,
18 tweets,
8 min read
Read on Twitter
"DoH" is an expression many associate with this guy 👇👇👇 rather than a web-based encryption technology at the center of political controversy.
1/18
1/18
Now that I have had some time to recover from the fact that the opaque #IETF protocols I study are front-page news, here are some thoughts on DoH from an anthro who spends a lot of time w the companies that develop & implement it.
F R O N T P A G E
wsj.com/articles/googl… 3/
F R O N T P A G E
wsj.com/articles/googl… 3/
First, Doh stands for DNS over HTTPS. This stands for Domain Name System over Hyper Text Transfer Protocol Secure.
The DNS is like the phonebook of the Internet, connecting website names to their corresponding IP addresses. 4/18
The DNS is like the phonebook of the Internet, connecting website names to their corresponding IP addresses. 4/18
It is also one of the few unencrypted parts that make up the invisible infrastructure of the Internet.
Making it like the only bank in town w/o a vault. Or the only to send out bank statements in transparent envelopes.
[enter your own Willie Sutton DNS pun here] 5/18
Making it like the only bank in town w/o a vault. Or the only to send out bank statements in transparent envelopes.
[enter your own Willie Sutton DNS pun here] 5/18
The websites you look up, like bank statements, say a lot about who you associate with, where you go, and what you are interested in.
Potentially sensitive data, with potential real consequences if used by actors with malicious intent.
6/18
Potentially sensitive data, with potential real consequences if used by actors with malicious intent.
6/18
This lack of encryption means the DNS is currently used by governments & hackers alike to achieve their policy aims, whether this is stealing personal information, enforcing parental controls, or censoring wikipedia and, ofcourse... porn.
arstechnica.com/tech-policy/20…
7/18
arstechnica.com/tech-policy/20…
7/18
Whether this is a good or bad use of the DNS has pitted different stakeholders against each other:
Govt's VS. civil liberties NGOs
Network operators VS. browsers
DNs folks VS. other DNS folks
etc. etc. etc.
8/18
Govt's VS. civil liberties NGOs
Network operators VS. browsers
DNs folks VS. other DNS folks
etc. etc. etc.
8/18
Whether DoH is the answer to this situation has also pitted different stakeholders against each other:
ISPs + telcos VS. browsers + their chosen DNS operators
etc. etc. etc.
9/18
ISPs + telcos VS. browsers + their chosen DNS operators
etc. etc. etc.
9/18
In that process, these discussions are converging as the ISPs + telcos are reaching out to govt's citing DoH #antitrust concerns.
(I will leave it to someone else to write a thread unpacking whether these concerns are the pot calling the kettle black). 10/18
(I will leave it to someone else to write a thread unpacking whether these concerns are the pot calling the kettle black). 10/18
How this tug of war plays out is likely to have several complicated effects for all of us hanging out on the web.
I highlight 3 below:
11/18
I highlight 3 below:
11/18
1. Who do you trust?
DoH can bring real privacy protections, but it does require trust i/t DNS resolvers that browsers chose. i.e. it involves trusting #Google (& its choice of DNS resolver errrrrr... Google) or trusting Mozilla (and its choice #Cloudflare) mean better #privacy.
DoH can bring real privacy protections, but it does require trust i/t DNS resolvers that browsers chose. i.e. it involves trusting #Google (& its choice of DNS resolver errrrrr... Google) or trusting Mozilla (and its choice #Cloudflare) mean better #privacy.
2. Who watches the Internet Watchmen?
Currently, _a lot_ Internet traffic runs through Google. DoH could give them singular access to user data by cutting off ISP and telcos from these streams. Who watches Google to see if they use this "great power with great responsibility"?
Currently, _a lot_ Internet traffic runs through Google. DoH could give them singular access to user data by cutting off ISP and telcos from these streams. Who watches Google to see if they use this "great power with great responsibility"?
3. Who runs the Internet?
The Internet is consolidating, meaning it is increasingly run by a decreasing number of companies. This shifts the power relations between these companies. DoH has the potential to change this balance in favor of current behemoths, like Google.
14/18
The Internet is consolidating, meaning it is increasingly run by a decreasing number of companies. This shifts the power relations between these companies. DoH has the potential to change this balance in favor of current behemoths, like Google.
14/18
How? Well.. that's TBD. But here are some civil society folks involved in the debate you could ask:
@EFF: eff.org/deeplinks/2019…
as well as @JoeBeOne @MalloryKnodel @GurshabadGrover
@teirdes @bortzmeyer
15/18
@EFF: eff.org/deeplinks/2019…
as well as @JoeBeOne @MalloryKnodel @GurshabadGrover
@teirdes @bortzmeyer
15/18
And here are some researchers following the debates whose work you might want to read:
@IGPAlert: internetgovernance.org/2019/09/30/wai…
as well as @nickdoty @nielstenoever @LauraDeNardis and this spiffy collection of folks: twitter.com/i/timeline
16/18
@IGPAlert: internetgovernance.org/2019/09/30/wai…
as well as @nickdoty @nielstenoever @LauraDeNardis and this spiffy collection of folks: twitter.com/i/timeline
16/18
As for my PhD research, if anything this debate shows the complexity behind understanding the social impact of protocols.
17/18
17/18
And the complexity of being an NGO employed technologist caught i/t debate. DoH raising thorny dilemmas re:
- which concerns to privilege: privacy or consolidation?
- which (strange) bedfellows to make: gov't or google?
- which strategies forward: legal or network code? 18/18
- which concerns to privilege: privacy or consolidation?
- which (strange) bedfellows to make: gov't or google?
- which strategies forward: legal or network code? 18/18
