On Fri, Sep 18, 2015 at 4:34 PM, Wessels, Duane <[email protected]> wrote: > This is an update to the draft formerly named > draft-ietf-dprive-start-tls-for-dns-01. If searching mail archives for > previous discussion of this draft you may need to use the former name. >
Thank you authors. We would appreciate it if the WG could do a careful review of this document and point out the issues, inconsistencies, errors and omissions. We'd like to get things rolling along somewhat faster than we have been... W > The former draft described two approaches to establishing a DNS-over-TLS > session: upgrade-based (aka STARTTLS for DNS) and port-based. In this new > version we have removed the upgrade-based approach and describe only the use > of a well-known port. > > The URL below will show the differences between this and the previous > document. > > http://tools.ietf.org//rfcdiff?url1=https://tools.ietf.org/id/draft-ietf-dprive-start-tls-for-dns-01.txt&url2=https://tools.ietf.org/id/draft-ietf-dprive-dns-over-tls-00.txt > > DW > > > > >> On Sep 18, 2015, at 1:21 PM, [email protected] wrote: >> >> >> A New Internet-Draft is available from the on-line Internet-Drafts >> directories. >> This draft is a work item of the DNS PRIVate Exchange Working Group of the >> IETF. >> >> Title : DNS over TLS: Initiation and Performance >> Considerations >> Authors : Zi Hu >> Liang Zhu >> John Heidemann >> Allison Mankin >> Duane Wessels >> Paul Hoffman >> Filename : draft-ietf-dprive-dns-over-tls-00.txt >> Pages : 17 >> Date : 2015-09-18 >> >> Abstract: >> This document describes the use of TLS to provide privacy for DNS. >> Encryption provided by TLS eliminates opportunities for eavesdropping >> on DNS queries in the network, such as discussed in RFC 7258. In >> addition, this document specifies two usage profiles for DNS-over-TLS >> and provides advice on performance considerations to minimize >> overhead from using TCP and TLS with DNS. >> >> Note: this document was formerly named >> draft-ietf-dprive-start-tls-for-dns. Its name has been changed to >> better describe the mechanism now used. Please refer to working >> group archives under the former name for history and previous >> discussion. [RFC Editor: please remove this paragraph prior to >> publication] >> >> >> The IETF datatracker status page for this draft is: >> https://datatracker.ietf.org/doc/draft-ietf-dprive-dns-over-tls/ >> >> There's also a htmlized version available at: >> https://tools.ietf.org/html/draft-ietf-dprive-dns-over-tls-00 >> >> >> Please note that it may take a couple of minutes from the time of submission >> until the htmlized version and diff are available at tools.ietf.org. >> >> Internet-Drafts are also available by anonymous FTP at: >> ftp://ftp.ietf.org/internet-drafts/ >> >> _______________________________________________ >> dns-privacy mailing list >> [email protected] >> https://www.ietf.org/mailman/listinfo/dns-privacy > > > _______________________________________________ > dns-privacy mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/dns-privacy > -- I don't think the execution is relevant when it was obviously a bad idea in the first place. This is like putting rabid weasels in your pants, and later expressing regret at having chosen those particular rabid weasels and that pair of pants. ---maf _______________________________________________ dns-privacy mailing list [email protected] https://www.ietf.org/mailman/listinfo/dns-privacy
