> -----Original Message----- > From: dns-privacy [mailto:[email protected]] On Behalf Of > Stephane Bortzmeyer > Sent: Monday, July 25, 2016 12:34 AM > To: Prashanth Patil (praspati) <[email protected]> > Cc: [email protected] > Subject: Re: [dns-privacy] I-D Action: draft-ietf-dprive-dnsodtls-07.txt > > On Wed, Jul 06, 2016 at 01:54:12PM +0000, Prashanth Patil (praspati) > <[email protected]> wrote a message of 61 lines which said: > > > The new revision addresses comments received on the list and @IETF-95. > > My review of -07 : I see no reason not to move it to WG last call. > > > > Technical : > > > DNS client can use the authenication mechanisms discussed in > > [I-D.ietf-dprive-dtls-and-tls-profiles] > > > DNSoD client and server can use DTLS heartbeat [RFC6520] > > In both cases, the language of RFC 2119 is not used. Is it on purpose?
No, will replace "can" with "MUST". > > > > Editorial: > > s/authenication/authentication/ Thanks, fixed in my local copy. > > > > > Random thoughts: > > Now, a stub resolver may have to try four things (UDP/53, TCP/53, > UDP+DTLS/853 and TCP+TLS/853, all on the Standards track) before > communicating with a resolver. Should we write a meta-document, with > operational guidance, on how this could be done? Yes, it will be useful. This doc should discuss the precedence for UDP + DTLS verses TCP + TLS (it can consider using happy eyeballs technique). Cheers, -Tiru > > _______________________________________________ > dns-privacy mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/dns-privacy _______________________________________________ dns-privacy mailing list [email protected] https://www.ietf.org/mailman/listinfo/dns-privacy
