In article
you write:
>I support adoption, but I think we should consider a substantial
>simplification of the design, focusing on a consensus core of basic
>functionality.
Agreed. While I understand the motivation for this draft, the more I
look at it the less I understand the security model.
+1 to everything Joe wrote below. (There should be an automatic +1 to
things Joe writes.)
I'd like to suggest an approach to the issues of DNS forwarders + NATs of
varying depth/scope, but I think there may be some extra protocol work in
order to address these problems.
Also, I think there would
Moin!
On 5 Aug 2019, at 16:26, Paul Hoffman wrote:
As I said earlier in the thread, it is not a "need".
Some clients who want the information will want to use HTTPS because
that's what they already do (such as applications with DoH clients);
there is no need to force them to also have DNS tra
While there is definitely a lot of work needed, this seems to be getting
substantive interest in the draft, so I'd support the WG adopting this
draft.
___
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop
On Aug 5, 2019, at 5:52 AM, Joe Abley wrote:
> I'm concerned about the cases where:
>
> (a) the data enclosed within a RESINFO response includes embedded IP
> addresses that may not match the addresses that correspond to the resolver
> service as viewed from another addressing domain, and
>
>
Thank you for your detailed list
On Aug 5, 2019, at 4:07 AM, tirumal reddy wrote:
>
> I did not receive response to the attacks discussed in
> https://mailarchive.ietf.org/arch/msg/dnsop/4ubj2D4bzxS1VTsZKzcNqBcWgtM.
> Listing the attacks and comments for further discussion:
To be clear, most
On 4 Aug 2019, at 21:00, Martin Thomson wrote:
> On Sun, Aug 4, 2019, at 00:37, Paul Hoffman wrote:
>>> I think that I might have said this before, but I don't think that asking
>>> an HTTP server about a DNS server is the right solution.
>>
>> It is not "the" right solution, but it is one of t
On Mon, 5 Aug 2019 at 16:20, Ralf Weber wrote:
> Moin!
>
> On 4 Aug 2019, at 4:15, Rob Sayre wrote:
>
> > On Fri, Aug 2, 2019 at 8:04 AM Tim Wicinski wrote:
> >
> >>
> >> The draft is available here:
> >> https://datatracker.ietf.org/doc/draft-sah-resolver-information/
> >>
> >> Please review th
I did not receive response to the attacks discussed in
https://mailarchive.ietf.org/arch/msg/dnsop/4ubj2D4bzxS1VTsZKzcNqBcWgtM.
Listing the attacks and comments for further discussion:
a) Attackers can also host DoH/DoT servers and claim they offer security
and privacy policies. How will the stub
Moin!
On 4 Aug 2019, at 4:15, Rob Sayre wrote:
> On Fri, Aug 2, 2019 at 8:04 AM Tim Wicinski wrote:
>
>>
>> The draft is available here:
>> https://datatracker.ietf.org/doc/draft-sah-resolver-information/
>>
>> Please review this draft to see if you think it is suitable for adoption
>> by DNSOP,
10 matches
Mail list logo