> -----Original Message----- > From: dns-privacy [mailto:[email protected]] On Behalf Of sara > Sent: Tuesday, October 27, 2015 3:22 PM > To: 神明達哉 > Cc: Simon Josefsson; Paul Hoffman; [email protected] > Subject: Re: [dns-privacy] Start of WGLC for draft-ietf-dprive-dns-over-tls-01 > > > > On 26 Oct 2015, at 17:26, 神明達哉 <[email protected]> wrote: > > > > IIRC when we > > adopted DNS/TLS from several candidates the decision was to focus on > > this particular solution while allowing flexibility of discussions > > other ideas at a lower priority, so we can at least publish one > > concrete solution document as soon as possible. I have no problem of > > discussing DNS/DTLS itself, but if my understanding about the wg focus > > is correct, I don't think it a good idea to delay publishing DNS/TLS > > because of it implication with DNS/DTLS. In that sense merging these > > two drafts doesn't seem to be a good idea to me. Extracting and > > deferring some parts of DNS/TLS may be acceptable if the resulting > > DNS/TLS draft is still a self-contained document to be published. > > I strongly agree with this position. I believe the working group should > produce 3 documents here: > > 1) This draft - the technical discussion of DNS-over-TLS: I believe this > document is mature enough to move forward as a standalone document > (possibly with some minor re-working of section 5, to further clarify the > scope with respect to authentication and add other references?). As detailed > in the implementation section it also has several implementations. > > 2) The technical discussion of DNS-over-DTLS: I believe that document is still > under active review and development. > > 3) I agree there should be a separate document to describe further details of > 'Authentication of DNS-over-(D)TLS connections’, and I am willing to work on > that.
Authenticating the DNS privacy server is discussed in https://tools.ietf.org/html/draft-ietf-dprive-dnsodtls-02#section-3.2 and is applicable for both TLS and DTLS. -Tiru > > I think this separation is the most pragmatic and flexible way to allowing the > working group to deliver DNS Privacy in a timely fashion, without introducing > unnecessary dependancies between the solutions. > > Sara. > _______________________________________________ > dns-privacy mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/dns-privacy _______________________________________________ dns-privacy mailing list [email protected] https://www.ietf.org/mailman/listinfo/dns-privacy
