Re: [dns-privacy] Call for Adoption: draft-hzpa-dprive-xfr-over-tls

RIVE, and comments to the list, clearly stating your view. > > Please also indicate if you are willing to contribute text, review, etc. I support adoption of draft-hzpa-dprive-xfr-over-tls and am willing to review. -- Robert Edmonds ___ dns-priva

Re: [dns-privacy] Sketchy notes on DNS-over-TLS to authoritative servers

ervers with a separate NS query to DNSSEC-validate any signals encoded in NSDNAMEs. -- Robert Edmonds ___ dns-privacy mailing list dns-privacy@ietf.org https://www.ietf.org/mailman/listinfo/dns-privacy

Re: [dns-privacy] DNS over TLS for zone transfers?

to help an inferior format. What does poor message decoding performance from a particular implementation have to do with DNS transaction confidentiality? (There are DNS implementations that advertise high query rates with filtering, so I'm skeptical that backwards inco

Re: [dns-privacy] DNS over TLS for zone transfers?

the transport. (BTW, one thing I wonder about is, for operators who *don't* use AXFR/IXFR on port 53 to distribute their zones, does the transport they use support confidentiality equivalent to TLS/SSH?) -- Robert Edmonds ___ dns-privacy mailing list dns-privacy@ietf.org https://www.ietf.org/mailman/listinfo/dns-privacy

Re: [dns-privacy] Scope of Privacy considerations

h the IETF has committed to mitigating (RFC 7258). This is a much broader issue than the existence or disclosure of personally identifiable data. -- Robert Edmonds ___ dns-privacy mailing list dns-privacy@ietf.org https://www.ietf.org/mailman/listinfo/dns-privacy

Re: [dns-privacy] [internet-dra...@ietf.org: I-D Action: draft-bortzmeyer-dprive-step-2-00.txt]

ster a port for a “private use” protocol. -- Robert Edmonds ___ dns-privacy mailing list dns-privacy@ietf.org https://www.ietf.org/mailman/listinfo/dns-privacy

Re: [dns-privacy] Recharter discussion? (was DPRIVe Agenda requests for Berlin)

it) may be useful to an attacker. And key distribution between AXFR clients and servers is probably even more well understood than key distribution between resolver and authority. -- Robert Edmonds ___ dns-privacy mailing list dns-privacy@ietf.org

Re: [dns-privacy] Recharter discussion? (was DPRIVe Agenda requests for Berlin)

89 _53 or _853 ? -- Robert Edmonds ___ dns-privacy mailing list dns-privacy@ietf.org https://www.ietf.org/mailman/listinfo/dns-privacy

Re: [dns-privacy] Deployment issues

Christian Huitema wrote: > Is this part of DPRIVE's charter? "...but it may also later consider mechanisms that provide confidentiality between Iterative Resolvers and Authoritative Servers, or provide end-to-end confidentiality of DNS transactions."

Re: [dns-privacy] DNS + 0-RTT

Unbound is fixed (PowerDNS has a feature request for round-robin, but > is currently also fixed (*)). Unbound actually does support both fixed and randomized, and the entropy is taken from an interesting place: the ID field from the query. -- Robert Edmonds

Re: [dns-privacy] DNS PRIVate Exchange

til the mid-1960s and was the first machine capable of supporting large networks that was considered secure against known plaintext attack. The KL-7 was also used by several NATO countries until 1983. -- Robert Edmonds ___ dns-privacy mailin