> On 5 Mar 2014, at 11:20, "Hosnieh Rafiee" <i...@rozanak.com> wrote: > > Why don't we need confidentiality with open resolvers like google? > One might not like that anybody on his/her network knows what he is > browsing. This is a part of privacy.
Right. Encrypting to distant resolvers has to be at least as important as local ones. The usual argument against encryption does not apply since there will be eavesdroppers who cannot also see the user's non-DNS traffic. I think dnse is important because it removes an obstacle to putting interesting data in the DNS. At the moment your DNS traffic might reveal that you are doing email but not who with. If your MUA starts looking up PGP or S/MIME keys then privacy becomes a lot more important. Email is just an example; I am sure there are other really interesting uses for a more secure DNS. Tony. -- f.anthony.n.finch <d...@dotat.at> http://dotat.at/ _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
