Comments (5)
The end goal here I have is that the amount of Obfuscated traffic for any given resolver should be a small percentage of their resolutions. So, big resolvers (Google, Cloudflare, Fastly, Akamai, Apple, etc) would be on the hook to make sure they help the ecosystem by supporting obfuscation. Little guys, not so much.
The trick is how to get to this point. I want to ensure that the parties that benefit the most from the system (by getting control of a lot of traffic that they can shape towards them) also give back by helping ensure user privacy for other names. That's why the existing approach is a bit harsh.
You're right that right now, the requirement has two dimensions of burden:
- Every DoH server needs to support Obfuscation (they need the implementation complexity)
- Every DoH server may face an arbitrary amount of traffic burden
We can choose to mitigate this on either front. I'm wondering if we can do something to determine the scale of the resolver before we make it do obfuscation, too.
from draft-pauly-adaptive-dns-privacy.
I think that we definitely should clarify something here: we want to make sure that the incentive structure is aligned correctly, but at the same time there are very real concerns for feasible deployment.
I think that's potentially different from allowing folks to separate their operational requirements for deployment and provisioning their infrastructure, allowing flexibility around deployment is really important whatever the incentive structure.
from draft-pauly-adaptive-dns-privacy.
@mcmanus, @tfpauly, @erickinnear, is there still something to be done here? Can we close this?
from draft-pauly-adaptive-dns-privacy.
@tfpauly I think we can close this out as overcome by events.
from draft-pauly-adaptive-dns-privacy.
Agreed
from draft-pauly-adaptive-dns-privacy.
Related Issues (20)
- Require proxies to passthrough HTTP error codes from target
- [ODoH] Client bootstrapping concerns. How should client obtain T's SVCB/HTTPS records? HOT 13
- DEER: Clarification of SUDN HOT 3
- Clarification of expectations in certain NAT environments HOT 7
- Bump ODoH version HOT 1
- Clarification on Opportunistic with respect to dns://resolver.arpa HOT 2
- minor: provide ipv6hint in examples HOT 2
- Provide guidance about which status codes should be forwarded HOT 1
- Describe allowances for proxy authentication
- [ODoH] how is path specified in SVCB RR? HOT 2
- Remove normative references to add-resolver-discovery and adaptive-dns-privacy
- Discuss handling of 3xx responses
- Add "outside the IETF" to the abstract
- Fix idnits issues for ODoH HOT 1
- Clarify collusion limitations in security considerations
- Revisit normative requirements language in ODoH
- Clarify Tor "cost" in ODoH
- Polish registry contents
- Describe "experimental" details
- Address David's review
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from draft-pauly-adaptive-dns-privacy.