[Cryptography] Let's not talk about DoH, or Well, that only took ten years

[John Levine]

In article <CABrRNSVPC8N=TpN4G8r+d0JnmR8X7X8PdfLKFQ-eVr6=FOpzpw at mail.gmail.com> you write:
>The next major advance in browser PKI is already here in Firefox. It is DNS
>over HTTPS which needs to be manually turned on (separately, the default
>resolver, provided by Cloudflare, also supports DNSSEC). ...

For anyone who hasn't been paying attention, DoH is an incredible can
of worms.  Yes, it protects your DNS query stream against snooping,
but you can get that much more cheaply with DNS over TLS or DoT,
described in RFC 8310.

Although there are some uncontroversial uses of DoH (e.g. letting
Javascript apps look up TXT and NAPTR records) its main point is to
hide the DNS traffic in HTTPS traffic and circumvent networks' DNS
filters.  If you believe that network managers are all malicious, a
surprisingly popular viewpoint in the IETF, this is good.  Those of us
who use DNS filters to keep our users away from malware droppers and
botnet command and control hosts, and use split horizon DNS so our
users can use local network resources, find it not good at all.

Where there are politically mandated DNS filters, e.g., the ones in
Quebec against gambling sites that compete with the provincial lotto,
even though it's technically easy to circumvent them, most people
don't.  If the policitians hear that a lot of people are circumventing
them via DoH, we can expect the filters to get a lot more intrusive,
not just using DNS, with a lot more collateral damage.  Be careful
what you wish for.

These two factions have been arguing past each other for at least a year
with no resolution in sight.  The arguments have nothing to do with the
technology of DoH, which is trivial, but with the politics of who controls
what gets onto whose networks.

This has nothing to do with cryptography, so let's not talk about it
here.

R's,
John