On Thu, Oct 23, 2014 at 5:52 AM, Stephen Farrell <[email protected]> wrote:
> > > On 23/10/14 09:04, Jelte Jansen wrote: > > To name one: the bigger the shared resolver, the higher the chance the > > three letter agencies want and might have their taps there. So IMHO Joe > > is simply shifting trust here, not necessarily in- or decreasing it. > > Yes, that's possible and we should figure out what's likely > to be better in terms of deployment. But out first job is to > define an agreed interoperable way of getting confidentiality. > When we're done I'm sure people will figure out how best to > (ab)use that;-) > The objective here is to greatly reduce pervasive surveillance rather than eliminate all possibility of vulnerability. Forcing an adversary to perform an active, intrusive attack rather than a passive attack is a substantial increase in work factor and increases the risk of disclosure of the attack.
_______________________________________________ dns-privacy mailing list [email protected] https://www.ietf.org/mailman/listinfo/dns-privacy
