On Nov 26, 2018, at 8:17 AM, Warren Kumari <war...@kumari.net> wrote: > As you can guess from the name, VPNs-R-Us is sketchy
If you trust a VPN operator, you trust the VPN operator. What the rest of your message is asking is "can I partially trust the VPN operator to do X but not Y, and have all that be explicit?". 25+ years of IETF security experience would say either "no" or "yes, but in such a convoluted way that no one will actually understand it and now you've just slathered on complicated code that makes things worse". Once you are inside a network (the N in VPN), it's "my network, my policy" all over again. --Paul Hoffman
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop