• Kick-off question from Sandra: Who are we designing encrypted DNS protocols for?
    • Idea from Benno (who couldn't be present in the session): these protocols need to be designed to work for everybody.
    • Alec: I don't think "designing for everybody" would go well. DNS is a distributed protocol; it is a distributed database. It is very presumpuous of us to designate threat models onto third parties. Telling users how much privacy they are allowed to have (i.e., the security/privacy properties of encrypted DNS protocols) will inevitable have consequences. It may drive them underground.
    • Sandra: I agree, but most people don't know what DNS is, nor DoT/DoH. They don't necessarily know what decisions to make.
    • Paul: Historically, the IETF has been pretty bad at predicting user behavior. The development of the Internet in general has shown that every new protocol has been bent (and that may be one of the charms of the Internet!) There's clearly a need for better education. The best we can do right now is "turn loose" a bunch of stuff (e.g., protocols) and see what sticks.
    • Paras: Until now, every presentation I've heard on encrypted DNS has been about how to get the lowest latency. Alec, I like that your presentation doesn't just focus on getting the lowest latency, but rather something that's acceptable. However, I have kids in my house, and they're really impatient. If I ask my 13 y/o, they just want the fastest protocol; they're not as concerned about privacy. Thus, the decisions we make about protocols and tradeoffs between latency/privacy are very individualistic.
    • Alec: In my experience, waiting for Netflix with DoHoT is not too bad. It's no worse than using 4G in a well-served area. Occasionally, you go through days where there's extra latency for a brand new domain name that isn't cached, but otherwise that's lost in the noise. I can't speak for your kid, but I'm just happy to make something that just works. I want to make the point that latency is a budget, not a cost.
    • Simone: Because of my work with OONI, I spend a lot of time speaking with users not in the West. I am humbled by the amount of information these people have about censorship, and how to circumvent it, e.g. with DoT/DoH/VPNs. They know this out of necessity. I believe that on the one hand saying that users are "dumb" is true to an extent, but we have to qualify this statement. Increasingly, this is not becoming the case. Who am I designing for: everyone where "everyone" means people that have difficulties using it. I would encourage us to design stuff that considers everyone in the world.
    • Sudheesh: I did not mean to say that users are "dumb." I agree with the idea that latency and performance are not everything. There are a huge number of people that don't even have cellular connectivity. However, we can't neglect the idea that latency and performance matter. The goal should be to drive down latency while increasing connectivity and increasing security/privacy.
    • Alec: Imagine you worked for a really large social network. They have to deal with the fact that people have satellite links, and people are joining the network from less well-connected networks. You may want to build caches that are close to these users. Why not, then, address the question of making DNS fast for everyone by having a "local" version of ODoH (or DoHoT) that works in local networks, rather than a centralized solution?