George, i certainly agree. Noted for a revision.
Alex Von: George Michaelson [mailto:g...@algebras.org] Gesendet: Donnerstag, 23. Juli 2015 18:52 An: Alexander Mayrhofer Cc: dns-priv...@ietf.org; dnsop@ietf.org Betreff: Re: [DNSOP] draft-mayrhofer-edns0-padding What does it mean to exceed the proffered EDNS0 buffer size with your padded response? You're 'silent' on length, but surely the server should respect the EDNS0 size proffer as a limit? On Thu, Jul 23, 2015 at 6:50 PM, Alexander Mayrhofer <alexander.mayrho...@nic.at<mailto:alexander.mayrho...@nic.at>> wrote: Hi, I had a discussion with Daniel Khan Gillmor today, and we talked about his proposal to specify a padding option in TLS so that message-size based correlation attacks on encrypted DNS packets could be prevented. We continued discussing other options (such as "artificial" RRs in the additional section), and I floated the idea that we could use EDNS0 to include padding in DNS packets. So, I've created a quick-and-dirty strawman proposal draft for this idea, and i'm happy to discuss this during tomorrow's DPRIVE session if we have time: https://www.ietf.org/id/draft-mayrhofer-edns0-padding-00.txt Bring out the pitchforks and torches :) Alex _______________________________________________ DNSOP mailing list DNSOP@ietf.org<mailto:DNSOP@ietf.org> https://www.ietf.org/mailman/listinfo/dnsop
_______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
