Re: [Resolverless-dns] Paper on Resolver-less DNS

"John Levine" <johnl@taugh.com> Mon, 19 August 2019 17:17 UTC

Return-Path: <johnl@iecc.com>
X-Original-To: resolverless-dns@ietfa.amsl.com
Delivered-To: resolverless-dns@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 55DFA120043 for <resolverless-dns@ietfa.amsl.com>; Mon, 19 Aug 2019 10:17:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.751
X-Spam-Level:
X-Spam-Status: No, score=-1.751 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.249, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1536-bit key) header.d=iecc.com header.b=OW5qswLA; dkim=pass (1536-bit key) header.d=taugh.com header.b=EmyvckJ/
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id CAlQMzCVntOw for <resolverless-dns@ietfa.amsl.com>; Mon, 19 Aug 2019 10:17:16 -0700 (PDT)
Received: from gal.iecc.com (gal.iecc.com [IPv6:2001:470:1f07:1126:0:43:6f73:7461]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6903B12004C for <resolverless-dns@ietf.org>; Mon, 19 Aug 2019 10:17:16 -0700 (PDT)
Received: (qmail 66804 invoked from network); 19 Aug 2019 17:17:13 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=iecc.com; h=date:message-id:from:to:cc:subject:in-reply-to:mime-version:content-type:content-transfer-encoding; s=104ee.5d5ad999.k1908; i=printer-iecc.com@submit.iecc.com; bh=2cz4akSYR/Vn44vLIaJZLoCaW/QPh+pp+yYRWBv7Ifs=; b=OW5qswLAJbrikQGlzod+yyYHwyMqupNpV2i6nzKVp60vDtMODs4H1QvQHunW40BlEEsOP5o832GcMHAtTnoo15OuknL5UFyaA+2PpdG02N4iPzdHLM6PxMsapkiMDPTc6/OodAEtfINMeE/DcUTBbi5FOwwSzZ+ltXA5xqHoB6jK/6wfM8T6Ko0t1q42lsoE3AJtTtZ1wrGox5xjSXW6KDPw7ng4CyETefVMq0SoBlGANhlG+3QGinAHDd5QLLz8
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=taugh.com; h=date:message-id:from:to:cc:subject:in-reply-to:mime-version:content-type:content-transfer-encoding; s=104ee.5d5ad999.k1908; olt=printer-iecc.com@submit.iecc.com; bh=2cz4akSYR/Vn44vLIaJZLoCaW/QPh+pp+yYRWBv7Ifs=; b=EmyvckJ/cGwNj40z27ZkZAFnIuOhgl21IYVzqE0xABuPZWvsDaie5cXYU5Yc1RhZVZm/s/b+ibM1pNcJJn+0oyqQqUJ1x24sarC24aJBSyRS3AjTVNmwECvUNubfxw/VGJtURdsttAqflW7MvzKLo9YONEiQkwqNpnAcqAIajlxta6LxPNuZ8E6lSRBNNeTiiFZdGwz68YVdV3ilQtZ0LblvBUn8Ww58ns0zbGBXlitwf2XNY/4JJ0SMKG5yvbhP
Received: from ary.qy ([64.246.232.221]) by imap.iecc.com ([64.57.183.75]) with ESMTPSA (TLS1.2 ECDHE-RSA AES-256-GCM AEAD, printer@iecc.com) via TCP; 19 Aug 2019 17:17:13 -0000
Received: by ary.qy (Postfix, from userid 501) id 389EF880252; Mon, 19 Aug 2019 13:17:12 -0400 (EDT)
Date: 19 Aug 2019 13:17:12 -0400
Message-Id: <20190819171713.389EF880252@ary.qy>
From: "John Levine" <johnl@taugh.com>
To: resolverless-dns@ietf.org
Cc: sy@informatik.uni-hamburg.de
In-Reply-To: <0b18b804-7ebb-bb57-917e-2a9ba5190b2b@informatik.uni-hamburg.de>
Organization: Taughannock Networks
X-Headerized: yes
Mime-Version: 1.0
Content-type: text/plain; charset=utf-8
Content-transfer-encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/resolverless-dns/PHtchpRovyhOFEsI9i178L_vto8>
Subject: Re: [Resolverless-dns] Paper on Resolver-less DNS
X-BeenThere: resolverless-dns@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Resolverless DNS <resolverless-dns.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/resolverless-dns>, <mailto:resolverless-dns-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/resolverless-dns/>
List-Post: <mailto:resolverless-dns@ietf.org>
List-Help: <mailto:resolverless-dns-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/resolverless-dns>, <mailto:resolverless-dns-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 19 Aug 2019 17:17:17 -0000

In article <0b18b804-7ebb-bb57-917e-2a9ba5190b2b@informatik.uni-hamburg.de> you write:
>The authors describe this limitation in their paper. In detail, some
>privacy policies are too generic and lack specific information about
>what DNS query data was collected, used and stored. Nonetheless, the
>authors concluded that the privacy policies of several DNS resolvers
>allow using DNS queries to aggregate user data for advertising.

Indeed, but since the authors clearly didn't understand what they were
talking about, this remains unhelpful.  It's hypothetically possible
that, say, Google uses query data from 8.8.8.8 to target ads, but
in the absence of a lot of other user data like logging in from a Chrome
browser it's hard to see how it would be more than a very weak signal
in an environment full of strong signals.

>indication for the mentioned privacy issue than a description in the
>privacy policy. However, I'm not aware of prior empirical research work
>in that direction.

Neither am I, so I don't understand why anyone makes assertions about
what they do.

R's,
John