Re: [Resolverless-dns] Paper on Resolver-less DNS

Vittorio Bertola <vittorio.bertola@open-xchange.com> Wed, 21 August 2019 08:42 UTC

Return-Path: <vittorio.bertola@open-xchange.com>
X-Original-To: resolverless-dns@ietfa.amsl.com
Delivered-To: resolverless-dns@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AACB51201E4 for <resolverless-dns@ietfa.amsl.com>; Wed, 21 Aug 2019 01:42:39 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.299
X-Spam-Level:
X-Spam-Status: No, score=-4.299 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=open-xchange.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id AfdavG3jV1ke for <resolverless-dns@ietfa.amsl.com>; Wed, 21 Aug 2019 01:42:38 -0700 (PDT)
Received: from mx4.open-xchange.com (alcatraz.open-xchange.com [87.191.39.187]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D794F120122 for <resolverless-dns@ietf.org>; Wed, 21 Aug 2019 01:42:37 -0700 (PDT)
Received: from open-xchange.com (imap.open-xchange.com [10.20.30.10]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx4.open-xchange.com (Postfix) with ESMTPS id EBF7F6A27D; Wed, 21 Aug 2019 10:42:35 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=open-xchange.com; s=201705; t=1566376956; bh=BZtogblYPiTEd/GqG/xxx7a9vQru3vBTg6W+5jJ0Dss=; h=Date:From:Reply-To:To:In-Reply-To:References:Subject:From; b=a+T5lClSsGaS16hOk3ea3sPsJV08ezdCoW9QNXeivcDN05trWuTnoZJrNAUxIDi18 SIfHzsAb4ZZIky4PbECeHvBjnsO/ySM+Zez7FkiRPCyX6F4dO/AQQTikJEo721Cfcl h0tMImjfn2wau6DKrhRj5R9EGRx8mrd164UTfP97mKqS1aL8AuBwrw+Vtgfu0IQkEO rJ/Hbpc1BtLnzkYVlGD88PwD80+jZCUKpWjw7yIAtiU62bbdCTFpLvuSSPTTa1DxFV q56n4GPcrOv2IJDzKyN7aXvTvCTazX0GiYEQwPwiYaviJRR1yvceWVIwoT0uDAgNeE VKDNP92qiyjtA==
Received: from appsuite-gw1.open-xchange.com (appsuite-gw1.open-xchange.com [10.20.28.81]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by open-xchange.com (Postfix) with ESMTPSA id D343E3C0B05; Wed, 21 Aug 2019 10:42:35 +0200 (CEST)
Date: Wed, 21 Aug 2019 10:42:35 +0200 (CEST)
From: Vittorio Bertola <vittorio.bertola@open-xchange.com>
Reply-To: Vittorio Bertola <vittorio.bertola@open-xchange.com>
To: sy@informatik.uni-hamburg.de, resolverless-dns@ietf.org
Message-ID: <1510635197.4293.1566376955811@appsuite-gw1.open-xchange.com>
In-Reply-To: <13289521-3977-886e-ddfa-d7fc4728912e@informatik.uni-hamburg.de>
References: <CAMOjQcFmqs-s19nd+i-oeuq4+8zdWVihj6=oGnXC+YL50LxAtg@mail.gmail.com> <20190819170749.5AEF588004D@ary.qy> <1120786282.10734.1566296601469@appsuite-gw2.open-xchange.com> <13289521-3977-886e-ddfa-d7fc4728912e@informatik.uni-hamburg.de>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit
X-Priority: 3
Importance: Medium
X-Mailer: Open-Xchange Mailer v7.10.2-Rev10
X-Originating-Client: open-xchange-appsuite
Autocrypt: addr=vittorio.bertola@open-xchange.com; prefer-encrypt=mutual; keydata= mQENBFhFR+UBCACfoywFKBRfzasiiR9/6dwY36eLePXcdScumDMR8qoXvRS55QYDjp5bs+yMq41qWV9 xp/cqryY9jnvHbeF3TsE5yEazpD1dleRbkpElUBpPwXqkrSP8uXO9KkS9KoX6gdml6M4L+F82WpqYC1 uTzOE6HPmhmQ4cGSgoia2jolxAhRpzoYN99/BwpvoZeTSLP5K6yPlMPYkMev/uZlAkMMhelli9IN6yA yxcC0AeHSnOAcNKUr13yXyMlTyi1cdMJ4sk88zIbefxwg3PAtYjkz3wgvP96cNVwAgSt4+j/ZuVaENP pgVuM512m051j9SlspWDHtzrci5pBKKFsibnTelrABEBAAG0NUJlcnRvbGEsIFZpdHRvcmlvIDx2aXR 0b3Jpby5iZXJ0b2xhQG9wZW4teGNoYW5nZS5jb20+iQFABBMBAgAqBAsJCAcGFQoJCAsCBRYCAwEAAp 4BAhsDBYkSzAMABQMAAAAABYJYRUflAAoJEIU2cHmzj8qNaG0H/ROY+suCP86hoN+9RIV66Ej8b3sb8 UgwFJOJMupZfeb9yTIJwE4VQT5lTt146CcJJ5jvxD6FZn1Htw9y4/45pPAF7xLE066jg3OqRvzeWRZ3 IDUfJJIiM5YGk1xWxDqppSwhnKcMOuI72iioWxX0nGQrWxpnWJsjt08IEEwuYucDkul1PHsrLJbTd58 fiMKLVwag+IE1SPHOwkPF6arZQZIfB5ThtOZV+36Jn8Hok9XfeXWBVyPkiWCQYVX39QsIbr0JNR9kQy 4g2ZFexOcTe8Jo12jPRL7V8OqStdDes3cje9lWFLnX05nrfLuE0l0JKWEg8akN+McFXc+oV68h7nu5A Q0EWEVH5QEIAIDKanNBe1uRfk8AjLirflZO291VNkOAeUu+dIhecGnZeQW6htlDinlYOnXhtsY1mK9W PUu+xshDq7lXn2G0LxldYwyJYZaJtDgIKqVqwxfA34Lj27oqPuXwcvGhdCgt0SW/YcalRdAi0/AzUCu 5GSaj2kaGUSnBYYUP4szGJXjaK2psP5toQSCtx2pfSXQ6MaqPK9Zzy+D5xc6VWQRp/iRImodAcPf8fg JJvRyJ8Jla3lKWyvBBzJDg6MOf6Fts78bJSt23X0uPp93g7GgbYkuRMnFI4RGoTVkxjD/HBEJ0CNg22 hoHJondhmKnZVrHEluFuSnW0wBEIYomcPSPB+cAEQEAAYkBMQQYAQIAGwUCWEVH5QIbDAQLCQgHBhUK CQgLAgUJEswDAAAKCRCFNnB5s4/KjdO8B/wNpvWtOpLdotR/Xh4fu08Fd63nnNfbIGIETWsVi0Sbr8i E5duuGaaWIcMmUvgKe/BM0Fpj9X01Zjm90uoPrlVVuQWrf+vFlbalUYVZr51gl5UyUFHk+iAZCAA0WB rsmACKvuV1P7GuiX3UV9b59T9taYJxN3dNFuftrEuvsqHimFtlekUjUwoCekTJdncFusBhwz2OrKhHr WWrEsXkfh0+pURWYAlKlTxvXuI7gAfHEQM+6OnrWvXYtlhd0M1sBPnCjbyG63Qws7Rek9bEWKtH6dA6 dmT2FQT+g1S9Mdf0WkPTQNX0x24dm8IoHuD3KYwX7Svx43Xa17aZnXqUjtj1
Archived-At: <https://mailarchive.ietf.org/arch/msg/resolverless-dns/hJj2yUhbpnYI1DWQDOYn2lZvr7s>
Subject: Re: [Resolverless-dns] Paper on Resolver-less DNS
X-BeenThere: resolverless-dns@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Resolverless DNS <resolverless-dns.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/resolverless-dns>, <mailto:resolverless-dns-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/resolverless-dns/>
List-Post: <mailto:resolverless-dns@ietf.org>
List-Help: <mailto:resolverless-dns-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/resolverless-dns>, <mailto:resolverless-dns-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 21 Aug 2019 08:42:40 -0000

> Il 20 agosto 2019 21:08 Erik Sy <sy@informatik.uni-hamburg.de>; ha scritto:
>  
> On 8/20/19 12:23, Vittorio Bertola wrote:
> > Also, when filtering is applied for human dignity reasons (e.g. to block racist content, terrorist websites, child porn etc.) you explicitly do not want to publish the list of blocked destinations, as it would be an easy directory for wannabe racists/terrorists/pedophiles...
> >
> The better way to handle illegal content online is the notice and
> takedown approach

Unfortunately, the notice and takedown approach works only if the content is hosted within the country. It just takes a credit card for the criminal to buy hosting somewhere else on the planet, and at that point, if you are lucky the international takedown process takes a long time, and if you are unlucky the criminal will find a country which doesn't care (there's a big one just east of the EU) or even a country in which that specific content is legal.

For example, the biggest chunk of the mandatory DNS filtering list for ISPs in Italy is made of illegal gambling websites - foreign gambling websites that did not pay the compulsory license and taxes to the Italian government and did not accept to be audited to ensure that the games are not rigged and that they do not do money laundering for the mafia (which is the real business for many of them). These websites might just be legal where they are incorporated, which might be as near as Malta; but other countries still need a way to enforce their own policies when these websites approach their citizens, and their only leverage is the ability to make them unreachable from within the country.

-- 
 
Vittorio Bertola | Head of Policy & Innovation, Open-Xchange
vittorio.bertola@open-xchange.com 
Office @ Via Treviso 12, 10144 Torino, Italy