> Il 13/05/2020 05:12 Ben Schwartz <[email protected]> ha > scritto: > > > > > On Tue, May 12, 2020 at 8:15 AM Vittorio Bertola <vittorio.bertola= > [email protected] mailto:[email protected] > > wrote: > > > > We also know that centralization of the DNS is > potentially a privacy threat, as it makes it easier to track and correlate > multiple activities by the same individual. This does not seem contentious - > it was actually the first example in last year's IAB "DEDR" workshop charter. > > > > > > That seems quite contentious to me. Decentralization of the DNS is > _also_ a privacy threat: running your own recursive leaks your IP to every > authoritative (far worse than ECS!), pinning yourself to a unique recursive > makes you uniquely identifiable as you move across the network, and using a > recursive whose identity is unknown is obviously a privacy concern. > I agree with that, but the two statements are not incompatible with each other. Also, I will note that you are comparing oranges with apples: "centralization of the DNS", as used above, is not about replacing your own recursive with a third party one, but about replacing in the overall DNS resolution system many independent third party resolvers with a single third party resolver that serves many more users. So "decentralization of the DNS" would mean promoting the existence of a higher number of independent resolvers and letting users pick easily and safely the one(s) they want to use, and in that sense it would clearly reduce mass surveillance opportunities, at least until you get to a situation in which each resolver has so few users that it can be used to identify them (which is not a common situation for the average Internet user).
-- Vittorio Bertola | Head of Policy & Innovation, Open-Xchange [email protected] mailto:[email protected] Office @ Via Treviso 12, 10144 Torino, Italy
_______________________________________________ dns-privacy mailing list [email protected] https://www.ietf.org/mailman/listinfo/dns-privacy
