On Aug 20, 2018, at 07:48, Vittorio Bertola <vittorio.bert...@open-xchange.com> wrote:
>> Il 19 agosto 2018 alle 19.02 Doug Barton <do...@dougbarton.us> ha scritto: >> And Jason, you missed a threat model, which is users who want to bypass >> their ISP's resolver. > > I think that there should be a lot more attention to this "use case" in this > discussion. It seems to me that the designers of DoH have in their minds a > romantic picture of the dissident in some authoritarian country trying to > escape censorship and save her own life, so that being able to bypass the > local ISP, obviously run by evil government cronies, would be a good thing. > > However, in most of the world, the reality is that the biggest motivation for > people to try bypassing the ISP's resolver is to access illegal Web content > that has been filtered out at the DNS level, such as unauthorized gambling > websites, illegal pornography, "free" football live streams (which are > usually full of malware), etc. - not to mention bots trying to contact their > command and control server without incurring into RPZ-based filtering. These are the same use-case, just viewed with different bias. Joe _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
