| rfc8932v3.txt | rfc8932.txt | |||
|---|---|---|---|---|
| skipping to change at line 244 ¶ | skipping to change at line 244 ¶ | |||
| relevant documents is listed in Appendix A for reference. | relevant documents is listed in Appendix A for reference. | |||
| 4. Terminology | 4. Terminology | |||
| The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", | The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", | |||
| "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and | "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and | |||
| "OPTIONAL" in this document are to be interpreted as described in BCP | "OPTIONAL" in this document are to be interpreted as described in BCP | |||
| 14 [RFC2119] [RFC8174] when, and only when, they appear in all | 14 [RFC2119] [RFC8174] when, and only when, they appear in all | |||
| capitals, as shown here. | capitals, as shown here. | |||
| DNS terminology is as described in [RFC8499] except that the | DNS terminology is as described in [RFC8499], except with regard to | |||
| definition of privacy-enabling DNS server in Section 6 of [RFC8310] | the definition of privacy-enabling DNS server in Section 6 of | |||
| is modified. We restate it to include the requirement that a DNS | [RFC8499]. In this document we use the full definition of a DNS over | |||
| over (D)TLS server should also offer at least one of the credentials | (D)TLS privacy-enabling DNS server as given in [RFC8310], i.e., that | |||
| such a server should also offer at least one of the credentials | ||||
| described in Section 8 of [RFC8310] and implement the (D)TLS profile | described in Section 8 of [RFC8310] and implement the (D)TLS profile | |||
| described in Section 9 of [RFC8310]. | described in Section 9 of [RFC8310]. | |||
| Other Terms: | Other Terms: | |||
| RPS: Recursive operator Privacy Statement; see Section 6. | RPS: Recursive operator Privacy Statement; see Section 6. | |||
| DNS privacy service: The service that is offered via a privacy- | DNS privacy service: The service that is offered via a privacy- | |||
| enabling DNS server and is documented either in an informal | enabling DNS server and is documented either in an informal | |||
| statement of policy and practice with regard to users privacy or a | statement of policy and practice with regard to users privacy or a | |||
| skipping to change at line 1465 ¶ | skipping to change at line 1466 ¶ | |||
| the specific techniques and the categorizations are described in more | the specific techniques and the categorizations are described in more | |||
| detail in the following sections. The list of techniques includes | detail in the following sections. The list of techniques includes | |||
| the main techniques in current use but does not claim to be | the main techniques in current use but does not claim to be | |||
| comprehensive. | comprehensive. | |||
| +===========================+====+===+====+===+====+===+===+ | +===========================+====+===+====+===+====+===+===+ | |||
| | Categorization/Property | GA | d | TC | C | TS | i | B | | | Categorization/Property | GA | d | TC | C | TS | i | B | | |||
| +===========================+====+===+====+===+====+===+===+ | +===========================+====+===+====+===+====+===+===+ | |||
| | Anonymization | X | X | X | | | | X | | | Anonymization | X | X | X | | | | X | | |||
| +---------------------------+----+---+----+---+----+---+---+ | +---------------------------+----+---+----+---+----+---+---+ | |||
| | Pseudoanonymization | | | | X | X | X | | | | Pseudonymization | | | | X | X | X | | | |||
| +---------------------------+----+---+----+---+----+---+---+ | +---------------------------+----+---+----+---+----+---+---+ | |||
| | Format preserving | X | X | X | X | X | X | | | | Format preserving | X | X | X | X | X | X | | | |||
| +---------------------------+----+---+----+---+----+---+---+ | +---------------------------+----+---+----+---+----+---+---+ | |||
| | Prefix preserving | | | X | X | X | | | | | Prefix preserving | | | X | X | X | | | | |||
| +---------------------------+----+---+----+---+----+---+---+ | +---------------------------+----+---+----+---+----+---+---+ | |||
| | Replacement | | | X | | | | | | | Replacement | | | X | | | | | | |||
| +---------------------------+----+---+----+---+----+---+---+ | +---------------------------+----+---+----+---+----+---+---+ | |||
| | Filtering | X | | | | | | | | | Filtering | X | | | | | | | | |||
| +---------------------------+----+---+----+---+----+---+---+ | +---------------------------+----+---+----+---+----+---+---+ | |||
| | Generalization | | | | | | | X | | | Generalization | | | | | | | X | | |||
| skipping to change at line 1763 ¶ | skipping to change at line 1764 ¶ | |||
| b. Data collected in logs. We do keep some generalized location | b. Data collected in logs. We do keep some generalized location | |||
| information (at the city / metropolitan-area level) so that | information (at the city / metropolitan-area level) so that | |||
| we can conduct debugging and analyze abuse phenomena. We | we can conduct debugging and analyze abuse phenomena. We | |||
| also use the collected information for the creation and | also use the collected information for the creation and | |||
| sharing of telemetry (timestamp, geolocation, number of hits, | sharing of telemetry (timestamp, geolocation, number of hits, | |||
| first seen, last seen) for contributors, public publishing of | first seen, last seen) for contributors, public publishing of | |||
| general statistics of system use (protections, threat types, | general statistics of system use (protections, threat types, | |||
| counts, etc.). When you use our DNS services, here is the | counts, etc.). When you use our DNS services, here is the | |||
| full list of items that are included in our logs: | full list of items that are included in our logs: | |||
| * Request domain name -- e.g., example.net | * Requested domain name -- e.g., example.net | |||
| * Record type of requested domain -- e.g., A, AAAA, NS, MX, | * Record type of requested domain -- e.g., A, AAAA, NS, MX, | |||
| TXT, etc. | TXT, etc. | |||
| * Transport protocol on which the request arrived -- i.e., | * Transport protocol on which the request arrived -- i.e., | |||
| UDP, TCP, DoT, DoH | UDP, TCP, DoT, DoH | |||
| * Origin IP general geolocation information -- i.e., | * Origin IP general geolocation information -- i.e., | |||
| geocode, region ID, city ID, and metro code | geocode, region ID, city ID, and metro code | |||
| End of changes. 3 change blocks. | ||||
| 6 lines changed or deleted | 7 lines changed or added | |||
This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||