> On 3 Dec 2019, at 06:52, Meral Shirazipour <meral.shirazip...@ericsson.com> > wrote: > > I am the assigned Gen-ART reviewer for this draft. The General Area Review > Team (Gen-ART) reviews all IETF documents being processed by the IESG for the > IETF Chair. Please treat these comments just like any other last call > comments. > > For more information, please see the FAQ at > <https://trac.ietf.org/trac/gen/wiki/GenArtfaq > <https://trac.ietf.org/trac/gen/wiki/GenArtfaq>>. > > Document: draft-ietf-dprive-rfc7626-bis-03 > > Reviewer: Meral Shirazipour > Review Date: 2019-12-02 > IETF LC End Date: 2019-12-02 > IESG Telechat date: NA > > > Summary: This draft is ready to be published as Informational RFC with some > issues (I would recommend taking into consideration the comments received on > the mailing list)
Hi Meral, Thanks for the review! > > Major issues: > > Minor issues: > > Nits/editorial comments: > It would have been interesting to have this draft also mention the > additional/potential risks for non-web applications. IoT was briefly > mentioned in Section 3.6. What about other applications? Is there any other > privacy risks beyond just identifying the content being requested? > It is a good point but nothing really springs to mind in terms of additional concrete privacy risks I’ve seen documented that have been identified for non-web applications. There have been various reports of malware using DoH but they tend to identify attacks that are equally possible with other forms of encryption….. Sara.
_______________________________________________ Gen-art mailing list Gen-art@ietf.org https://www.ietf.org/mailman/listinfo/gen-art
