On Wed, 20 Aug 2014, Jacob Appelbaum wrote:
Paul - perhaps this suggests that all stub and recursive resolvers should log keying information, even if it isn't used for validation/authentication/etc?
That is one "out of band" authentication mechanism called TOFU (trust on first use) or LOF (Leap of Faith) While possible, it will see a lot of false positives, like when going to a different starbucks using the same wifi ESSID. It could be done if one also logs mac address and/or lat/long info. But these are all local policy and local implementations issues. Paul _______________________________________________ dns-privacy mailing list [email protected] https://www.ietf.org/mailman/listinfo/dns-privacy
