On Wed, Aug 20, 2014 at 12:06:29AM +0200, Hosnieh Rafiee wrote: > 1- Opportunistic encryption is not appropriate for the privacy of stub > resolver to recursive resolver scenario unless the node has a possibility to > authenticate this resolver.
I don't think this is true. The point of the encryption independent of authentication is for the case where you've decided to accept the risk that your upstream resolver isn't actually trustworthy, and have decided to trust it anyway. You're welcome to say, "That's a bad decision," but I don't think you've provided a reason that others can't make that trade-off reasonably. > If you think when your domain is signed by DNSSEC, a fake resolver cannot > cause any problem for you This has nothing at all to do with DNSSEC. I think you're just muddying the waters by bringing DNSSEC into it. It is _certainly_ true that you can't trust DNSSEC validation without knowing exactly who did the validation and having an authenticated channel to that. That's completely unrelated to the privacy argument for stub-to-resolver encryption. Best regards, A -- Andrew Sullivan [email protected] _______________________________________________ dns-privacy mailing list [email protected] https://www.ietf.org/mailman/listinfo/dns-privacy
