[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
DNS Recursive Operators: Please enable QNAME minimization (RFC7816) for the enhanced privacy of your users
- Subject: DNS Recursive Operators: Please enable QNAME minimization (RFC7816) for the enhanced privacy of your users
- From: rubensk at gmail.com (Rubens Kuhl)
- Date: Wed, 11 Mar 2020 22:31:50 -0300
- In-reply-to: <[email protected]>
- References: <[email protected]> <471000904.3915.1568816367898.JavaMail.mhammett@ThunderFuck> <[email protected]> <[email protected]>
On Tue, Mar 10, 2020 at 5:30 PM Owen DeLong <owen at delong.com> wrote:
> For anyone considering enabling DOH, I seriously recommend reviewing Paul
> Vixieâ??s keynote at SCaLE 18x Saturday morning.
>
> https://www.youtube.com/watch?v=artLJOwToVY
>
> It contains a great deal of food for thought on a variety of forms of
> giving control over to corporations over things you probably donâ??t really
> want corporations controlling in your life.
>
>
Depends on your threat model: ISPs, Big Tech companies, State-level actors,
random hacker at the same Wi-Fi network. The problem with DoH is that
software developer picks the threat model he or she thinks is most
relevant, and applies to all use cases.
Solution is to ask user what is the user threat model and apply it. DoH/DoT
are not harmful per se, their indiscriminate usage is.
Rubens
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20200311/7be6c558/attachment.html>