Re: [hrpc] "Paul Vixie and Peter Lowe on Why DoH is Politically Motivated"
Vittorio Bertola <vittorio.bertola@open-xchange.com> Tue, 16 November 2021 16:36 UTC
Return-Path: <vittorio.bertola@open-xchange.com>
X-Original-To: hrpc@ietfa.amsl.com
Delivered-To: hrpc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D29433A07FF for <hrpc@ietfa.amsl.com>; Tue, 16 Nov 2021 08:36:25 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Level:
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=open-xchange.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id BIsEHsZlqsNK for <hrpc@ietfa.amsl.com>; Tue, 16 Nov 2021 08:36:21 -0800 (PST)
Received: from mx4.open-xchange.com (mx4.open-xchange.com [87.191.57.184]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B74DD3A07FE for <hrpc@irtf.org>; Tue, 16 Nov 2021 08:36:20 -0800 (PST)
Received: from imap.open-xchange.com (imap.open-xchange.com [10.20.28.82]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx4.open-xchange.com (Postfix) with ESMTPSA id D10506A0C6; Tue, 16 Nov 2021 17:36:16 +0100 (CET)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=open-xchange.com; s=201705; t=1637080576; bh=B0U32UfurnXCHVjy89fQB8b3duImr4quR191C6/793A=; h=Date:From:To:Cc:In-Reply-To:References:Subject:From; b=DMFf8kPMv+HBdKLAfnKWKssHF9Ua4j7wF6007tSEk2oBlkCEKkcFjBsfb51vQBajU b+lMa+uheiWuqlIypTTFcSnzPzzQ8kBcD9P2kWCeRnK5xcHB0AVxro5uxiRKtFek8E Y3NPmhyseMyjZlZU4t1x5Du8hCCwlqtfY2pF7+qQcWyceJKG6mOvxC2jkIlTLxaoGP 3CiW4qHZIPuPAaBSxYgZZEnQQ/yTXvS3oHgmdqIHZ46A7TAz93DjqUkWCUv5IjgkDs 2Ar/nt3ojAIvCLl+Z+51jp1G3d07StPbwFyF59bMGyfMz4d6+pOAirFvOtTPDp51C4 /42B8TKzd3USA==
Received: from appsuite-gw2.open-xchange.com ([10.20.28.82]) by imap.open-xchange.com with ESMTPSA id cQoOMwDek2GKRAAA3c6Kzw (envelope-from <vittorio.bertola@open-xchange.com>); Tue, 16 Nov 2021 17:36:16 +0100
Date: Tue, 16 Nov 2021 17:36:16 +0100
From: Vittorio Bertola <vittorio.bertola@open-xchange.com>
To: Eric Rescorla <ekr@rtfm.com>
Cc: hrpc@irtf.org
Message-ID: <1522915630.55835.1637080576757@appsuite-gw2.open-xchange.com>
In-Reply-To: <CABcZeBMFsozNWN-Stcctr-i=xGd0OchJZj_6szazYAPVdygk8Q@mail.gmail.com>
References: <YZJPwEUqvCvCUVRz@sources.org> <9AB66003-9285-4418-9BC4-9A415F033F26@pch.net> <CABcZeBOoxRMNBwMCMSsTGM_3YgbZs15ZAyxwd61=PhM05QCTRQ@mail.gmail.com> <1440178333.50167.1636999766064@appsuite-gw2.open-xchange.com> <CABcZeBMFsozNWN-Stcctr-i=xGd0OchJZj_6szazYAPVdygk8Q@mail.gmail.com>
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="----=_Part_55833_523928272.1637080576742"
X-Priority: 3
Importance: Normal
X-Mailer: Open-Xchange Mailer v7.10.5-Rev23
X-Originating-Client: open-xchange-appsuite
Autocrypt: addr=vittorio.bertola@open-xchange.com; prefer-encrypt=mutual; keydata= mQENBFhFR+UBCACfoywFKBRfzasiiR9/6dwY36eLePXcdScumDMR8qoXvRS55QYDjp5bs+yMq41qWV9 xp/cqryY9jnvHbeF3TsE5yEazpD1dleRbkpElUBpPwXqkrSP8uXO9KkS9KoX6gdml6M4L+F82WpqYC1 uTzOE6HPmhmQ4cGSgoia2jolxAhRpzoYN99/BwpvoZeTSLP5K6yPlMPYkMev/uZlAkMMhelli9IN6yA yxcC0AeHSnOAcNKUr13yXyMlTyi1cdMJ4sk88zIbefxwg3PAtYjkz3wgvP96cNVwAgSt4+j/ZuVaENP pgVuM512m051j9SlspWDHtzrci5pBKKFsibnTelrABEBAAG0NUJlcnRvbGEsIFZpdHRvcmlvIDx2aXR 0b3Jpby5iZXJ0b2xhQG9wZW4teGNoYW5nZS5jb20+iQFABBMBAgAqBAsJCAcGFQoJCAsCBRYCAwEAAp 4BAhsDBYkSzAMABQMAAAAABYJYRUflAAoJEIU2cHmzj8qNaG0H/ROY+suCP86hoN+9RIV66Ej8b3sb8 UgwFJOJMupZfeb9yTIJwE4VQT5lTt146CcJJ5jvxD6FZn1Htw9y4/45pPAF7xLE066jg3OqRvzeWRZ3 IDUfJJIiM5YGk1xWxDqppSwhnKcMOuI72iioWxX0nGQrWxpnWJsjt08IEEwuYucDkul1PHsrLJbTd58 fiMKLVwag+IE1SPHOwkPF6arZQZIfB5ThtOZV+36Jn8Hok9XfeXWBVyPkiWCQYVX39QsIbr0JNR9kQy 4g2ZFexOcTe8Jo12jPRL7V8OqStdDes3cje9lWFLnX05nrfLuE0l0JKWEg8akN+McFXc+oV68h7nu5A Q0EWEVH5QEIAIDKanNBe1uRfk8AjLirflZO291VNkOAeUu+dIhecGnZeQW6htlDinlYOnXhtsY1mK9W PUu+xshDq7lXn2G0LxldYwyJYZaJtDgIKqVqwxfA34Lj27oqPuXwcvGhdCgt0SW/YcalRdAi0/AzUCu 5GSaj2kaGUSnBYYUP4szGJXjaK2psP5toQSCtx2pfSXQ6MaqPK9Zzy+D5xc6VWQRp/iRImodAcPf8fg JJvRyJ8Jla3lKWyvBBzJDg6MOf6Fts78bJSt23X0uPp93g7GgbYkuRMnFI4RGoTVkxjD/HBEJ0CNg22 hoHJondhmKnZVrHEluFuSnW0wBEIYomcPSPB+cAEQEAAYkBMQQYAQIAGwUCWEVH5QIbDAQLCQgHBhUK CQgLAgUJEswDAAAKCRCFNnB5s4/KjdO8B/wNpvWtOpLdotR/Xh4fu08Fd63nnNfbIGIETWsVi0Sbr8i E5duuGaaWIcMmUvgKe/BM0Fpj9X01Zjm90uoPrlVVuQWrf+vFlbalUYVZr51gl5UyUFHk+iAZCAA0WB rsmACKvuV1P7GuiX3UV9b59T9taYJxN3dNFuftrEuvsqHimFtlekUjUwoCekTJdncFusBhwz2OrKhHr WWrEsXkfh0+pURWYAlKlTxvXuI7gAfHEQM+6OnrWvXYtlhd0M1sBPnCjbyG63Qws7Rek9bEWKtH6dA6 dmT2FQT+g1S9Mdf0WkPTQNX0x24dm8IoHuD3KYwX7Svx43Xa17aZnXqUjtj1
Archived-At: <https://mailarchive.ietf.org/arch/msg/hrpc/BRO2AT7mG348Bun0nkAUehKv5-s>
Subject: Re: [hrpc] "Paul Vixie and Peter Lowe on Why DoH is Politically Motivated"
X-BeenThere: hrpc@irtf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: hrpc discussion list <hrpc.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/hrpc>, <mailto:hrpc-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/hrpc/>
List-Post: <mailto:hrpc@irtf.org>
List-Help: <mailto:hrpc-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/hrpc>, <mailto:hrpc-request@irtf.org?subject=subscribe>
X-List-Received-Date: Tue, 16 Nov 2021 16:36:26 -0000
> Il 15/11/2021 20:20 Eric Rescorla <ekr@rtfm.com> ha scritto: > > However, at present, it is generally possible to filter DoH because > DoH and ordinary HTTPS are usually on different hosts and therefore > you can use SNI. It's true that it's possible to co-host DoH in such a > way that it is indistinguishable from non-DoH HTTPS traffic, but it is > *also* possible to co-host DoT and HTTPS in this way, provided that > (1) you use a non-standard port and (2) you use ECH. The point here is > that either DoH or DoT can be run in a way that makes it hard to filter > if that's what you're trying to do. > That's exactly why the difference between DoT and DoH is political way more than technical: I trust you that both may be used in ways that make them hard to block, but for DoT it is an unintended consequence, while for DoH it is an intended objective of the designers, stated in the specification itself and in several public statements. -- Vittorio Bertola | Head of Policy & Innovation, Open-Xchange vittorio.bertola@open-xchange.com mailto:vittorio.bertola@open-xchange.com Office @ Via Treviso 12, 10144 Torino, Italy
- [hrpc] "Paul Vixie and Peter Lowe on Why DoH is P… Stephane Bortzmeyer
- Re: [hrpc] "Paul Vixie and Peter Lowe on Why DoH … Bill Woodcock
- Re: [hrpc] "Paul Vixie and Peter Lowe on Why DoH … Eric Rescorla
- Re: [hrpc] "Paul Vixie and Peter Lowe on Why DoH … Bill Woodcock
- Re: [hrpc] "Paul Vixie and Peter Lowe on Why DoH … Eric Rescorla
- Re: [hrpc] "Paul Vixie and Peter Lowe on Why DoH … Paul Wouters
- Re: [hrpc] "Paul Vixie and Peter Lowe on Why DoH … Jacob Appelbaum
- [hrpc] "Paul Vixie and Peter Lowe on Why DoH is P… farzaneh badii
- Re: [hrpc] "Paul Vixie and Peter Lowe on Why DoH … Vittorio Bertola
- Re: [hrpc] "Paul Vixie and Peter Lowe on Why DoH … Eric Rescorla
- Re: [hrpc] "Paul Vixie and Peter Lowe on Why DoH … Vittorio Bertola
- Re: [hrpc] "Paul Vixie and Peter Lowe on Why DoH … Eric Rescorla
- Re: [hrpc] "Paul Vixie and Peter Lowe on Why DoH … Ted Lemon
- Re: [hrpc] "Paul Vixie and Peter Lowe on Why DoH … Eliot Lear