Chiming in here, as an operator of a DNS server or two and an Australian resident. (no other hats)
I have been watching the Data Retention shenanigans for some time, and I doubt I would be far wrong to say that there really aren't many Australian networking companies nor professionals who like the idea. Speaking with more self interest, I am happier with the DNS clarifications in the FAQ. It at least allows me to continue to operate a DNS server or two in Australia without having to heavily engage with a legal team and stacking boxes of paperwork to a ceiling. Also, it might be worth clarifying that (after having heard from the Attorney General's Panel at AusNOG last week) that "data retention obligations for the hosting of the server" essentially means "where is the server, and when did it start/stop" One then certainly has to ask oneself, since DNS query history is akin to browsing history and thus a function of subject data vis-a-vis content which is said to equal invasion of privacy. What is the point? The observation has been made that it seems like a lot of work for very little benefit to the Attorney General's department or anyone else. Does this ease the concerns of one government's oversight of internet infrastructure within the DPRIVE remit, probably - but doesn't remove the underlying premise. Cheers Terry On 1/09/2015 5:53 pm, "dns-privacy on behalf of Stephane Bortzmeyer" <[email protected] on behalf of [email protected]> wrote: >Interesting: > >Australian government's "DATA RETENTION Frequently Asked Questions for >Industry" ><https://www.ag.gov.au/NationalSecurity/DataRetention/Documents/DataRetent >ionIndustryFAQS.pdf> > >Note a new section on the DNS: > >8.3. Where I operate a Domain Name System (DNS) server, what data >retention >obligations do I have for this service? (NEW) >* The operation of the DNS is not a "relevant service", as it does not >carry communications or > enable communications to be carried. While a DNS server is convenient >to the carriage of > communications, it is not so central to the carriage of >communications that it enables them. >* Therefore, the operation of a DNS server does not have data retention >obligations. >* However, where the provider hosts the DNS server, it will have data >retention obligations for the > hosting of the server. >8.4. Where I offer an internet access service, do I have to retain DNS >requests from my >customers? (NEW) >* Where a provider offers an internet access service, the internet >access service provider does not > have to keep any DNS information. >* The DNS server is a "destination on the internet" and retaining that >information would reveal > browsing history. > >_______________________________________________ >dns-privacy mailing list >[email protected] >https://www.ietf.org/mailman/listinfo/dns-privacy
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ dns-privacy mailing list [email protected] https://www.ietf.org/mailman/listinfo/dns-privacy
