nanog mailing list archives
Re: This DNS over HTTP thing
From: Damian Menscher via NANOG <nanog () nanog org>
Date: Tue, 1 Oct 2019 12:38:10 -0700
On Tue, Oct 1, 2019 at 12:24 PM Jay R. Ashworth <jra () baylink com> wrote:
----- Original Message -----From: "Stephane Bortzmeyer" <bortzmeyer () nic fr> To: "Jeroen Massar" <jeroen () massar ch>While the 'connection to the recursor' is 'encrypted', the recursor is still in clear text... one just moves who can see what you are doing with this.As with any cryptographic protocol. Same thing with VPNs, SSH and whatever: the remote end can see what you do. What's your point?I'm still assimilating this, but based on what I've read this half hour, his point is that "*it's none of Alphabet's damn business* where I go that isn't Google".
What's missing from this discussion are some basic facts, like "is Google going to change your DNS settings to 8.8.8.8?" The opening paragraph of https://blog.chromium.org/2019/09/experimenting-with-same-provider-dns.html reads: "This experiment will be done in collaboration with DNS providers who already support DoH, with the goal of improving our mutual users’ security and privacy by upgrading them to the DoH version of their current DNS service. With our approach, the DNS service used will not change, only the protocol will. As a result, existing content controls of your current DNS provider, including any existing protections for children, will remain active." Could someone provide a reference of Google saying they'll change the default nameserver? Without that, I think all of Jeroen's arguments fall apart? Damian
Current thread:
- Re: This DNS over HTTP thing, (continued)
- Re: This DNS over HTTP thing Jeroen Massar (Oct 01)
- Re: This DNS over HTTP thing Stephane Bortzmeyer (Oct 01)
- Re: This DNS over HTTP thing Jeroen Massar (Oct 01)
- Re: This DNS over HTTP thing Jared Mauch (Oct 01)
- Re: This DNS over HTTP thing Stephane Bortzmeyer (Oct 01)
- Re: This DNS over HTTP thing Jared Mauch (Oct 01)
- Re: This DNS over HTTP thing Jeroen Massar (Oct 01)
- Re: This DNS over HTTP thing Ca By (Oct 01)
- Re: This DNS over HTTP thing Matt Harris (Oct 01)
- Re: This DNS over HTTP thing Jay R. Ashworth (Oct 01)
- Re: This DNS over HTTP thing Damian Menscher via NANOG (Oct 01)
- Re: This DNS over HTTP thing K. Scott Helms (Oct 01)
- Re: This DNS over HTTP thing Warren Kumari (Oct 01)
- Re: This DNS over HTTP thing Valdis Klētnieks (Oct 01)
- Re: This DNS over HTTP thing John Levine (Oct 02)
- Re: This DNS over HTTP thing Alain Hebert (Oct 02)
- Re: This DNS over HTTP thing Frank Habicht (Oct 01)
- Re: This DNS over HTTP thing Matt Corallo (Oct 01)
- Re: This DNS over HTTP thing Jay R. Ashworth (Oct 01)
- Re: This DNS over HTTP thing Jeroen Massar (Oct 01)
- Re: This DNS over HTTP thing Damian Menscher via NANOG (Oct 01)