On Tue, Dec 13, 2016 at 03:22:50PM +0000, Sara Dickinson <[email protected]> wrote a message of 51 lines which said:
> > I'm still a bit concerned about the issue of detection (that there > > is an attack). Detection for passive attacks is only possible if > > there is a prior history, unlike the detection for active attacks, ... > I was trying to indicate that simply using clear text is essentially > the same as an attack because the traffic _can_ be subject to > passive eavesdropping. OK (a bit far-fetched but OK). > Would it help to replace the “N, D” labels in the table with just > “N” and update the text to say “N == no protection, may be subject > to attack” IMHO, no, since, in some cases, there is really the possibility of a detection, for instance if a server was doing encryption before and now refuses, you may suspect an attack (or a downgrade of the server...) _______________________________________________ dns-privacy mailing list [email protected] https://www.ietf.org/mailman/listinfo/dns-privacy
