[CPWG] [registration-issues-wg] Fwd: NARALO Insight: DNS Over HTTPS

Roberto Gaetano roberto_gaetano at hotmail.com
Tue Sep 24 11:03:47 UTC 2019 

Exactly.
What Paul Dixie said is that when this is decided by the user is no harm but the problem is when this happens by choice of the browser without the user knowing it.
R


On 24.09.2019, at 13:49, Lutz Donnerhacke <lutz at donnerhacke.de<mailto:lutz at donnerhacke.de>> wrote:

That’s the intended use case for DoH.
But DoH by default, is a serious threat to end user privacy as well as the global DNS infrastructure (incl. ICANN).

Von: registration-issues-wg <registration-issues-wg-bounces at atlarge-lists.icann.org<mailto:registration-issues-wg-bounces at atlarge-lists.icann.org>> Im Auftrag von Olivier MJ Crépin-Leblond
Gesendet: Dienstag, 24. September 2019 12:28
An: cpwg at icann.org<mailto:cpwg at icann.org>
Betreff: [SPAM:2.5] Re: [registration-issues-wg] [CPWG] Fwd: NARALO Insight: DNS Over HTTPS

Dear Roberto,

thanks for your update on this.
Worth noting, this week-end, a non-technical colleague of mine told me of his liking of DoH on his browser as he and his colleagues in his company are able to go around the DNS blocking that the company practices as a policy, thus letting him check his emails from work. So as far as he's concerned, he likes DNS over HTTPS!
Best,

Olivier
On 24/09/2019 11:13, Roberto Gaetano wrote:
Hi all.
I am now in Kiev, attending the RIPE NCC meeting.
In the first half day DNS over HTTPS has been “the” topic. First, there has been a presentation by Taras Heichenko - see https://www.ripe.net/participate/forms/uploads/fobi_plugins/file/ripe-ncc-days-kyiv/Heichenko-Kyiv_c9c20432-48ac-4dcd-be4e-f068190c9f97.pdf - that illustrated the technology after a brief general explanation of the DNS. Then Paul Vixie - see https://www.ripe.net/participate/forms/uploads/fobi_plugins/file/ripe-ncc-days-kyiv/2019-09%20dns%20wars%20ripedayskyiv_799b5067-66a7-48ef-a962-e2cae5aa677f.pdf - presented a vehement attack on DoH getting into details about all the damages it can, and will, produce. I have asked him whether pressure from the users could have any effect, to which he answered that many users trust their browser suppliers more than they trust, e.g., their government, so he doubts that this pressure could be created.
To me, this means that we, as ALAC, have the basic task of informing the users about the risks and create awareness in first place. It seems to me that besides technical circles - RIPE NCC being one - there is not enough information to the laymen users.
Cheers,
Roberto



Begin forwarded message:

From: Vittorio Bertola <vb at bertola.eu<mailto:vb at bertola.eu>>
Subject: Re: [registration-issues-wg] [CPWG] NARALO Insight: DNS Over HTTPS
Date: 24. June 2019 at 18:26:48 EEST
To: Roberto Gaetano <roberto_gaetano at hotmail.com<mailto:roberto_gaetano at hotmail.com>>
Cc: Hadia Abdelsalam Mokhtar EL miniawi <Hadia at tra.gov.eg<mailto:Hadia at tra.gov.eg>>, Hadia El Miniawi <hadiaminiawi at yahoo.com<mailto:hadiaminiawi at yahoo.com>>, "Eduardo Diaz <eduardodiazrivera at gmail. com><mailto:eduardodiazrivera at gmail.com>" <eduardodiazrivera at gmail.com<mailto:eduardodiazrivera at gmail.com>>, CPWG <cpwg at icann.org<mailto:cpwg at icann.org>>

Il 2019-06-24 17:12 Roberto Gaetano ha scritto:

Video recording and transcription are not yet available.
However, I am sure that Vittorio can send, in the meantime, the slides
of his presentation.
He is in copy of this message - but he is also here in Marrakesh, so
any of us who sees him can ask.

Hi all,

the information on last week's panel, including the link to download the presentation that I gave, can be found here:

https://eurodigwiki.org/wiki/DNS_over_HTTPS_%E2%80%93_What_is_it,_and_why_should_you_care%3F_%E2%80%93_WS_06_2019

Video is not yet available, but you can watch the version I gave at FOSDEM, though the EuroDIG one was updated and especially integrated with an easier explanation of encrypted DNS for non-technical people:

https://www.youtube.com/watch?v=AMk12379DQ4

Regards,
--
vb.                   Vittorio Bertola - vb [a] bertola.eu<http://bertola.eu/>   <--------
-------->        now blogging & more at http://bertola.eu/   <--------




_______________________________________________

CPWG mailing list

CPWG at icann.org<mailto:CPWG at icann.org>

https://mm.icann.org/mailman/listinfo/cpwg



_______________________________________________

By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and the website Terms of Service (https://www.icann.org/privacy/tos). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.


_______________________________________________
CPWG mailing list
CPWG at icann.org<mailto:CPWG at icann.org>
https://mm.icann.org/mailman/listinfo/cpwg

_______________________________________________
By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and the website Terms of Service (https://www.icann.org/privacy/tos). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on._______________________________________________
registration-issues-wg mailing list
registration-issues-wg at atlarge-lists.icann.org<mailto:registration-issues-wg at atlarge-lists.icann.org>
https://mm.icann.org/mailman/listinfo/registration-issues-wg

_______________________________________________
By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and the website Terms of Service (https://www.icann.org/privacy/tos). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/cpwg/attachments/20190924/bba06765/attachment-0001.html>

More information about the CPWG mailing list