[NA-Discuss] Fwd: [Internet Policy] Mozilla public consultation on DNS over HTTPS

Jothan Frakes jothan at gmail.com
Thu Nov 19 23:26:50 UTC 2020

I appreciate your raising awareness of this comment period.

One concern that exists for DoH / DoT (or even DoQ) usage, is with respect
to providers - that one trusts the provider on what they might be
intervening with.  Typically, this is about what they are blocking and
why.  I suspect the focus is rather significant things being BLOCKED, but
how much attention is there on the things that they might ADD?   What is to
prevent a DoH provider from injecting their own TLDs or alternative roots
at the top level outside of the MSM processes and/or circumnavigating the
i* vetting processes like were used for .onion or other special use TLDs?

As many of the DoH providers are private and/or proprietary, something akin
to the commitment Mozilla adheres to for the Public Suffix List, where
things that are not compliant with the ICP-3 Document [
or have been vetted through IETF/IAB et al I* are excluded.  This helps
with continuity with respect to the root and TLDs that the resolution
process will (or won't) support.

If DoH providers pledge to only resolve the items in the ICP-3 root or
those strings carefully vetted via I* processes, and furthermore pledges to
mute or block any traffic from strings that are non-compliant being sent
out to the root nameservers, this would aid in a better measurement of Name
Collision data, and perform the valuable function of controlled
interruption in advance of the coveted next round, while playing a valuable
service in improving what outcomes we might see from things like Name
Collision noise measurement at the root.


Jothan Frakes

On Thu, Nov 19, 2020 at 12:06 PM Eduardo Diaz <eduardodiazrivera at gmail.com>

> If anyone cares to comment...
> -ed
> ---------- Forwarded message ---------
> From: Ayden Férdeline via InternetPolicy <internetpolicy at elists.isoc.org>
> Date: Thu, Nov 19, 2020 at 12:24 PM
> Subject: [Internet Policy] Mozilla public consultation on DNS over HTTPS
> To: ISOC INTERNETPOLICY <internetpolicy at elists.isoc.org>
> Dear all,
> I am sharing this public consultation for information purposes only.
> The Mozilla Corporation has launched a public consultation to crowd source
> ideas, recommendations, and insights that can help Mozilla to maximize the
> security and privacy-enhancing benefits of DNS over HTTPS before it is
> rolled out in Firefox outside of the United States. (Firefox users in the
> United States already benefit from it.)
> If of interest, you can find more information on how to submit a comment
> here:
> https://blog.mozilla.org/netpolicy/2020/11/18/doh-comment-period-2020/
> Comments are accepted until 4 January 2021.
> Best wishes,
> Ayden Férdeline
> _______________________________________________
> To manage your Internet Society subscriptions
> or unsubscribe, log into the Member Portal at
> https://admin.internetsociety.org/622619/User/Login
> and go to the Preferences tab within your profile.
> -
> View the Internet Society Code of Conduct:
> https://www.internetsociety.org/become-a-member/code-of-conduct/
> --
> *NOTICE:* This email may contain information which is confidential and/or
> subject to legal privilege, and is intended for the use of the named
> addressee only. If you are not the intended recipient, you must not use,
> disclose or copy any part of this email. If you have received this email by
> mistake, please notify the sender and delete this message immediately.
> ------
> NA-Discuss mailing list
> NA-Discuss at atlarge-lists.icann.org
> https://atlarge-lists.icann.org/mailman/listinfo/na-discuss
> Visit the NARALO online at http://www.naralo.org
> ------
> _______________________________________________
> By submitting your personal data, you consent to the processing of your
> personal data for purposes of subscribing to this mailing list accordance
> with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and
> the website Terms of Service (https://www.icann.org/privacy/tos). You can
> visit the Mailman link above to change your membership status or
> configuration, including unsubscribing, setting digest-style delivery or
> disabling delivery altogether (e.g., for a vacation), and so on.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://atlarge-lists.icann.org/pipermail/na-discuss/attachments/20201119/2f6eb809/attachment-0001.html>

More information about the NA-Discuss mailing list