Re: Mozilla Firefox DoH to CloudFlare by default (for US users)?

[Ondřej Surý <ondrej@sury.org>]

On the privacy topic...

Slides: https://irtf.org/anrw/2019/slides-anrw19-final44.pdf

Paper: https://dl.acm.org/authorize.cfm?key=N687437

And you can get to the video recording from the ANRW 2019 pages: https://irtf.org/anrw/2019/program.html

We can discuss (and it has been discussed) ad nauseam, but the point is that nobody (certainly I am not) is asking for crippling DoH, but I just strongly believe it’s in the line with other Debian work that we should not send data to 3rd party DNS service without explicit user consent.

Otherwise it doesn’t make any sense to remove external links to logos and _javascript_ from the documentation and then send everything to one single US-based provider.

Ondrej

--

Ondřej Surý <ondrej@sury.org>

On 8 Sep 2019, at 23:29, Marco d'Itri <md@linux.it> wrote:

On Sep 08, Ondřej Surý <ondrej@sury.org> wrote:

I would rather see an explicit statement. I would be very surprised

with Debian’s usual stance regarding the users’ privacy that we would

not consider this as a privacy violation, but again I am not Firefox

maintainer in Debian and I would rather hear from them than speculate

on my own.

I think that this is a privacy enhancement, since it prevents some major
ISPs from spying on users DNS queries. When it will be enabled in other
countries it will prevent government-mandated (or "encouraged")
censorship.
It would be a terrible signal if Debian decided to disable an
anti-censoship feature provided by an upstream vendor.

--
ciao,
Marco