> On Nov 20, 2018, at 9:01 PM, Joe Abley <jab...@hopcount.ca> wrote: > > Hi Alissa! > > On Nov 20, 2018, at 20:18, Alissa Cooper <ali...@cooperw.in> wrote: > >> I support Benjamin's first DISCUSS point. In addition to documenting the >> privacy considerations, I think it's important for this document to be >> crystal >> clear about who is meant to be doing the data collection -- namely, the >> server >> operator. There are some statements in the document that otherwise could be >> construed to be encouraging third-party passive monitoring of DNS traffic >> without explaining why, which seems like a problem: > > I think it may be worth exploring why that's a problem. > > I think a capture format should be oblivious to the circumstances of > the capture;
Ok. This document is not at all oblivious, though (see Section 3). I read the document to be implicitly assuming the server operator to be doing (or at least in control of) the data collection, which is why the two statements I pointed out seemed so striking for their lack of declaring that limitation. If the document was meant to be oblivious, it shouldn’t make normative (in the dictionary definition sense) claims about what is ideal, optimal, or necessary. Alissa > otherwise you're heading down a road well-trodden by such > ludicrous ideas as text format definitions putting restrictions on the > kinds of stories people can write, or scripts that are not to be used > to write particular words. > > The usefulness of a capture format is not improved by putting > conditions on its use, and neither is user privacy. The way to privacy > is surely to use transports where clear text is only available where > it needs to be visible. > > So I don't understand your comment. (Quite possibly I'm just being > dim; I just got home from Bangkok. I came the long way round.) > > I think providing use-cases in the document to illustrate what it's > for us good, but I don't think they should be prescriptive (in any > direction). > > > Joe _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop