On 03/05/2014 02:40 PM, João Damas wrote: > > perhaps there is a need to separate the problem into tractable > chunks. For the part of the problem about authenticating the > recursive resolver (the fake 8.8.8.8 problem) we probably a > different solution than for the metadata snooping problem (who is > asking for what). Perhaps it might be the case there are already > existing features that can be used to get what we need (e.g. SIG(0) > for the recursive resolver, wild!) and, as Roy Arends was > mentioning over a few drinks, onion-like routing to separate the > who from the what in questions in an effective manner. These could > be even user-triggered on demand for certain traffic types (For > instance as a consequence of turning on private browsing in a > browser), so the overhead penalties are only incurred for the > desired subset of traffic. >
+1. I don't want to fight about requirements for 10 years, and it does look like there are different and competing views as to what constitutes confidentiality here. So a split into several problems, which can have shared or separate solutions, seems like a good start. Jelte _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop