re Privacy issues in proposed DNS protocol extension

[Dave Farber <dave () farber net>]

Begin forwarded message:

> From: Dan Lynch <dan () lynch com>
> Date: January 29, 2010 4:28:52 PM EST
> To: Dave Farber <dave () farber net>
> Subject: Re: [IP] Privacy issues in proposed DNS protocol extension

> Privacy?  Get over it!  Scott McNealy said that decades ago.  Still  
> true.
>
> Marketers have your ZIP code already.  That spells out more that  
> your DNS server ever will.
>
> Dan
>
>
>
> On 1/29/10 1:15 PM, "Dave Farber" <dfarber () me com> wrote:
>
>
> >From: "Joe Baptista" <baptista () publicroot org>
> >To: "Lauren Weinstein" <lauren () vortex com>
> >Cc: <nnsquad () nnsquad org>
> >Date: January 29, 2010 03:49:44 PM EST
> >Subject: [ NNSquad ] Re: Privacy issues in proposed DNS protocol  
> extension
> >
> >
> I'm taking this opportunity and invitation from Lauren to address  
> the privacy issues in the Google DNSEXT proposal.
>
> This protocol will be welcomed by big business. It's perfect for  
> targeted marketing campaigns. Based on your IP address an  
> authoritative name server can direct your query to specific resources.
>
> The new protocol will allow geo-targeted responses based on the  
> users network address location. The rationalization seems to be that  
> a user will be better served by a nearby server therefore improving  
> speed, latency, and network utilization.
>
> I'm sure the protocol will be used for this purpose in some cases  
> but not in all. I predict the use of the protocol by big business  
> will have less to do with improving the user experience and more to  
> do with target marketing efforts. After all if they know where you  
> live they can better target their products and services to you.
>
> Those concerned about privacy have good reason to red flag this  
> protocol. The user will have less privacy in the DNS then they do  
> now. Thats a given. Even with the recommended anonymization  
> procedure privacy issues are a concern.
>
> But let's not forget that every time you visit a web site your IP  
> address is known. Is it a big deal that now the DNS servers know  
> your network address? If the protocol becomes a reality I have no  
> doubt that with the state of the DNS and security issues these days  
> that abuses will happen.
>
> There will be provacy issues when it comes to anonymous proxy  
> services. Anonymous proxies are used to hide users IP addresses from  
> websites. It seems to me the new Google DNSEXT protocol may defeat  
> the purpose behind anonymous proxy services.
>
> regards
> joe baptista
>
> On Wed, Jan 27, 2010 at 10:22 PM, Lauren Weinstein  
> <lauren () vortex com> wrote:
>
> Several people have already asked me about the privacy implications
> associated with http://bit.ly/cAS0rO (Google Code Blog).
>
> For now, I recommend reading the full Draft:
>
> http://bit.ly/bf7wa7  (IETF)
>
> for details, but the executive summary is that the default
> recommendation is anonymization of the low order octet of IP
> addresses, and includes a mechanism for full address opt-out
> from the extension (see section 8.1).
>
> I welcome discussion here in NNSquad of the perceived implications of
> this proposal, both positive and/or negative.
>
> --Lauren--
> NNSquad Moderator
>
>
>
>    Archives <https://www.listbox.com/member/archive/247/=now> <https://www.listbox.com/member/archive/rss/247/ 
> > <http://www.listbox.com>
>
>
>
>
> Tel. 707-967-0203   Cell  650-776-7313
> My assistant is Dori Kirk   Tel. 707-255-7094  dori () lynch com



-------------------------------------------
Archives: https://www.listbox.com/member/archive/247/=now
RSS Feed: https://www.listbox.com/member/archive/rss/247/
Powered by Listbox: http://www.listbox.com