Hi, I am deeply supportive of the IETF's effort to address user privacy in all contexts. Pervasive monitoring is an attack, and I am grateful for the IETF acknowledging it as such.
The core mission of DPRIVE is stated as "confidentiality between DNS Clients and Iterative Resolvers" with possible extension to end-to-end type scenarios. Clarifying as "DPRIVE will address risks to end-users' privacy". I believe that an extended discussion of the area of consideration is worthwhile. The landscape could be classified into: A) An end-user running some application that needs DNS, and it (we hope) uses the stub resolver associated with the operating system. I group these as A. B) A calls some iterative resolver, B, which returns from cache or calls a collection of authoritative resolvers, C. C) The collection of authoritative resolvers. These can be all on different systems (normal) or even all collocated ($ dig localhost). One can insert encrypted networks between components, and those networks can handle all or some fraction of a client's traffic. As there is currently no provision for encrypting DNS traffic, all claims that it is solved, for 'A to B' or anywhere, by VPN or TOR (for example) are all false. What they do is move the traffic to another end-point and provide anonymity in proportion to the volume of the community using the end-point. TOR is far superior to a VPN as its endpoint cannot know the source, by design. Providing a standard for encrypting 'A to B' would create a very similar situtation, where the privacy would really be based on anonymity. Only one person using the resolver? Then all the authoritative queries are generated by their queries. This would still be an improvement as the frequency of their queries would be unknown (i.e the TTL controls the volume of frequency information leakage per zone). So, it would seem to me that DPRIVE should also consider the 'B to C' phase. I state this, because TOR already provides what only 'A to B' encryption could: anonymity based on the volume of users. Sincerely, -- Hugo Connery, Head of IT, DTU Environment, http://www.env.dtu.dk GPG: https://keys.env.dtu.dk/hugo-connery/email/valid-to-2015-04-15/Hugo-Connery.public-key.txt _______________________________________________ dns-privacy mailing list [email protected] https://www.ietf.org/mailman/listinfo/dns-privacy
