|
|
|
|
|
|
by samgaw
2014 days ago
|
|
|
Tbh I think it's beyond reasonable to expect when you're paying for a service that your data (or your clients') isn't funneled into another sideline. And this particular question is great timing for me, so I hope you don't mind me doing a bit of market research and get your feedback on a few things. - Is this for personal domains or commercial? - Are the clients 'sensitive' or do you want to protect PII out of principle? - Do you expect to pay a premium (compared to larger providers) for client privacy? - For records that have a distribution strategy like round robin or balanced by load, do you expect a client to receive the same result on subsequent requests? - Is it acceptable to keep (for a record's TTL) a hash the client's subnet and the response for the purposes of only returning consistent records, or do you consider this another flavour of tracking client IPs? - How valuable are metrics/reporting do you? Is reporting query volume at the ASN or country level enough? Too much? Thanks. |
|
|
- Both
- Both
- Yes. I wish that weren't the case, but considering that I can't find a single provider so far who respects end user privacy, I would expect for one who does so to charge more.
- No. Ideally, the provider wouldn't keep any logs, so they wouldn't be aware that the same client was making a subsequent request.
- I guess it's completely up to the provider. As this would be the first privacy-respecting provider, they'll probably have to go all-in with privacy, if they wish to gain traction and popularity within the community. So no, I'd personally hope that they wouldn't do that. However if this were an existing provider hoping to start becoming more private, yet they also have current customers for whom these features matter, then I guess workarounds like this are better than not being able to transition to better privacy in general. Or, even better, offer features like this for customers who need it, but allow them to be disabled from account settings for those who don't want it.
- To me, personally, I do not care at all about metrics. If a client is querying DNS, then it's because they're about to connect to one of my services (leaving cyberattacks out of the picture for the moment), at which point if I wanted to (which I don't) I could collect metrics. That being said, I don't think that, for those who want it, collecting generalized metrics at the country level, for example, would be unreasonable. And other metrics, such as DNS routing based on server "health checks" or number of resolution errors, etc. aren't bad either. It's just imperative that when the company collects these generalized metrics, they have a clear and perfect process of purging the metrics of all PII, and only saving the country name from which the request originated, for example.
No problem!