 31 May 2018 15:11:59 -0000

Hi,

On Thu, May 31, 2018 at 01:46:21PM +0000, Paul Hoffman wrote:
> 
> Without a discussion here on proposed text about what either of you
> think configuration is,

I just think it needs to be clear about what is and isn't covered by
configuration: is autoconf in or out?  One possibility is that it's
supposed to be out, and then something like "explicit configuration,
excluding any autoconfiguration" would be ok.  But I think some people
aren't going to like that.  I suspect that we haven't made up our
minds about this; but it won't do to leave an ambiguity just because
we can't make up our minds.  Readers of this document will need to
know whether only a user may on purpose set up the use of some URI, or
whether the user may configure the system to get stuff automatically
and thereby learn about (and subsequently use) a DNS API server.

The reason I'm on about this is because I can't tell what the
consequences are of the configuration being out of band.  If it just
means, "A user needed to go into their system and directly configure
some URI," then it seems plain the user gets to make an explicit
decision.  But if you can autoconfigure, then that has different
consequences (e.g. maybe you got the URI from your hotspot signon
portal, and now a random hotspot can partly alter your resolution
settings even after you've changed networks).  It's ok with me that we
might want to punt this to DRIU or something, but it needs to be
crystal clear what meaning of "configuration" is intended.

Does this make my concern clearer?

Best regards,

A
-- 
Andrew Sullivan
ajs@anvilwalrusden.com