Dear all,
We have uploded a draft (below) about encryption of message through PKI
mechanism over UDP.
any comments are welcome.
From: internet-drafts
Date: 2015-07-02 17:30
A new version of I-D, draft-zuo-dprive-encryption-over-udp-00.txt
has been successfully submitted by Jiankang Yao and posted to the
IETF repository.
Name: draft-zuo-dprive-encryption-over-udp
Revision: 00
Title: Approach on encrypting DNS message over UDP
Document date: 2015-07-02
Group: Individual Submission
Pages: 10
URL:
https://www.ietf.org/internet-drafts/draft-zuo-dprive-encryption-over-udp-00.txt
Status:
https://datatracker.ietf.org/doc/draft-zuo-dprive-encryption-over-udp/
Htmlized:
https://tools.ietf.org/html/draft-zuo-dprive-encryption-over-udp-00
Abstract:
This document offers an approach to encrypt DNS queries and responses
between the stub resolver and the recursive server over UDP to
protect user privacy. The public key of the recursive server is
distributed to the stub resolver through the Certificate Authority
infrastructure, and the public key of the stub resolver is sent to
the recursive server together with the DNS query where the public key
is inserted to the additional section of the DNS query. Then the
recursive server encrypts the DNS responses sent to the stub resolver
with the public key of that stub resolver, and similarly the DNS
query sent to the recursive server is encrypted by the stub resolver
with the public key of that recursive server and thus the user
privacy is protected.
Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org.
The IETF Secretariat_______________________________________________
dns-privacy mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dns-privacy
