Sara Dickinson writes: > > --===============2811901052251580029== > Content-Type: multipart/alternative; > boundary="Apple-Mail=_F234D728-73AE-4122-ABCB-5C9595DA36B9" > > > --Apple-Mail=_F234D728-73AE-4122-ABCB-5C9595DA36B9 > Content-Transfer-Encoding: quoted-printable > Content-Type: text/plain; > charset=utf-8 > > > On 24 Jul 2016, at 20:24, Paul Hoffman <paul.hoff...@vpnc.org> wrote: > >=20 > > On 24 Jul 2016, at 11:43, Stephane Bortzmeyer wrote: > >=20 > >> On Sat, Jul 23, 2016 at 08:51:43AM -0700, > >> Paul Hoffman <paul.hoff...@vpnc.org> wrote > >> a message of 46 lines which said: > >>=20 > >>> Proposed replacement: [...] The negative implications of the two > >>> types of privacy are so radically different (a possibly-unusable > >>> Internet service for Strict Privacy; complete control of DNS > >>> responses for Opportunistic Privacy) that neither option can be > >>> considered a good default for all users. > >>=20 > >> The current default is worse than opportunistic privacy, it is no > >> privacy at all. So, I would say that opportunistic privacy is a > >> reasonable default for a new installation of DNS-over-TLS. (It's also > >> the only one realistic since strict privacy would probably require > >> some sort of configuration, that cannot be pre-determined.) > >=20 > > Very good point, and my quote above should not have been focused on = > just the two types. New proposed wording to be added to the one above: > >=20 > > However, a system SHOULD offer at least a default option of = > opportunistic privacy instead of no option for privacy at all. > > Hi Paul/Stephane,=20 > > Thanks for these very good points.=20 > > After the discussion in the WG at IETF 95, we added the last paragraph = > in section 4.1 to explicitly avoid any detailed of when to use what = > profile because there was some consensus that this was too complex to = > give a simple answer to and the situation could change over time, and = > that instead this should be addresses in a separate (BCP) document. But = > clear text no longer being the default for a Privacy capable client = > seems correct here though. How about this wording, which I hope covers = > your points: > > =E2=80=9CStrict Privacy provides the strongest privacy guarantees and = > therefore SHOULD always be implemented in DNS clients along with = > Opportunistic Privacy. > > A DNS client that implements DNS-over-(D)TLS SHOULD NOT default to the = > use of clear text (no privacy).=20 > > The choice between the two profiles depends on a number of factors = > including which is more important to the particular client: > =E2=80=94 DNS service at the cost of no privacy guarantee = > (Opportunistic) or > =E2=80=94 guaranteed privacy at the potential cost of no DNS service = > (Strict).=20 > > Additionally the two profiles require varying levels of > configuration (or a trusted relationship with a provider) and DNS > server capabilities therefore DNS clients will need to carefully = > select which > profile to use based on their communication privacy needs.=20 > > A DNS server that implements DNS-over-TLS SHOULD provide at least one = > credential in order that those DNS clients that wish to do so are able = > to use Strict Privacy (see Section 2). =E2=80=9C > > Sara.=20= > > --Apple-Mail=_F234D728-73AE-4122-ABCB-5C9595DA36B9 > Content-Transfer-Encoding: quoted-printable > Content-Type: text/html; > charset=utf-8 > > <html><head><meta http-equiv=3D"Content-Type" content=3D"text/html = > charset=3Dutf-8"></head><body style=3D"word-wrap: break-word; = > -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" = > class=3D""><blockquote type=3D"cite" class=3D"">On 24 Jul 2016, at = > 20:24, Paul Hoffman <<a href=3D"mailto:paul.hoff...@vpnc.org"; = > class=3D"">paul.hoff...@vpnc.org</a>> = > wrote:</blockquote><div><blockquote type=3D"cite" class=3D""><br = > class=3D""><div class=3D""><div class=3D"">On 24 Jul 2016, at 11:43, = > Stephane Bortzmeyer wrote:<br class=3D""><br class=3D""><blockquote = > type=3D"cite" class=3D"">On Sat, Jul 23, 2016 at 08:51:43AM -0700,<br = > class=3D""> Paul Hoffman <<a href=3D"mailto:paul.hoff...@vpnc.org"; = > class=3D"">paul.hoff...@vpnc.org</a>> wrote<br class=3D""> a message = > of 46 lines which said:<br class=3D""><br class=3D""><blockquote = > type=3D"cite" class=3D"">Proposed replacement: [...] The negative = > implications of the two<br class=3D"">types of privacy are so radically = > different (a possibly-unusable<br class=3D"">Internet service for Strict = > Privacy; complete control of DNS<br class=3D"">responses for = > Opportunistic Privacy) that neither option can be<br class=3D"">considered= > a good default for all users.<br class=3D""></blockquote><br = > class=3D"">The current default is worse than opportunistic privacy, it = > is no<br class=3D"">privacy at all. So, I would say that opportunistic = > privacy is a<br class=3D"">reasonable default for a new installation of = > DNS-over-TLS. (It's also<br class=3D"">the only one realistic since = > strict privacy would probably require<br class=3D"">some sort of = > configuration, that cannot be pre-determined.)<br = > class=3D""></blockquote><br class=3D"">Very good point, and my quote = > above should not have been focused on just the two types. New proposed = > wording to be added to the one above:<br class=3D""><br = > class=3D"">However, a system SHOULD offer at least a default option of = > opportunistic privacy instead of no option for privacy at all.<br = > class=3D""></div></div></blockquote></div><br class=3D""><div = > class=3D"">Hi Paul/Stephane, </div><div class=3D""><br = > class=3D""></div><div class=3D"">Thanks for these very good = > points. </div><div class=3D""><br class=3D""></div><div = > class=3D"">After the discussion in the WG at IETF 95, we added the last = > paragraph in section 4.1 to explicitly avoid any detailed of when to use = > what profile because there was some consensus that this was too complex = > to give a simple answer to and the situation could change over time, and = > that instead this should be addresses in a separate (BCP) document. But = > clear text no longer being the default for a Privacy capable client = > seems correct here though. How about this wording, which I hope covers = > your points:</div><div class=3D""><br class=3D""></div><div = > class=3D"">=E2=80=9CStrict Privacy provides the strongest privacy = > guarantees and therefore SHOULD always be implemented in DNS clients = > along with Opportunistic Privacy.</div><div class=3D""><br = > class=3D""></div><div class=3D""><pre class=3D"newpage" = > style=3D"font-size: 13.3333px; margin-top: 0px; margin-bottom: 0px; = > font-variant-ligatures: normal; line-height: normal; orphans: 2; widows: = > 2;"><font face=3D"Helvetica" style=3D"font-size: 13.3333px;" class=3D"">A = > DNS client that implements DNS-over-(D)TLS SHOULD NOT default to the use = > of clear text (no privacy). </font></pre><pre class=3D"newpage" = > style=3D"font-size: 13.3333px; margin-top: 0px; margin-bottom: 0px; = > font-variant-ligatures: normal; line-height: normal; orphans: 2; widows: = > 2;"><span style=3D"font-size: 13.3333px;" class=3D""><font = > face=3D"Helvetica" class=3D""><br class=3D""></font></span></pre><pre = > class=3D"newpage" style=3D"margin-top: 0px; margin-bottom: 0px; = > font-variant-ligatures: normal; line-height: normal; orphans: 2; widows: = > 2;"><font face=3D"Helvetica" class=3D""><font size=3D"2" class=3D"">The = > choice between the two profiles depends on a number of </font>factors = > including <font size=3D"2" class=3D"">which is more important to the = > particular client:</font></font></pre><pre class=3D"newpage" = > style=3D"margin-top: 0px; margin-bottom: 0px; font-variant-ligatures: = > normal; line-height: normal; orphans: 2; widows: 2;"><font = > face=3D"Helvetica" class=3D""><font size=3D"2" class=3D"">=E2=80=94 DNS = > service at the cost of no privacy </font>guarantee<font size=3D"2" = > class=3D""> (Opportunistic) or</font></font></pre><pre class=3D"newpage" = > style=3D"margin-top: 0px; margin-bottom: 0px; font-variant-ligatures: = > normal; line-height: normal; orphans: 2; widows: 2;"><font = > face=3D"Helvetica" class=3D""><font size=3D"2" class=3D"">=E2=80=94 = > guaranteed privacy at the potential cost of no DNS service = > (Strict). </font></font></pre><pre class=3D"newpage" = > style=3D"margin-top: 0px; margin-bottom: 0px; font-variant-ligatures: = > normal; line-height: normal; orphans: 2; widows: 2;"><font = > face=3D"Helvetica" class=3D""><font size=3D"2" class=3D""><br = > class=3D""></font></font></pre><pre class=3D"newpage" style=3D"margin-top:= > 0px; margin-bottom: 0px; font-variant-ligatures: normal; line-height: = > normal; orphans: 2; widows: 2;"><font face=3D"Helvetica" class=3D""><font = > size=3D"2" class=3D"">Additionally the two profiles require varying = > levels of > configuration (or a trusted relationship with a provider) and DNS > server capabilities therefore DNS clients will need to carefully = > select which > profile to use based on their communication privacy = > needs. </font></font></pre><pre class=3D"newpage" = > style=3D"margin-top: 0px; margin-bottom: 0px; font-variant-ligatures: = > normal; line-height: normal; orphans: 2; widows: 2;"><font = > face=3D"Helvetica" class=3D""><br class=3D""></font></pre><pre = > class=3D"newpage" style=3D"margin-top: 0px; margin-bottom: 0px; = > font-variant-ligatures: normal; line-height: normal; orphans: 2; widows: = > 2;"><font face=3D"Helvetica" class=3D"">A DNS server that implements = > DNS-over-TLS SHOULD provide at least one credential in order that those = > DNS clients that wish to do so are able to use Strict Privacy (see = > Section 2). </font><span style=3D"font-family: Helvetica;" = > class=3D"">=E2=80=9C</span></pre><pre class=3D"newpage" = > style=3D"margin-top: 0px; margin-bottom: 0px; font-variant-ligatures: = > normal; line-height: normal; orphans: 2; widows: 2;"><span = > style=3D"font-size: 13.3333px;" class=3D""><font face=3D"Helvetica" = > class=3D""><br class=3D""></font></span></pre><pre class=3D"newpage" = > style=3D"margin-top: 0px; margin-bottom: 0px; font-variant-ligatures: = > normal; line-height: normal; orphans: 2; widows: 2;"><span = > style=3D"font-size: 13.3333px;" class=3D""><font face=3D"Helvetica" = > class=3D"">Sara. </font></span></pre></div></body></html>= > > --Apple-Mail=_F234D728-73AE-4122-ABCB-5C9595DA36B9-- > > > --===============2811901052251580029== > Content-Type: text/plain; charset="us-ascii" > MIME-Version: 1.0 > Content-Transfer-Encoding: 7bit > Content-Disposition: inline > > _______________________________________________ > dns-privacy mailing list > dns-privacy@ietf.org > https://www.ietf.org/mailman/listinfo/dns-privacy > > --===============2811901052251580029==--
_______________________________________________ dns-privacy mailing list dns-privacy@ietf.org https://www.ietf.org/mailman/listinfo/dns-privacy
