The enterprise as well. I’m certain many are blindly unaware as this could have negative impacts beyond traditional control.
J~ > On Mar 11, 2020, at 20:43, Owen DeLong <o...@delong.com> wrote: > > > >> On Mar 11, 2020, at 18:31 , Rubens Kuhl <rube...@gmail.com> wrote: >> >> >> >>> On Tue, Mar 10, 2020 at 5:30 PM Owen DeLong <o...@delong.com> wrote: >>> For anyone considering enabling DOH, I seriously recommend reviewing Paul >>> Vixie’s keynote at SCaLE 18x Saturday morning. >>> >>> https://www.youtube.com/watch?v=artLJOwToVY >>> >>> It contains a great deal of food for thought on a variety of forms of >>> giving control over to corporations over things you probably don’t really >>> want corporations controlling in your life. >>> >> >> Depends on your threat model: ISPs, Big Tech companies, State-level actors, >> random hacker at the same Wi-Fi network. The problem with DoH is that >> software developer picks the threat model he or she thinks is most relevant, >> and applies to all use cases. >> >> Solution is to ask user what is the user threat model and apply it. DoH/DoT >> are not harmful per se, their indiscriminate usage is. >> >> >> Rubens >> > > Yes and no… > > DOH isn’t inherently bad, but every implementation of DOH that I am aware of > involves depriving the user of choice and/or control and also depriving > network operators of the ability to enforce the “my network, my rules” > concept. > > While I realize some may argue that this is desirable in some instances, > understand that I’m not talking about the ISP level, but even within the > home. Parents should be able to enforce DNS policy on their children, for > example. DOH allows the average child to generally bypass any such > limitations. Worse, most parents are unlikely to even realize that this is > the case. > > Owen >
