[GTLD-WG] [CPWG] [registration-issues-wg] Fwd: NARALO Insight: DNS Over HTTPS

Satish Babu via CPWG cpwg at icann.org
Tue Sep 24 11:11:22 UTC 2019


An average end-user may not know if DoH is enabled by default or not in her
browser, and this may cause unexpected behavior leading to user confusion.
Mozilla appears to have enabled DoH by default in some parts of the world
from Sep 2019.

We certainly have a role in explaining DoH to the end-user community so
that users can take informed decisions.

With kind regards,




satish

On Tue, Sep 24, 2019 at 4:34 PM Roberto Gaetano <roberto_gaetano at hotmail.com>
wrote:

> Exactly.
> What Paul Dixie said is that when this is decided by the user is no harm
> but the problem is when this happens by choice of the browser without the
> user knowing it.
> R
>
>
> On 24.09.2019, at 13:49, Lutz Donnerhacke <lutz at donnerhacke.de> wrote:
>
> That’s the intended use case for DoH.
> But DoH by default, is a serious threat to end user privacy as well as the
> global DNS infrastructure (incl. ICANN).
>
> *Von:* registration-issues-wg <
> registration-issues-wg-bounces at atlarge-lists.icann.org> *Im Auftrag von *Olivier
> MJ Crépin-Leblond
> *Gesendet:* Dienstag, 24. September 2019 12:28
> *An:* cpwg at icann.org
> *Betreff:* [SPAM:2.5] Re: [registration-issues-wg] [CPWG] Fwd: NARALO
> Insight: DNS Over HTTPS
>
>
> Dear Roberto,
>
> thanks for your update on this.
> Worth noting, this week-end, a non-technical colleague of mine told me of
> his liking of DoH on his browser as he and his colleagues in his company
> are able to go around the DNS blocking that the company practices as a
> policy, thus letting him check his emails from work. So as far as he's
> concerned, he likes DNS over HTTPS!
> Best,
>
> Olivier
> On 24/09/2019 11:13, Roberto Gaetano wrote:
>
> Hi all.
> I am now in Kiev, attending the RIPE NCC meeting.
> In the first half day DNS over HTTPS has been “the” topic. First, there
> has been a presentation by Taras Heichenko - see
> https://www.ripe.net/participate/forms/uploads/fobi_plugins/file/ripe-ncc-days-kyiv/Heichenko-Kyiv_c9c20432-48ac-4dcd-be4e-f068190c9f97.pdf
>  - that illustrated the technology after a brief general explanation of
> the DNS. Then Paul Vixie - see
> https://www.ripe.net/participate/forms/uploads/fobi_plugins/file/ripe-ncc-days-kyiv/2019-09%20dns%20wars%20ripedayskyiv_799b5067-66a7-48ef-a962-e2cae5aa677f.pdf
>  - presented a vehement attack on DoH getting into details about all the
> damages it can, and will, produce. I have asked him whether pressure from
> the users could have any effect, to which he answered that many users trust
> their browser suppliers more than they trust, e.g., their government, so he
> doubts that this pressure could be created.
> To me, this means that we, as ALAC, have the basic task of informing the
> users about the risks and create awareness in first place. It seems to me
> that besides technical circles - RIPE NCC being one - there is not enough
> information to the laymen users.
> Cheers,
> Roberto
>
>
>
> Begin forwarded message:
>
> *From: *Vittorio Bertola <vb at bertola.eu>
> *Subject: Re: [registration-issues-wg] [CPWG] NARALO Insight: DNS Over
> HTTPS*
> *Date: *24. June 2019 at 18:26:48 EEST
> *To: *Roberto Gaetano <roberto_gaetano at hotmail.com>
> *Cc: *Hadia Abdelsalam Mokhtar EL miniawi <Hadia at tra.gov.eg>, Hadia El
> Miniawi <hadiaminiawi at yahoo.com>, "Eduardo Diaz <eduardodiazrivera at gmail.
> com> <eduardodiazrivera at gmail.com>" <eduardodiazrivera at gmail.com>, CPWG <
> cpwg at icann.org>
>
> Il 2019-06-24 17:12 Roberto Gaetano ha scritto:
>
> Video recording and transcription are not yet available.
> However, I am sure that Vittorio can send, in the meantime, the slides
> of his presentation.
> He is in copy of this message - but he is also here in Marrakesh, so
> any of us who sees him can ask.
>
>
> Hi all,
>
> the information on last week's panel, including the link to download the
> presentation that I gave, can be found here:
>
>
> https://eurodigwiki.org/wiki/DNS_over_HTTPS_%E2%80%93_What_is_it,_and_why_should_you_care%3F_%E2%80%93_WS_06_2019
>
> Video is not yet available, but you can watch the version I gave at
> FOSDEM, though the EuroDIG one was updated and especially integrated with
> an easier explanation of encrypted DNS for non-technical people:
>
> https://www.youtube.com/watch?v=AMk12379DQ4
>
> Regards,
> --
> vb.                   Vittorio Bertola - vb [a] bertola.eu   <--------
> -------->        now blogging & more at http://bertola.eu/   <--------
>
>
>
>
> _______________________________________________
>
> CPWG mailing list
>
> CPWG at icann.org
>
> https://mm.icann.org/mailman/listinfo/cpwg
>
>
>
> _______________________________________________
>
> By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and the website Terms of Service (https://www.icann.org/privacy/tos). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.
>
>
> _______________________________________________
> CPWG mailing list
> CPWG at icann.org
> https://mm.icann.org/mailman/listinfo/cpwg
>
> _______________________________________________
> By submitting your personal data, you consent to the processing of your
> personal data for purposes of subscribing to this mailing list accordance
> with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and
> the website Terms of Service (https://www.icann.org/privacy/tos). You can
> visit the Mailman link above to change your membership status or
> configuration, including unsubscribing, setting digest-style delivery or
> disabling delivery altogether (e.g., for a vacation), and so
> on._______________________________________________
> registration-issues-wg mailing list
> registration-issues-wg at atlarge-lists.icann.org
> https://mm.icann.org/mailman/listinfo/registration-issues-wg
>
> _______________________________________________
> By submitting your personal data, you consent to the processing of your
> personal data for purposes of subscribing to this mailing list accordance
> with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and
> the website Terms of Service (https://www.icann.org/privacy/tos). You can
> visit the Mailman link above to change your membership status or
> configuration, including unsubscribing, setting digest-style delivery or
> disabling delivery altogether (e.g., for a vacation), and so on.
>
>
> _______________________________________________
> CPWG mailing list
> CPWG at icann.org
> https://mm.icann.org/mailman/listinfo/cpwg
>
> _______________________________________________
> By submitting your personal data, you consent to the processing of your
> personal data for purposes of subscribing to this mailing list accordance
> with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and
> the website Terms of Service (https://www.icann.org/privacy/tos). You can
> visit the Mailman link above to change your membership status or
> configuration, including unsubscribing, setting digest-style delivery or
> disabling delivery altogether (e.g., for a vacation), and so on.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://atlarge-lists.icann.org/pipermail/gtld-wg/attachments/20190924/1f9acffc/attachment-0001.html>
-------------- next part --------------
_______________________________________________
CPWG mailing list
CPWG at icann.org
https://mm.icann.org/mailman/listinfo/cpwg

_______________________________________________
By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and the website Terms of Service (https://www.icann.org/privacy/tos). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.


More information about the GTLD-WG mailing list