On Sunday, August 2, 2015 7:44 AM, Paul Wouters wrote: > ... > DNS privacy would help but then you should also be unwilling to use any > random wifi network's DNS server, and build a VPN to a trusted DNS > server farm. > > I would say let DPRIVE solve the DNS privacy for all DNS RRtypes.
Uh, No. DPRIVE is chartered to solve a different problem: prevent observers from gleaning meta-data by looking at the DNS requests originating from a client. I am concerned that we cannot keep email addresses and PGP keys private if we publish them in the DNS. Data published in the DNS is there to be read by everybody, there is no access control whatsoever. If we are concerned with the privacy of email addresses, then we should not publish them in the DNS. In that case, we would need a specialized service, probably incorporating some form of control based on a "social graph." -- Christian Huitema _______________________________________________ dane mailing list [email protected] https://www.ietf.org/mailman/listinfo/dane
