On Mon, Jul 18, 2016 at 4:25 PM, Stephane Bortzmeyer <bortzme...@nic.fr> wrote:
> Isn't it time we start working on the resolver-to-auth link? > > I know that DPRIVE does not meet in Berlin but, if people who are > there (I'm not) want to discuss it, I'll be interested in feedbacks, > flames and pull requests. > > > > ---------- Forwarded message ---------- > From: internet-dra...@ietf.org > To: <i-d-annou...@ietf.org> > Cc: > Date: Mon, 18 Jul 2016 13:15:33 -0700 > Subject: I-D Action: draft-bortzmeyer-dprive-step-2-00.txt > > A New Internet-Draft is available from the on-line Internet-Drafts > directories. > > > Title : Next step for DPRIVE: resolver-to-auth link > Author : Stephane Bortzmeyer > Filename : draft-bortzmeyer-dprive-step-2-00.txt > Pages : 6 > Date : 2016-07-18 > > Abstract: > This document examines the possible future work for the DPRIVE (DNS > privacy) working group, specially in securing the resolver-to- > authoritative name server link with TLS under DNS. > > It is not intended to be published as a RFC. > > REMOVE BEFORE PUBLICATION: this document should be discussed in the > IETF DPRIVE group, through its mailing list. The source of the > document, as well as a list of open issues, is currently kept at > Github [1]. > > > The IETF datatracker status page for this draft is: > https://datatracker.ietf.org/doc/draft-bortzmeyer-dprive-step-2/ > > There's also a htmlized version available at: > https://tools.ietf.org/html/draft-bortzmeyer-dprive-step-2-00 > > > I would think that "Key in DNS, authenticated by DNSSEC" would be the obvious choice. That might even push DNSSEC adoption. (Similar to DANE ? But I don't know much about DANE.) -- Bob Harold
_______________________________________________ dns-privacy mailing list dns-privacy@ietf.org https://www.ietf.org/mailman/listinfo/dns-privacy