>
> Alexander Mayrhofer wrote:
>
> I do agree that DNS is probably not a special protocol, and hence padding
> strategies from other protocols would work equally well for DNS.
>
I like the overview of padding considerations for HTTPS in Mat Ford's TRON
Workshop talk:
https://www.internetsociety.org/sites/default/files/T9-ford-metadata.pdf
>From another part of DNS land, a recent dnscrypt spec specifies padding for
DNS over UDP/DNS over TCP (no information about how this matches to
deployed dnscrypt proxies and servers):
https://github.com/jedisct1/dnscrypt-proxy/blob/master/DNSCRYPT-V2-PROTOCOL.txt
I like the idea of a separate draft to make recommendations for padding in
encrypted DNS. I also really hope that we can see some implementation
experiments in parallel with the draft.
On 27 July 2016 at 02:46, Alexander Mayrhofer <[email protected]>
wrote:
> Shane Kerr wrote:
> > Does anybody know what the best practice is in the rest of the crypto
> > world? (I know that DNS is a special snowflake, but we could surely use
> > input from people who care about such things more deeply than I ever
> > will...)
>
> I'm highly curious to know about that as well. I do agree that DNS is
> probably not a special protocol, and hence padding strategies from other
> protocols would work equally well for DNS.
>
> Alex
>
> _______________________________________________
> dns-privacy mailing list
> [email protected]
> https://www.ietf.org/mailman/listinfo/dns-privacy
>
_______________________________________________
dns-privacy mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dns-privacy
