[prev in list] [next in list] [prev in thread] [next in thread]
List: afnog
Subject: Re: [afnog] Trusted Recursive Resolver (DoH)
From: Iyedi Goma <iyedigoma () gmail ! com>
Date: 2019-04-02 16:49:07
Message-ID: CAAqM9kHwjb28fb0mWBgxCXzzO89FSAn8QC1gPN-HwDnySPJqNA () mail ! gmail ! com
[Download RAW message or body]
[Attachment #2 (multipart/alternative)]
hello SM
i'll comment inline
Le mar. 2 avr. 2019 =C3=A0 17:26, S. Moonesamy <sm+af@afrinic.net> a =C3=A9=
crit :
> Dear Serge,
> At 01:21 AM 02-04-2019, Iyedi Goma wrote:
> >i m very glad to reed your email , in wich i have a specific interest;
>
> Thank you for the interest in the topic. I'll comment inline.
>
> >in this specific case the questions could be if is good or bad in
> >the situation where you don't trust your ISP , yes using remote
> >resolution could be good
>
> In my opinion, that is a good question.
>
> >2-DNS is an application level service no more in network layer
> > the question may be if is good or bad, one of the mojor argument
> > of those who promoted DoH like mozilla they strongly think that the
> > application provider is smarter than the user, and is honest but we
> > can raise the point where application is smarter than the user and
> > is dishonest ...
> >it will be bad if the remote DoH server provided by the application
> >maker fails , if the application maker's interests and the user's
> >interests are in conflit or opposite
>
> I haven't had time to follow how Mozilla is promoting DoH in or
> outside the region. As you mentioned, the interests of the
> application provider could be in conflict with the interests of the user.
>
> >3- if the DOH as default this will mean each application maker can
> >hardwire their own remote resolver
> >
> >**** this will concentrate more power to browser makers like apple,
> >mozilla, google,microsoft they will have 90% of market control ,90%
> >of world's web traffic and resolution, and they are all in the same
> >country and juridiction, you can easlily imagine how the new world
> >will became ?
>
> This is not directly related to the above. There is an academic
> paper which mentioned that there was "a considerable degree of
> consolidation within the DNS space between November 2011 and May 2017".
>
> >my last point is about performance and the cost
> >i'm not an expert on mesure, but people need to think about the
> >impact on this pushing dns trafic via http will rise trafic on
> >network, it may seems no thing according to some perpective but when
> >you have thousand of users sending queries by https the volume of
> >ISP traffic will increase,
> >we know that 70% of Internet users in Africa use mobile (gsm) whith
> >the model of payement based on volume use, more data you use more
> >you paye, i don't have any statistique on this but surely this will
> >cost some thing.
>
> There are some statistics at
>
> https://www.itu.int/en/ITU-D/Statistics/Documents/statistics/2018/Mobile_=
cellular_2000-2017_Dec2018.xls
>
>
tks for the link i will find time to analyze
> >all this debate is about havening appropriate policies, and them
> >the question is if you trust you ISP, if you trust your regulator
> policies?
>
> Yes.
>
> >we are at the point of dilemma on who should chooses ours
> >resolvers? the user, the isp? the browser? and who should be
> >entitled to apply does policies the government,the resolver??....
>
> There are various forums in which those matters are discussed. Some
> of them are at the national level.
>
yes like IGF, which can be a nice plateforme to exchange, once again this
may need a good debate
in our region we have several IGF process it will be good that those items
feets with the local realities and the follow up after the event
tks
>
> Regards,
> S. Moonesamy
>
>
[Attachment #5 (text/html)]
<div dir="ltr"><div>hello SM</div><div>i'll comment inline<br></div><br><div \
class="gmail_quote"><div dir="ltr" class="gmail_attr">Le mar. 2 avr. 2019 Ã 17:26, \
S. Moonesamy <<a href="mailto:sm%2Baf@afrinic.net">sm+af@afrinic.net</a>> a \
écrit :<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px \
0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">Dear Serge,<br> At \
01:21 AM 02-04-2019, Iyedi Goma wrote:<br> >i m very glad to reed your email , in \
wich i have a specific interest;<br> <br>
Thank you for the interest in the topic. I'll comment inline.<br>
<br>
>in this specific case the questions could be if is good or bad in <br>
>the situation where you don't trust your ISP , yes using remote <br>
>resolution could be good<br>
<br>
In my opinion, that is a good question.<br>
<br>
>2-DNS is an application level service no more in network layer<br>
> the question may be if is good or bad, one of the mojor argument <br>
> of those who promoted DoH like mozilla they strongly think that the <br>
> application provider is smarter than the user, and is honest but we <br>
> can raise the point where application is smarter than the user and <br>
> is dishonest ...<br>
>it will be bad if the remote DoH server provided by the application <br>
>maker fails , if the application maker's interests and the user's <br>
>interests are in conflit or opposite<br>
<br>
I haven't had time to follow how Mozilla is promoting DoH in or <br>
outside the region. As you mentioned, the interests of the <br>
application provider could be in conflict with the interests of the user.<br>
<br>
>3- if the DOH as default this will mean each application maker can <br>
>hardwire their own remote resolver<br>
><br>
>**** this will concentrate more power to browser makers like apple, <br>
>mozilla, google,microsoft they will have 90% of market control ,90% <br>
>of world's web traffic and resolution, and they are all in the same <br>
>country and juridiction, you can easlily imagine how the new world <br>
>will became ?<br>
<br>
This is not directly related to the above. There is an academic <br>
paper which mentioned that there was "a considerable degree of <br>
consolidation within the DNS space between November 2011 and May 2017".<br>
<br>
>my last point is about performance and the cost<br>
>i'm not an expert on mesure, but people need to think about the <br>
>impact on this pushing dns trafic via http will rise trafic on <br>
>network, it may seems no thing according to some perpective but when <br>
>you have thousand of users sending queries by https the volume of <br>
>ISP traffic will increase,<br>
>we know that 70% of Internet users in Africa use mobile (gsm) whith <br>
>the model of payement based on volume use, more data you use more <br>
>you paye, i don't have any statistique on this but surely this will <br>
>cost some thing.<br>
<br>
There are some statistics at <br>
<a href="https://www.itu.int/en/ITU-D/Statistics/Documents/statistics/2018/Mobile_cellular_2000-2017_Dec2018.xls" \
rel="noreferrer" target="_blank">https://www.itu.int/en/ITU-D/Statistics/Documents/statistics/2018/Mobile_cellular_2000-2017_Dec2018.xls</a><br>
<br></blockquote><div><br></div><div>tks for the link i will find time to analyze \
<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px \
0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"> >all this debate \
is about havening appropriate policies, and them <br> >the question is if you \
trust you ISP, if you trust your regulator policies?<br> <br>
Yes.<br>
<br>
>we are at the point of dilemma on who should chooses ours <br>
>resolvers? the user, the isp? the browser? and who should be <br>
>entitled to apply does policies the government,the resolver??....<br>
<br>
There are various forums in which those matters are discussed. Some <br>
of them are at the national \
level.<br></blockquote><div><br></div><div><br></div><div>yes like IGF, which can be \
a nice plateforme to exchange, once again this may need a good debate</div><div>in \
our region we have several IGF process it will be good that those items feets with \
the local realities and the follow up after the \
event</div><div><br></div><div><br></div><div>tks<br></div><blockquote \
class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid \
rgb(204,204,204);padding-left:1ex"> <br>
Regards,<br>
S. Moonesamy <br>
<br>
</blockquote></div></div>
_______________________________________________
afnog mailing list
https://www.afnog.org/mailman/listinfo/afnog
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic