On 16 Dec 2021, at 7:07 pm, Stephane Bortzmeyer <bortzmeyer@nic.fr> wrote:
On Thu, Dec 16, 2021 at 08:59:42AM +0100, Moritz Müller via dns-wg <dns-wg@ripe.net> wrote a message of 179 lines which said:
I was wondering: Why does the EC believe that the resolvers users currently rely on (e.g. provided by their ISP) provide “low-quality”? Are there any studies about this?
One possible response is that the people who write these statements don't know what they are talking about. But of course, I cannot believe that. So, another possible response: in Brussels, they see that some users move away from the IAP resolver to a public resolver, so there is probably a reason for that. (Unfortunately, DNS4EU may not address this reason.)
DNS resolutiuon is, economically speaking, a wasteland - users don't pay for queries so the infrastructure that handles queries is bundled up with other services, which is what your ISP does. But users don't generally decide on an IUSP based on the quality of that ISP’s DNS so the DNS department is part of the cost part of the business, not a revenue generator, so it gets little attention. Some ISPs have attempted to change this by monetising queries (selling the query logs) or changing responses (NXDOMAIN substitution) but such efforts has been generally regarded with extreme disfavor. So the DNS resolution environment limps along. There is however one party who feels that it has a legitimate business interest in an “honest” DNS, and that party is of course Google. NXDOMAIN substitution is a direct competitor to Google’s search services, and their search services are a key component of their core revenue. So for precisely the same reason why Google pay other folk money to make Google the default search engine on their platforms, spending money to create a blazing fast and accurate and honest DNS resolver is, for Google, money well spent. The problem for everyone else is the incursion of a US private entity into the heart of the Internet’s name resolution infrastructure. Over the past 16 months the number of EU users who pass queries to Google’s Public DNS has risen from a little over 15% to touching 30% - i.e.its market share in Europe has doubled in a little over one year! (https://stats.labs.apnic.net/rvrs/XE?hc=XE&hl=1&hs=0&ht=10&w=1&t=10&s=1) If you are working in the EC and you see yet another piece of the Internet’s digital communications infrastructure (and in the case of the DNS a very important and highlky informative piece if you were to peek at the data stream) being aggregated and centralized by a gigantic US entity, then wouldn’t you be a little bit disconcerted? I know I would! So I think this is not really about the quality of the alternatives available for European users (and ISPs) in the DNS resolution market. It's more about the observation that piece by piece and bit by bit the decentralised Internet is being centralized, and from an EU perspective its being centralised into non-EU private sector corporate domains. Although, if you care about DNSSEC, DoH, and similar then you might look at the piecemeal story about the adoption of DNSSEC validation in Europe (https://stats.labs.apnic.net/dnssec/XE?hc=XE&hx=0&hv=1&hp=1&hr=1&w=1&p=0) and ask youself why the adoption opf DNSSEC validation in Europe correlates with the expansion of Google DNS’s use footprint). If you care about such things and wanted to do something about it without simply handing over even more market presence to Google then you might want to try to stimulate local initiatives to improve the capability of DNS resolution infrastructure in the region. Geoff