From: dns-privacy [mailto:[email protected]] On Behalf Of Guangqing Deng Sent: Tuesday, May 26, 2015 7:24 AM To: dns-privacy Cc: Tim Wicinski; Dan Wing (dwing) Subject: Re: [dns-privacy] Call For Adoption: draft-wing-dprive-dnsodtls
Resolution latency is very crucial for DNS system and the latency of DNS-over-DTLS is relatively low compared with DNS-over-TLS. I support adoption, and BTW is there any public software library of DTLS for doing DNS-over-DTLS evaluation? You can use OpenSSL. -Tiru ________________________________ Guangqing Deng CNNIC From: Dan Wing<mailto:[email protected]> Date: 2015-05-23 00:13 To: Bob Harold<mailto:[email protected]> CC: Tim Wicinski<mailto:[email protected]>; [email protected]<mailto:[email protected]> Subject: Re: [dns-privacy] Call For Adoption: draft-wing-dprive-dnsodtls On 20-May-2015 07:40 am, Bob Harold <[email protected]<mailto:[email protected]>> wrote: On Wed, May 20, 2015 at 10:03 AM, Tim Wicinski <[email protected]<mailto:[email protected]>> wrote: During the previous Call for Adoption a number of participants expressed interest in adopting this work. WG members felt it needed some improvements, but thought it had potential. The authors addressed the issues and feel it meets what the working group was seeking, and have requested that we initiate a call for adoption. If the working group adopts this document, it only means it wishes to study this solution more carefully. The working group may still determine to not move forward with it. The draft is available here: https://datatracker.ietf.org/doc/draft-wing-dprive-dnsodtls/ Please review this draft to see if you think it is suitable for adoption by , and comments to the list, clearly stating your view. Please also indicate if you are willing to contribute text, review, etc. I support adoption, and I will review. I am unclear on Page 5 6. Demultiplexing, Polling, Port Usage, and Discovery "After performing the above steps, the host should determine if the DNS server supports DNSoD by sending a DTLS ClientHello message." It is unclear to me what the "above steps" actually refers to. Can you clarify? Section 6 suggests how a DNSoDTLS client can determine that its connected network will work with DNSoDTLS. The exact method and algorithm will require more discussion in the WG, especially to balance the needs for security and interoperability against implementation flexibility. -d
_______________________________________________ dns-privacy mailing list [email protected] https://www.ietf.org/mailman/listinfo/dns-privacy
