On Oct 6, 2014, at 8:44 AM, Stephane Bortzmeyer <[email protected]> wrote:
> [Keep [email protected] in the loop only if it is substantive comments on > the WG creation, please] > > On Fri, Oct 03, 2014 at 10:38:35AM -0700, > The IESG <[email protected]> wrote > a message of 68 lines which said: > >> The primary focus of this Working Group is to develop mechanisms >> that provide confidentiality between DNS Clients and Iterative >> Resolvers, > > I do not see why the group is limited to this point. 1) Some technques > (such as hop-to-hop encryption) work exactly the same for this case > and the case of resolvers<->authoritative. 2) The problem of data > gathering by authoritative name servers is as serious as the problem > of sniffing by third parties between a stub client and a resolver, and > should be addressed at the same level. > > Well different techniques might be “better” in the two cases, i.e. connection from client to Recursive resolver may only be kept open for a short time while the connection from Recursive Resolver to a BIG DNS data provider might be always-on. So I think the charter is right in saying “will focus on last mile” and check if that solution will scale to other cases. Olafur _______________________________________________ dns-privacy mailing list [email protected] https://www.ietf.org/mailman/listinfo/dns-privacy
