[Ssr2-review] FW: ICANN activity on DoH and other encrypted DNS transports
Jennifer Bryce
jennifer.bryce at icann.org
Thu Nov 7 13:32:33 UTC 2019
FYI
-----Original Message-----
From: Input-to-ssr2rt <input-to-ssr2rt-bounces at icann.org> on behalf of Paul Hoffman <paul.hoffman at icann.org>
Date: Wednesday, November 6, 2019 at 5:39 PM
To: "input-to-ssr2rt at icann.org" <input-to-ssr2rt at icann.org>
Subject: [Input-to-SSR2RT] ICANN activity on DoH and other encrypted DNS transports
Greetings. At Russ' suggestion, I looked at the slides from your public engagement session earlier
in the week, particularly with respect to DoH. Last week, ICANN's Office of the CTO published an
overview of encrypted DNS to help the policy community understand the issues that are being widely
discussed in the technical community.
If you haven't seen "Local and Internet Policy Implications of Encrypted DNS" already, it is at:
https://www.icann.org/en/system/files/files/octo-003-en.pdf
The document outlines (but purposely does not go into detail) the concerns from many parties,
particularly about security. It also covers the adoption of DoH by two major browsers, including an
analysis of their stated plans for deployment to their customers.
One point I would make about the slide given: it appears that the review team is only concerned
about DoH, not DoT. Some proposed uses of DoT causes most of the same ecosystem and security
concerns as DoH does, so you might consider expanding that to "encrypted DNS". The same concern will
come up again in a few years if DoH over Quic or DNS over QUIC is adopted.
Please let me know if I can assist more on this.
--Paul Hoffman
_______________________________________________
Input-to-ssr2rt mailing list
Input-to-ssr2rt at icann.org
https://mm.icann.org/mailman/listinfo/input-to-ssr2rt
_______________________________________________
By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and the website Terms of Service (https://www.icann.org/privacy/tos). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.
More information about the Ssr2-review
mailing list