From sdelbianco at netchoice.org Wed Jan 20 18:59:44 2021 From: sdelbianco at netchoice.org (Steve DelBianco) Date: Wed, 20 Jan 2021 18:59:44 +0000 Subject: [bc-gnso] ICANN Business Constituency comment on DoH and TRR Message-ID: Below and attached please find: ICANN Business Constituency response to Mozilla DNS over HTTPS (DoH) and Trusted Recursive Resolver (TRR) Comment Period The Internet Corporation for Assigned Names and Numbers (ICANN) Business Constituency (BC) is a chartered community in ICANN?s Generic Names Supporting Organization (GNSO), representing business of every size from all geographic regions. The BC?s mission is to advance policies for the DNS which develop an Internet that: * promotes end-user confidence because it is a safe place to conduct business * is competitive in the supply of registry and registrar and related services * is technically stable, secure and reliable. It is our pleasure to contribute to this public consultation being carried out by Mozilla, and we commend the organization?s efforts to advance conversations on this important subject. The ICANN community has for over two decades focused on developing policies for the DNS through a bottom-up, consensus-based processes, making use of the multistakeholder model to achieve balance between different points of view and arrive at satisfactory compromises. We recognize the value in innovation and developing new technologies such as DNS over HTTPS (DoH), which have the potential to increase the privacy of DNS queries. On the other hand, we also find some of its aspects concerning, particularly in relation to maintaining the legitimacy of the development of consensus-based policies within technical and multistakeholder bodies such as ICANN. It is possible that a lack of awareness of the consensus policies established within these bodies could result in them being overridden. We are in agreement with our colleagues from the ICANN At-Large Advisory Committee (ALAC), who wrote, ?It is clear that DoH could have a direct impact on the DNS and Root Server System that ICANN is supporting?. In Mozilla?s ?Security/DOH-resolver-policy?, under ?Blocking & Modification Prohibitions?, we acknowledge that it is stated that ?The party operating the resolver should not by default block or filter domains unless specifically required by law in the jurisdiction in which the resolver operates.? However, this does not fully contemplate the scope of the decisions related to names and numbers that are painstakingly arrived at by the ICANN community. We also, for example, watch over the addition and removal of entries to the root zone, which should remain the forte of the global Internet community through ICANN?s consensus driven multi-stakeholder process. These cases also need to be considered in order for TRRs to be in alignment with the norms set by ICANN. It is our main intent with this comment to highlight the importance of compliance with the multistakeholder decisions arrived at by the ICANN community, so that we are able to maintain a single, interoperable Internet. We invite any interested representatives from Mozilla and the parties responsible for the Trusted Recursive Resolver (TRR) to engage with the ICANN Business Constituency to exchange ideas. An eventual implementation of DoH as an opt-out feature in all browser installations will clash with the corporate networks of a number of companies around the world, becoming a burden on enterprise users that operate using their own policies. Measures to facilitate the overriding of this setting at a large scale need to be put in place in order to avoid the generation of this problem. It is also of note to a number of our members that these technologies could significantly impact the ability of ISPs to comply with legal and regulatory obligations from their regional governments, be they related to activity logging, intellectual property protection, parental controls, cybersecurity, or any such purpose. This is a subject that needs to be clarified moving forward, to avoid unintended consequences such as the forcible circumvention or attempts at blocking DoH by State actors. Given all of the above, we invite Mozilla to consider the importance of creating mechanisms to ensure that trusted DoH (or similar) providers are not deviating from the consensus of the global community and preserve an obligation to adhere to these policies. Thank you for the opportunity to comment on this issue. Sincerely, The ICANN Business Constituency (BC) Mark Datysgeld, GNSO Councilor Alex Deacon, BC member Mark Svancarek, BC member Steve DelBianco, Vice Chair for BC Policy Coordination 18 January 2021 -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: ICANN BC response to Mozilla DoH and TRR comment period.pdf Type: application/pdf Size: 59565 bytes Desc: ICANN BC response to Mozilla DoH and TRR comment period.pdf URL: