On Thu, Apr 9, 2020 at 4:00 AM Sara Dickinson <[email protected]> wrote:
> > > On 7 Apr 2020, at 17:22, Eric Orth <[email protected]> wrote: > > "consistent application-level controls across the device" > > Right there is where followers of the misunderstanding will read this text > incorrectly. Browsers and other non-malicious applications allowing > control does not guarantee consistent application control. > > On Tue, Apr 7, 2020 at 12:13 PM Sara Dickinson <[email protected]> wrote: > >> >> >> On 7 Apr 2020, at 16:47, Eric Rescorla <[email protected]> wrote: >> >> >> >> On Tue, Apr 7, 2020 at 8:40 AM Vittorio Bertola < >> [email protected]> wrote: >> >>> >>> Il 07/04/2020 17:23 Eric Rescorla <[email protected]> ha scritto: >>> >>> >>> >>> On Tue, Apr 7, 2020 at 7:38 AM Sara Dickinson < [email protected]> >>> wrote: >>> >>> The goal of this text is to enumerate for the end user the privacy >>> considerations of using such an application so I propose this text: >>> >>> "For users to have the ability to manage the application-specific DNS >>> settings in a similar fashion to the OS DNS settings, each application also >>> needs to expose the default settings to the user, provide a configuration >>> interface to change them, and support configuration of user specified >>> resolvers. >>> >>> If all of the applications used on a given device also provide a setting >>> to use the system resolver, then the device can be reverted to a single >>> point of control for all DNS queries. If not, then (depending on the >>> application and transport used for DNS queries) users should take note that >>> they may not be able to inspect all their DNS queries or manage them to set >>> device wide controls e.g. domain based query re-direction or filtering. “ >>> >>> >>> I don't think this addresses my concern, because "revert" implies that >>> this is somehow the default situation, which, as I said, is not clearly the >>> case because applications have been doing their own resolution for some >>> time. >>> >>> In the interest of moving forward, i suggest you change the term >>> "reverted" to "configured" and add at the end "Note that this does not >>> guarantee controlling malware name resolution as it can simply ignore >>> whatever the system resolver and any user configuration settings.." >>> >>> I don't understand where in the proposed text there was a reference to >>> malware that prompted further discussion of the effectiveness of using DNS >>> to counter it. In any case, if we think that we need to discuss this topic >>> at that point in the draft, one should also note that there also are ways >>> to prevent malware from reaching a different resolver, though they are less >>> likely to work once connections are encrypted, etc. But I think that this >>> would make reaching consensus even harder, so perhaps we could avoid doing >>> so and just focus on suggestions related to application configuration. >>> >> >> Well, I would be happy to strike this text entirely. However, the text >> speaks of "control" and if we're going to say that, we should acknowledge >> that the system DNS is not going to let you control malicious applications >> because malware can just do its own resolution. As it is, I think the text >> gives a false impression >> >> >> How about making the last sentence a little more specific instead: >> >> If not, then (depending on the application and transport used for DNS >> queries) users should take note that they may not be able to inspect the >> DNS queries generated by such applications, or manage them to set >> consistent application-level controls across the device for e.g. domain >> based query re-direction or filtering. “ >> > > If the feeling is that it is really needed then I would suggest text that > is consistent with that used in section 3.5.2.1, for example: > > “ In addition, if a client device is compromised by a malicious > application, the attacker can > use application-specific DNS resolvers, transport and settings of its > own choosing.” > Sort of. This seems like it still buries the lede. "Note that if a client device is compromised by a malicious application, the attacker can use application-specific DNS resolvers, transport and settings of its own choosing and thus will not be affected by these controls." > Sara. > > > >> Sara. >> >> >> -Ekr >> >> -- >>> >>> Vittorio Bertola | Head of Policy & Innovation, Open-Xchange >>> [email protected] >>> Office @ Via Treviso 12, 10144 Torino, Italy >>> >>> >> _______________________________________________ >> dns-privacy mailing list >> [email protected] >> https://www.ietf.org/mailman/listinfo/dns-privacy >> > >
_______________________________________________ dns-privacy mailing list [email protected] https://www.ietf.org/mailman/listinfo/dns-privacy
