On 10/10/2020 2:28 AM, Christian Huitema wrote: On 10/9/2020 3:32 PM, Tommy Pauly wrote: Hi Andrew,
At least the cookie aspect of this isn’t just a “best practice” of one implementer, but something indeed built into the protocol spec (https://tools.ietf.org/html/rfc8484): Determining whether or not a DoH implementation requires HTTP cookie [RFC6265<https://tools.ietf.org/html/rfc6265>] support is particularly important because HTTP cookies are the primary state tracking mechanism in HTTP. HTTP cookies SHOULD NOT be accepted by DOH clients unless they are explicitly required by a use case. I think it is incorrect to characterize that DoH has a flawed design by basing itself on a protocol that allows cookies, or allows multiplexing. These are certainly tools provided by HTTP, but it is up to use them or not as appropriate. “Bad” implementations can put information in just about any protocol that could be used for tracking users. I am not sure about that. These days, if a protocol design allow it to be used for surveillance, you can be pretty sure that it will be. That’s my concern too. If the capability exists then it will be used, the opportunity for monetisation (and other negative outcomes) is too great. Maybe DoH should add a requirement for servers to reject requests on multiplexed connections, or reject requests that come with cookies attached. That would provide a strong incentive for clients to do the right thing. My European DNS Resolver Policy for resolver operators includes the following: “[operators of DNS resolver services] SHOULD NOT use or require HTTP cookies when communicating with DNS clients that use HTTP-based DNS transports for resolution”. Andrew
_______________________________________________ dns-privacy mailing list [email protected] https://www.ietf.org/mailman/listinfo/dns-privacy
