[ALAC] The consolidated approach proposed by Keith Drazek

Mon May 6 16:04:40 UTC 2019

Thanks very much, Olivier and Andrei, for the technical details.

A follow-up comment: Many regulators and Governments are not likely to be
happy with DoH/DoT, as these will undermine DNS-based site blocking that
many Governments currently use. I wonder how they will respond, and if this
is likely to impede scaling of these technologies (or if they can legally
block these).

satish

On Mon, May 6, 2019 at 9:17 PM Olivier MJ Crépin-Leblond <ocl at gih.com>
wrote:

> Dear Satish,
>
> DoH is attractive to some organisations because it is the missing piece of
> the puzzle that algorithms could use to learn more about you. Yes, it is a
> niche technology, but today the "owners" of the metadata of all of the
> addresses that you go to, derived from DNS queries, is actually
> distributed. The Root operators know what TLDs you use most. An ISP that
> runs the local resolver knows what addresses you access. In fact, anyone
> can scan and eavesdrop on your DNS queries to derive meta-information about
> your browsing habits. DoH closes the door to this third party
> meta-information gathering, to bring it to a closed group of players that
> already have cookies, IP addresses, your log-in account, email, and any
> other services which you use on the cloud with the meta-data of all of your
> DNS enquiries. It is one more piece of the puzzle towards tracking you.
> In the future it would also be possible to, by the flick of a switch,
> switch off the DNS queries and keep solely to the DoH queries based on a
> snapshot of the Internet's addresses.
> The difference between this and other systems is that alternative roots
> required an intervention from the user to switch to an alternative root,
> which was a less stable system than the DNS's 13 roots. Plus, alternative
> DNSes did not have that essential element of providing so much data for a
> single entity thus there was no commercial drive to go that way. DoH has
> all the elements for a perfect storm, from industry consolidation to
> generation of more meta-data in-house, value creation through better
> tracking and big players already really interested in implementing it.
> That's the threat and that's why it is important.
> Kindest regards,
>
> Olivier
>
> On 06/05/2019 15:54, Satish Babu wrote:
>
> I'd be curious to know what makes DoH more attractive in comparison with
> the existing DNS service in order for it to completely displace DNS.
>
> The key question is if DoH will remain a niche technology (similar to
> first- and second-generation DNS substitutes ranging from TOR, FreeNet, and
> I2P to the very new Ethereum Name Service, all of which are likely to
> remain niche), or if it's likely to scale up as a direct (and effective)
> substitute to the generic DNS, noting that it does avoid several security
> pitfalls (including eavesdropping/tracking, man-in-the-middle etc).
>
> Also, from an Internet Consolidation perspective, DoH appears to make
> things even more centralized...not necessarily a good thing for end-users.
>
>
>
>
>
>
> satish
>
>
>
>
> On Mon, May 6, 2019 at 6:51 PM Seun Ojedeji <seun.ojedeji at gmail.com>
> wrote:
>
>> Hello Olivier,
>>
>> I hear you and am looking forward to more details on how that relegation
>> of ICANN could happen in practice.....am sure not against having DoH on HIT
>> but I hope we will first ensure to give end-users the technological details
>> of DoH(in a layman way) before we move on to its political implications as
>> I certainly don't think DoH threatens ICANN's root management role as you
>> seem to suggest; perhaps for now one can say it could move the direction of
>> a few USDs ;-)
>>
>> Regards
>>
>> On Mon, May 6, 2019 at 1:18 PM Olivier MJ Crépin-Leblond <ocl at gih.com>
>> wrote:
>>
>>> Yup -- in DoH think about a naming system solely run and controlled by
>>> the cloud providers that have signed up for DoH. That can easily replace
>>> the DNS altogether and relegate ICANN to a glitch in history.
>>> Kindest regards,
>>>
>>> Olivier
>>>
>>> On 06/05/2019 13:39, Sebastien Bachollet wrote:
>>>
>>> DoH is not at all today a technical question (even if we need to
>>> understand the technology).
>>> It is a huge political issues particularly to all Internet users.
>>> SeB
>>>
>>> Envoyé de mon iPhone
>>>
>>> Le 6 mai 2019 à 13:13, Seun Ojedeji <seun.ojedeji at gmail.com> a écrit :
>>>
>>> Hello Maureen,
>>>
>>> I assume the text in blue are your recommendations? if yes then am fine
>>> with the suggestion, if there is an intention to further reduce the list,
>>> my preference of item that I think should be retained are 4, 1, 5 in that
>>> order before others can then follow. The DoH may be better suited for the
>>> techday.
>>>
>>> Regards
>>>
>>> On Sun, May 5, 2019 at 4:34 AM Maureen Hilyard <
>>> maureen.hilyard at gmail.com> wrote:
>>>
>>>> Hi all
>>>>
>>>> I finally found what I was looking for. This was Keith's consolidated
>>>> approach proposed on April 30 for your consideration (to mnimise the number
>>>> of HIT sessions in Marrakech)
>>>>
>>>> 1  Impact of GDPR and EPDP Phase 1 Recommendations on Existing
>>>> Policies and Procedures.
>>>>
>>>> Combine 1.1, 1.2 and 1.3 into one session
>>>>
>>>> 1.1 Combatting Abuse with GDPR
>>>>
>>>> 1.2 Privacy-Proxy Implementation
>>>>
>>>> 1.3 Across Field Validation
>>>>
>>>>
>>>> 2 EPDP Phase 2 / Uniform Access Model
>>>>
>>>> REMOVE these two proposed sessions because EPDP Phase 2 work will only
>>>> have been under way for 6 weeks by the time we arrive in Marrakech. It may
>>>> be premature to schedule a HIT/CC session - possibly defer this to ICANN66
>>>> in Montreal
>>>>
>>>> 3 Sessions that are merely updates can be provided as a pre-meeting
>>>> webinar.
>>>>
>>>> 3.1 ATRT3
>>>>
>>>> 3.2 SSR-2
>>>>
>>>> 3.3 NomCom Review
>>>>
>>>>
>>>> 4 Future of Multistakeholder Model Governance
>>>>
>>>> Is necessary to complete the project kicked off in Kobe by the year's
>>>> end. Clearly a topic of interest to the entire community. This session
>>>> should be included.
>>>>
>>>>
>>>> 5 Enhance Effectiveness of Specific Review Recommedations and their
>>>> Implementation
>>>>
>>>> This session is timely, particularly with developments around the
>>>> Board's actions on the CCT-RT recommendations . This session should be
>>>> included
>>>>
>>>>
>>>> 6 Universal Acceptance
>>>>
>>>> There was a good bit of discussion in Kobe and it is an issue that
>>>> appears to be generating increased interest. With the meeting being held in
>>>> Marrakech, it is a good opportunity to continue discussions on the UA
>>>> and IDM-related issues.
>>>>
>>>>
>>>> 7 DNS over HTTPS (DoH)
>>>>
>>>> Not seen as having broad community interest at this time. Could
>>>> possibly be a regular session but would REMOVE.
>>>>
>>>>
>>>> 8 GNSO proposing these topics for one CC session
>>>>
>>>> 8.1 Rules for Uniform Domain Name Dispute Resolution Policy
>>>>
>>>> 8.2 Uniform Rapid Suspension system (URS) rules
>>>>
>>>> 8.3 WHOIS Data Reminder Policy
>>>>
>>>> 8.4 Transfer Policy
>>>>
>>>> 8.5 Transfer Dispute Resolution Policy
>>>>
>>>> 8.6 Across Field Validation
>>>>
>>>> 8.7 Process for handing RAA Data Retention Waiver Requests
>>>>
>>>> 8.8 Registration Data Access Protocol (RDAP)
>>>>
>>>> 8.9 WHOIS Accuracy Reporting System (ARS)
>>>>
>>>> 8.10 Thick WHOIS Transition policy for .com, .net, .jobs
>>>>
>>>> Comments please
>>>> Maureen
>>>> _______________________________________________
>>>> ALAC mailing list
>>>> ALAC at atlarge-lists.icann.org
>>>> https://atlarge-lists.icann.org/mailman/listinfo/alac
>>>>
>>>> At-Large Online: http://www.atlarge.icann.org
>>>> ALAC Working Wiki:
>>>> https://community.icann.org/display/atlarge/At-Large+Advisory+Committee+(ALAC)
>>>
>>>
>>>
>>> --
>>> ------------------------------------------------------------------------
>>>
>>>
>>>
>>>
>>>
>>> *Seun Ojedeji, Federal University Oye-Ekiti web:
>>> http://www.fuoye.edu.ng <http://www.fuoye.edu.ng> Mobile: +2348035233535 **alt
>>> email: <http://goog_1872880453>seun.ojedeji at fuoye.edu.ng
>>> <seun.ojedeji at fuoye.edu.ng>*
>>>
>>> Bringing another down does not take you up - think about your action!
>>>
>>>
>>> _______________________________________________
>>> ALAC mailing list
>>> ALAC at atlarge-lists.icann.org
>>> https://atlarge-lists.icann.org/mailman/listinfo/alac
>>>
>>> At-Large Online: http://www.atlarge.icann.org
>>> ALAC Working Wiki:
>>> https://community.icann.org/display/atlarge/At-Large+Advisory+Committee+(ALAC)
>>>
>>>
>>> _______________________________________________
>>> ALAC mailing listALAC at atlarge-lists.icann.orghttps://atlarge-lists.icann.org/mailman/listinfo/alac
>>>
>>> At-Large Online: http://www.atlarge.icann.org
>>> ALAC Working Wiki: https://community.icann.org/display/atlarge/At-Large+Advisory+Committee+(ALAC)
>>>
>>>
>>> --
>>> Olivier MJ Crépin-Leblond, PhDhttp://www.gih.com/ocl.html
>>>
>>>
>>
>> --
>> ------------------------------------------------------------------------
>>
>>
>>
>>
>>
>> *Seun Ojedeji, Federal University Oye-Ekiti web:
>> http://www.fuoye.edu.ng <http://www.fuoye.edu.ng> Mobile: +2348035233535 **alt
>> email: <http://goog_1872880453>seun.ojedeji at fuoye.edu.ng
>> <seun.ojedeji at fuoye.edu.ng>*
>>
>> Bringing another down does not take you up - think about your action!
>>
>>
>> _______________________________________________
>> ALAC mailing list
>> ALAC at atlarge-lists.icann.org
>> https://atlarge-lists.icann.org/mailman/listinfo/alac
>>
>> At-Large Online: http://www.atlarge.icann.org
>> ALAC Working Wiki:
>> https://community.icann.org/display/atlarge/At-Large+Advisory+Committee+(ALAC)
>
>
> --
> Olivier MJ Crépin-Leblond, PhDhttp://www.gih.com/ocl.html
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://atlarge-lists.icann.org/pipermail/alac/attachments/20190506/29411c52/attachment.html>