Tony Finch <d...@dotat.at> wrote:
> Amelia Andersdotter <ame...@article19.org> wrote:
>> 
>> I have difficulties seeing how a user (within the meaning of individual
>> internet consumer) has any practical choice to other than to share PII
>> with a DNS provider?
> 
> Yes, me too.

There’s always the option to run your own recursive, possibly even
on your own machine. In the latter case, it even becomes a
practical option for non-technical users.

In this case, the discussion about privacy between recursive and
authoritative becomes much more important since it becomes easier
to link the information leaked to the authoritative to a specific
user (well, device). But then, how much information do you leak,
really, to a individual authoritative?

I’ve been meaning to do a proper privacy analysis of the possible
option for a user’s DNS setup. Which of these leaks the least
amount of information and, as a result, is there any measures that
can be taken to leak even less? I have a sense that the gut
feeling assessments that people often do (“Just run your own
Unbound on a private server”) may not actually hold up.

Not sure if such an analysis is relevant for this particular
work, but it may still be useful to do as part of this working
group.

> Since the overall topic is recursive -> authoritative, the questions imply
> some mechanism for the user to communicate their privacy policy to the
> recursive server, or perhaps it would be more useful for clients to ask
> the recursive server what its policies or capabilities are. But what
> happens when there is a mismatch?

I’m not sure such capability announcement is useful. It can help with
making a decision when automatically picking a recursive -- but then
you can’t actually put too much trust in it because it easy to claim
whatever and, since automation hides the decision, hardly anyone
will ever check.

Essentially, you will have to make a trust decision for a particular
recursive service. There may be technical means to support this, but
these need to be off path and operated by independent third parties.

Kind regards,
Martin

_______________________________________________
dns-privacy mailing list
dns-privacy@ietf.org
https://www.ietf.org/mailman/listinfo/dns-privacy

Reply via email to