this will be my last post on this topic; happy to continue on DHCP matters.
Ted Lemon wrote:
... In fact, though, the people who are currently providing DoH service
actually have much greater visibility into the malware problem than you
possibly can. ...
this is a false equivalence.
i have responsibility for my network's security. the DoH provider does not.
i _will_ know what's targetting me. the DoH provider _might_ know.
i know my policies and tradeoffs. the DoH provider will not know.
if i choose to outsource my perimeter defense, that's one thing. but to
have a visitor or BYOD or malware or employee or family member decide to
do this, is quite another.
the DoH team has badly misunderstood a full segment of the community,
and the resulting knee-jerk ignorant politics-based engineering is going
to have a very long tail of foreseeable negative side effects.
-- P Vixie
_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop