On 30 Sep 2015, at 11:53, Ted Hardie wrote:
Howdy,
A quick question about draft-ietf-dprive-dns-over-tls-0:
Some previous drafts used ALPN (RFC 7301) tokens to negotiate the use
of
DNS as an application layer protocol user of TLS. This draft seems to
assume that because it is using a well-known port, it does not need to
specify an ALPN token to indicate that the protocol being negotiated
is
DNS.
It strike me as utterly harmless to include such a token and possibly
beneficial (since you might eventually use different tokens for EDNS
level,
for example). Is there a strong objection to using both that I'm
missing?
Your proposal would restrict initial deployment to clients and servers
whose TLS stack has ALPN. Instead of doing this, we could gate the next
version on ALPN instead, causing more early deployment.
--Paul Hoffman
_______________________________________________
dns-privacy mailing list
dns-privacy@ietf.org
https://www.ietf.org/mailman/listinfo/dns-privacy
