> Il 16 novembre 2019 08:38 Jari Arkko <[email protected]> ha scritto:
>
>
> I wanted to point people to a draft that Martin, Ted, and me recently
> submitted
> on the use of multiple resolvers. This is early work; comments and additional
> analysis appreciated.
>
> https://tools.ietf.org/html/draft-arkko-abcd-distributed-resolver-selection-00
>
> This memo discusses the use of a set of different DNS resolvers to
> reduce privacy problems related to resolvers learning the Internet
> usage patterns of their clients.
Well, as you recognize in the draft itself, this is just "a narrow aspect
within a bigger set of topics", so I would find it more useful to start from
the broader discussion, the one you hint at in the final part of the draft: is
there a reason to change the current model that has been generally adopted
until now, i.e. the user picks (or is supplied) a resolver and all the queries
go through it? What are the advantages and disadvantages of spreading the
queries instead of using a single resolver?
Even in terms of privacy, I would not be so sure that spreading the queries to
multiple parties could ever provide more privacy than sending them only to a
single trusted party, even if we could actually come up with a distribution
strategy that solved the problem of letting all resolvers see most of your
traffic over time. The original point of contention in this discussion was the
browser sending the queries to a different resolver than the one they were
meant for - not the fact that a single resolver was being used. Also, the
entire legal data protection architecture in Europe relies on the fact that the
user knows and authorizes each single party that gets a share of their data,
which is philosophically the exact opposite of a model in which data start to
be sent here and there in ways that the user is unable to control.
Moreover, you cannot discuss these alternatives only in regard to privacy, as
the choice will affect many other dimensions. By choosing a specific resolver,
users can get better performance or additional services - how could this work
if their queries started to be distributed? ISPs use their resolvers as a
network security platform and as a way to make their Internet access service
faster than competitors; it is unclear why they should spend considerable money
to provide big scale resolvers if these resolvers will not be part of their
service any more, and will rather be used at random by random users every now
and then (so you would, again, reduce the number of mainstream resolver
providers to the few usual suspects that can afford the cost no matter what).
Then there's all the lawful interception and content blocking part, which
people here tend to dismiss, but governments won't. So I am afraid that if you
only discuss a single part of the problem, you will end up worsening the ot
hers and not solving much.
--
Vittorio Bertola | Head of Policy & Innovation, Open-Xchange
[email protected]
Office @ Via Treviso 12, 10144 Torino, Italy
_______________________________________________
dns-privacy mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dns-privacy
