Kenji Baheux writes:
> * We are considering a first milestone where Chrome would do an automatic
> upgrade to DoH when a user’s existing resolver is capable of it.
Sorry for the delayed question, but with respect to this bullet:
1) Do you have evidence that DOH is faster than DOT, since
Eliot Lear writes:
> Hi Wes,
>
> On 22 Mar 2019, at 00:21, Wes Hardaker wrote:
>
> If DNS privacy is a goal,
>
> It is a goal. It is not the only goal. There is a tussle here. Let’s
> recognize that.
Sorry, I knew it was a goal... Just inserted wording to draw attention
to it. The
I like it if you would kindly define “privacy” in the context of “a DNS
resolver that protects our users’ privacy.” Does that mean hiding their lookups
from ISPs who might want to enter the market for targeted ads while using them
for your company’s own purposes, or just protecting user queries
I like it if you would kindly define “privacy” in the context of “a DNS
resolver that protects our users’ privacy.” Does that mean hiding their lookups
from ISPs who might want to enter the market for targeted ads while using them
for your company’s own purposes, or just protecting user queries
Hiya,
On 22/03/2019 22:08, Puneet Sood wrote:
> As a core principle, Google Public DNS aims to provide a DNS resolver
> that respects our users’ privacy. Towards that goal, we aim to provide
> high quality implementations of various DNS transport mechanisms that
> our users can use to reach the
Hello,
There has been much discussion in the IETF lists over the impact of
using DNS-over-HTTPS (DoH) in a network. We would like to clarify the
Google Public DNS position on this topic. The post I am replying to is
particularly relevant since it makes some assumptions about the plans
of the
Jared Mauch wrote on 2019-03-22 11:59:
So my thoughts on this real quick: one of the reasons many people are
using centralized services like 8.8.8.8 (for example) is its complex
to run these servers properly.
i think those optics are the motive, as you say.
however, it is not complex, as
> On Mar 21, 2019, at 11:29 PM, Brian Dickson
> wrote:
>
> I realize, expressiveness adds complexity. However, it does avoid assumptions
> and overloading.
>
> The main criteria is agreement on client vs server (i.e. standardize this
> stuff), and possibly also add the network as another
On Mar 22, 2019, at 18:35, Paul Vixie wrote:
all statements made to date by the india and united kingdom governments
have indicated that their plans to support in-country RDNS will not be
mandatory, just as canada's (operated by CIRA) is not mandatory.
Others here can speak more authoritatively
On 3/22/19, 3:53 AM, "Doh on behalf of Vittorio Bertola" wrote:
> letting each application pick its own default resolver, creates a fragmented
> mess of a network
[JL] Troubleshooting also becomes potentially more complicated. I can't ask a
user to run dig or nslookup and tell me what it
Bill Woodcock wrote on 2019-03-22 10:13:
On Mar 22, 2019, at 12:53 AM, Vittorio Bertola
wrote: If DoH
deployment continues this way, I do see some governments - even in
Europe - trying to go in that direction, either by mandating the
use of in-country resolvers…
India has already started
Ted Lemon wrote on 2019-03-22 04:14:
... I don’t think
there’s any reason to use DoH if you trust the local resolver.
i'd go further, but i won't, here.
instead i'll say, others go further, and say, centralization is nec'y
for privacy because it sends queries through a blender, so that
> On Mar 22, 2019, at 12:53 AM, Vittorio Bertola
> wrote:
> If DoH deployment continues this way, I do see some governments - even in
> Europe - trying to go in that direction, either by mandating the use of
> in-country resolvers…
India has already started down that path, and it looks like
Hi Jaques, et al.
Tom Pusateri can probably say something on his now expired
https://www.ietf.org/archive/id/draft-pusateri-dhc-dns-driu-00.txt.
The git commentary at
https://github.com/pusateri/draft-tpwt-dhc-dns-discovery says:
Ted Lemon made a good argument that DHCP should only be used
On Mar 21, 2019, at 6:50 PM, John Levine wrote:
> I believe that for DoT, the idea is that the client just probes the
> DNS server address on port 853 and uses it if it gets an answer. I
> suppose you could try the same thing on port 443 but that seems
> riskier.
This is a workaround for the
Hi Wes,
On 22 Mar 2019, at 00:21, Wes Hardaker wrote:
>
> If DNS privacy is a goal,
It is a goal. It is not the only goal. There is a tussle here. Let’s
recognize that.
Eliot___
DNSOP mailing list
DNSOP@ietf.org
On 22 Mar 2019, at 11:15, Winfield, Alister
wrote:
> Okay sorry perhaps I should put it differently...
>
> Don't overplay the privacy provided by DoH it has no effect on the DNS
> provider so any hint of 'privacy' should be caveated by stating its only as
> private as the company and country
Okay sorry perhaps I should put it differently...
Don't overplay the privacy provided by DoH it has no effect on the DNS provider
so any hint of 'privacy' should be caveated by stating its only as private as
the company and country in which that company is founded, and where it operates
On Mar 22, 2019, at 09:48, Winfield, Alister
wrote:
> Note, I guarantee certain US organisations are loving the idea that large
> percentages of worldwide DNS might go to a small number of American companies.
I hate to break it to you, but between a tenth and a fifth of
worldwide DNS resolver
>> I think this is a mischaracterization of the debate, which actually
>> started because of a third position that you don't mention: Mozilla's
>> public statement that in the future they will force (or, at least, make as
>> a default - clarification requests haven't solved the doubt yet) Firefox
I have to say it but almost certainly Ill stop using any software that choses
at any point to silently choose what I mean by the word privacy. (using a large
scale American provider fior doh example). This is simple you allow choice but
that choice MUST be both visible and explicit on what the
On 22/03/2019 08:33, Eric Rescorla wrote:
I'm not sure where you have attempted to clarify this point (I think
we've been clear on this point at
https://hacks.mozilla.org/2018/05/a-cartoon-intro-to-dns-over-https/)
Regardless of what the default is, users will be able to disable DoH.
On Fri, Mar 22, 2019 at 12:53 AM Vittorio Bertola wrote:
>
>
> > Il 22 marzo 2019 alle 4.40 Christian Huitema ha
> scritto:
> >
> > Much of the debate is on the second point. One position is that users
> should be forced to trust the DNS resolver provided by the local
> infrastructure. Another
> Il 22 marzo 2019 alle 4.40 Christian Huitema ha scritto:
>
> Much of the debate is on the second point. One position is that users should
> be forced to trust the DNS resolver provided by the local infrastructure.
> Another position is that users have the right to apply their own policy
24 matches
Mail list logo
