On Thursday, December 8, 2016 1:52 AM, Sara Dickinson wrote: > > Just to follow up on Tim’s mail. Any reviews of > https://datatracker.ietf.org/doc/draft-ietf-dprive-dtls-and-tls-profiles/ > would be much appreciated to try to wind up the WGLC asap.
I just reviewed this draft. I think it is ready, and I would be happy if it was published as is. My only wish is for a bit more description of the interaction between policy and configuration. The selection of the strict or opportunistic profile is only one element in the configuration of the DNS client for privacy, the other element being obviously the choice of the DNS server. The strict mode, in particular, ought to depend on configuring a set of servers that the client will accept to trust -- but even the opportunistic mode depends on that to a degree. This is quite different from the current practice, in which DNS servers are configured by untrusted processes. It would be nice if we had a blow-by-blow example of how that's supposed to work. -- Christian Huitema _______________________________________________ dns-privacy mailing list [email protected] https://www.ietf.org/mailman/listinfo/dns-privacy
