On Wed, Aug 20, 2014 at 03:00:05PM +0000, Hosnieh Rafiee wrote: > I provided several reason that the observer doesn't exist.
No, you provided several reasons why you think this decision is an unreasonable one. Prior to the evidence from a couple years ago that national governments were doing wide-spread vacuuming up of everything they could by perfoming passive attack through the means of tapping lines and so on, the position you are taking was entirely reasonable. But in the face of that evidence, some people have decided that, even if they can't protect themselves reliably all the time, they get enough marginal benefit from privacy to do it whenever they can, even if it's not perfect and not terribly hard to subvert. In other words, you are basically arguing that the benefit that will accrue from this technique is not enough given the costs. Others disagree with you. Your argument only works if we accept your premise that the benefit is not worth the cost; if we evaluate the benefit differently, then the cost might be acceptable. > What I tried to explain here is that an observer role doesn't make sense in > resolver scenario. Except that we have an existence proof that it does. > DNSSEC just came to this game when some folks say that DNSSEC can protect > this and they only need encryption. If you had strong authentication of the resolver, then this would be true. Since TSIG (which I expect you remember) or SIG(0) can solve the authentication part, then in fact the only thing you would need _is_ encryption, and then you could rely on the DNSSEC piece as well. Best regards, A -- Andrew Sullivan [email protected] _______________________________________________ dns-privacy mailing list [email protected] https://www.ietf.org/mailman/listinfo/dns-privacy
