On Fri, May 09, 2014 at 05:38:46PM -0400, Phillip Hallam-Baker <[email protected]> wrote a message of 120 lines which said:
> * A General requirements draft for DNS privacy and related security > * concerns In this message, I'll talk only about this one, draft-hallambaker-dnse-01. Good idea to try to have a "requirments" document between the "privacy considerations" document and the various "solution" documents. However, I find that the requirments expressed in draft-hallambaker-dnse are too general: for instance, "[R-C-ACTIVE] Prevent or mitigate disclosure of request and response data against an active attacker on every contact" is nice but seems very difficult to achieve, and the draft does not mention the costs or the tradoffs (except the last sentence of "security considerations"). Also, I find that a requirment is missing: "limiting, to the maximum extent possible, the amount of data sent to forwarders or authoritative name servers". The draft only mentions the risk of profiling (so I assume a solution allowing anonymous clients would address it). But the qnames themselves are information and sometimes personal information and we want to limit every leak. _______________________________________________ dns-privacy mailing list [email protected] https://www.ietf.org/mailman/listinfo/dns-privacy
