Jay, I guess I model that there is an opportunity if desired to collect the DNS data for monitoring or security controls or whatever when it emerges from the encrypted channel at or near the server. I can’t say that this is possible in all configurations that people might operate, of course.
Allison On Oct 22, 2014, at 10:09 PM, Jay Daley <[email protected]> wrote: > > On 23/10/2014, at 2:44 pm, Mankin, Allison <[email protected]> wrote: > >> Encryption between the recursive and the authoritative would not prevent >> collection of passive DNS data at those points either. > > Why's that? > > Jay > > -- > Jay Daley > Chief Executive > .nz Registry Services (New Zealand Domain Name Registry Limited) > desk: +64 4 931 6977 > mobile: +64 21 678840 > linkedin: www.linkedin.com/in/jaydaley > _______________________________________________ dns-privacy mailing list [email protected] https://www.ietf.org/mailman/listinfo/dns-privacy
