nanog mailing list archives
Re: DNS Recursive Operators: Please enable QNAME minimization (RFC7816) for the enhanced privacy of your users
From: Rubens Kuhl <rubensk () gmail com>
Date: Wed, 11 Mar 2020 22:31:50 -0300
On Tue, Mar 10, 2020 at 5:30 PM Owen DeLong <owen () delong com> wrote:
For anyone considering enabling DOH, I seriously recommend reviewing Paul Vixie’s keynote at SCaLE 18x Saturday morning. https://www.youtube.com/watch?v=artLJOwToVY It contains a great deal of food for thought on a variety of forms of giving control over to corporations over things you probably don’t really want corporations controlling in your life.
Depends on your threat model: ISPs, Big Tech companies, State-level actors, random hacker at the same Wi-Fi network. The problem with DoH is that software developer picks the threat model he or she thinks is most relevant, and applies to all use cases. Solution is to ask user what is the user threat model and apply it. DoH/DoT are not harmful per se, their indiscriminate usage is. Rubens
Current thread:
- Re: DNS Recursive Operators: Please enable QNAME minimization (RFC7816) for the enhanced privacy of your users Owen DeLong (Mar 13)
- Re: DNS Recursive Operators: Please enable QNAME minimization (RFC7816) for the enhanced privacy of your users Rubens Kuhl (Mar 13)
- Re: DNS Recursive Operators: Please enable QNAME minimization (RFC7816) for the enhanced privacy of your users Owen DeLong (Mar 13)
- Re: DNS Recursive Operators: Please enable QNAME minimization (RFC7816) for the enhanced privacy of your users JASON BOTHE via NANOG (Mar 13)
- Re: DNS Recursive Operators: Please enable QNAME minimization (RFC7816) for the enhanced privacy of your users Jan Schaumann (Mar 13)
- Re: DNS Recursive Operators: Please enable QNAME minimization (RFC7816) for the enhanced privacy of your users Owen DeLong (Mar 13)
- Re: DNS Recursive Operators: Please enable QNAME minimization (RFC7816) for the enhanced privacy of your users Owen DeLong (Mar 13)
- Re: DNS Recursive Operators: Please enable QNAME minimization (RFC7816) for the enhanced privacy of your users Rubens Kuhl (Mar 13)
- <Possible follow-ups>
- Re: DNS Recursive Operators: Please enable QNAME minimization (RFC7816) for the enhanced privacy of your users Scott Weeks (Mar 13)