On Sun, Dec 16, 2018 at 11:45 AM Paul Wouters wrote:
> On Fri, 14 Dec 2018, Eric Rescorla wrote:
>
> > However, in a large number of cases (e.g., an attacker on your local
> network,
> > there are non-DNSSEC ways of obtaining this property, such as using DoH.
>
> Data origin authenticity is not t
On Fri, 14 Dec 2018, Eric Rescorla wrote:
However, in a large number of cases (e.g., an attacker on your local network,
there are non-DNSSEC ways of obtaining this property, such as using DoH.
Data origin authenticity is not the same as transport security.
DoH offers no guarantee that the non