Re: [Last-Call] [dns-privacy] Review of draft-ietf-dprive-rfc7626-bis-03

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Wed, Dec 18, 2019 at 7:07 AM Sara Dickinson <sara@xxxxxxxxxxx> wrote:

Suggest the following text with the goal of getting consensus that the opinion exists and is held by many network operators, not that the opinion itself has consensus:

OLD:
“ In some cases, networks might block access to remote resolvers for security reasons, for example to cripple malware and bots or to prevent data exfiltration methods that use encrypted DNS communications as transport.  In these cases, if the network fully respects user privacy in other ways (i.e.  encrypted DNS and good data handling policies) the block can serve to further protect user privacy by ensuring such security precautions."

NEW:
“ Many network operators argue that they block access to remote resolvers for security reasons, for example to cripple malware and bots or to prevent data exfiltration methods that use encrypted DNS communications as transport.  Further discussion of Internet service blocking and filtering can be found in [RFC7754]."

Well, this is a new form of "many people are saying..." to me. I sent a few messages about specific sections of this document, which are yet to be addressed, but I also think the entire document is misguided and shouldn't be published.

It seems to contain a lot of "both sides" rhetoric that is ungrounded in technical matters, and not appropriate for the IETF to publish.

For example, a reasonable person might look at ways of preventing and/or uninstalling malware rather than relying on DNS to block it.

thanks,
Rob 

 
-- 
last-call mailing list
last-call@xxxxxxxx
https://www.ietf.org/mailman/listinfo/last-call

[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Mhonarc]     [Fedora Users]

  Powered by Linux