On Sun, Mar 18, 2018 at 5:27 PM Patrick McManus <pmcma...@mozilla.com> wrote:
> Obviously, using a central resolver is the downside to this approach - but > its being explored because we believe that using the right resolver can be > a net win compared to the disastrous state of unsecured local DNS and > privacy and hijacking problems that go on there. Its just a swamp out there > (you can of course disable this from about:studies or just by setting your > local trr.mode pref to 0 - but this discussion is meaningfully about > defaults.) > I believe that a good resolver makes all the difference. I'm just concerned about the privacy aspects of this, particularly since we're not really messaging this to users. Is there a reason we need a full 50% of Nightly population to get the data we need here? On that topic I'm interested in what data we expect to get, is it just comparing how the resolver performs from a variety of locations and for a variety of lookups? Is there some mechanism in place for users who's normal DNS resolver intentionally returns different results to global DNS (e.g. for region spoofing etc.)? > And in this case the operating agreement with the dns provider is part of > making that right choice. For this test that means the operator will not > retain for themselves or sell/license/transfer to a third party any PII > (including ip addresses and other user identifiers) and will not combine > the data it gets from this project with any other data it might have. A > small amount of data necessary for troubleshooting the service can be kept > at most 24 hrs but that data is limited to name, dns type, a timestamp, a > response code, and the CDN node that served it. > Not retaining IP addresses is good. Can they perform aggregate tracking of hostname requests, or tie common hostname requests from an origin together somehow? What is our recourse if they break this agreement (the recent Facebook debacle seems likely to make folks jumpy). _______________________________________________ dev-platform mailing list dev-platform@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-platform
