Joel Jaeggli has entered the following ballot position for draft-ietf-dprive-edns0-padding-02: Discuss
When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html for more information about IESG DISCUSS and COMMENT positions. The document, along with other ballot positions, can be found here: https://datatracker.ietf.org/doc/draft-ietf-dprive-edns0-padding/ ---------------------------------------------------------------------- DISCUSS: ---------------------------------------------------------------------- This is just something I want to discuss, it's not an objection... At this point we say: Implementations therefore SHOULD avoid using this option if the DNS transport is not encrypted. If you did allow this on unencrypted dns transport this seems like it serves as a utility function for DNS amplification. Wouldn't it be better to say MUST NOT? e.g. this is exclusively for use with TLS / DTLS supporting sessions? _______________________________________________ dns-privacy mailing list [email protected] https://www.ietf.org/mailman/listinfo/dns-privacy
