Educause Security Discussion mailing list archives
Re: DNS over HTTPS changes
From: John McCabe <john.mccabe01 () MANHATTAN EDU>
Date: Wed, 25 Sep 2019 11:39:30 -0400
We are not planning on preventing DoH for devices we manage. My feeling is the opportunity of network-based visibility is shrinking. While DoH has its own privacy drawbacks, it is what the browsers seem to be backing in response to insecure DNS. We will be focusing on host-based visibility tools to work around/with this trend. On Wed, Sep 25, 2019 at 8:32 AM Barros, Jacob <jkbarros () grace edu> wrote:
An email went out on the NETMAN list earlier this month about DNS over HTTPS with very little response and I was surprised at the lack of discussion. Would you indulge my curiosity and help create a baseline for meetings I have scheduled later this month? Specifically, for institutionally managed devices are you disabling DNS over HTTPS in your browsers? For non-managed devices, is there intent to block DNS over HTTPs or TLS and if so what would your reasons be for doing so? Has anyone published information for students on how this might impact them? I know Cisco has published workarounds if there is an issue with Umbrella/OpenDns. Are there other services that you're concerned about? Jake <https://www.grace.edu/> Jacob Barros Associate Director of IT, Network and Operations | OIT E: barrosjk () grace edu | W: 574.372.5100 ext. 6178 <https://www.grace.edu/> ********** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community
-- *John McCabe * *Senior Information Security Manager & Data Protection OfficerInformation Technology Services* [image: Manhattan College Logo/Shield] Riverdale, NY 10471 Phone: 718-862-6217 john.mccabe01 () manhattan edu www.manhattan.edu ********** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community
Current thread:
- DNS over HTTPS changes Barros, Jacob (Sep 25)
- Re: DNS over HTTPS changes Pete, Andrew (Sep 25)
- Re: DNS over HTTPS changes Kevin Wilcox (Sep 25)
- Re: DNS over HTTPS changes LaPorte, David (Sep 25)
- Re: DNS over HTTPS changes Barros, Jacob (Sep 25)
- Re: DNS over HTTPS changes LaPorte, David (Sep 25)
- Re: DNS over HTTPS changes John McCabe (Sep 25)