On Wed, 20 Aug 2014, Hosnieh Rafiee wrote:
The important thing is stub resolver is not recursive resolver and the
expectation of querying different authoritative DNSSEC server for this
verification seems to be impractical.
So you have two choices in that case:
1 Become a dnssec validating resolver
2 Setup a VPN to a validating resolver you trust
Both are out of scope for this draft.
[Paul Wouters already explained that it makes no sense to authentify a
DHCP-obtained resolver - since DHCP itself is not secure. You
authentify hard-wired resolvers only.]
:-) and my answer was that in this case, it does not make sense to do any
encryption because we are boiling the ocean water as the observer already can
play a role of resolver and access the data that we try to hide him.
No, an OBSERVER cannot. Only an active attacker can. In the absence of
2) that is the best you can do, and this draft says it is the best you
SHOULD do.
Encryption without authentication is like someone hide his head in the sand and
assume that he has privacy while others can see his body clearly.
With nation state monitoring out of control, this is not true.
Especially when using non-local resolvers like 8.8.8.8.
Paul
_______________________________________________
dns-privacy mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dns-privacy
