Hello Christian, great to see this – i remember when i mentioned QUIC as an option during the DNS-over-HTTP Bar BoF in Seoul i got quite a few weird looks :). I like this. It looks like a logical choice somewhere „between“ TLS and DTLS.
I have some background on Section 6.5 (Padding) – back when we specified DNS over TLS, we had a similar discussion whether to pad on the DNS or the transport (TLS, in that case) layer. We decided in that case that padding on the DNS layer is preferred, since it allows for greater control by the application. This was actually the reason RFC 7830 was created in the first place. The situation might be different for QUIC as there’s a tighter coupling between transport and application, though padding on the DNS layer would allow re-using the ongoing research and specification work in DPRIVE. (Disclaimer: I know little about the current state of such research for QUIC). best, Alex Von: dns-privacy [mailto:[email protected]] Im Auftrag von Christian Huitema Gesendet: Montag, 10. April 2017 19:23 An: [email protected]; [email protected] Betreff: [dns-privacy] Fwd: Fwd: New Version Notification for draft-huitema-quic-dnsoquic-00.txt [x_phishing] FYI: Just published this draft describing transport of DNS over a dedicated QUIC connection. -- Christian Huitema -------- Forwarded Message -------- Subject: New Version Notification for draft-huitema-quic-dnsoquic-00.txt Date: Mon, 10 Apr 2017 09:45:37 -0700 From: [email protected]<mailto:[email protected]> To: Melinda Shore <[email protected]><mailto:[email protected]>, Sara Dickinson <[email protected]><mailto:[email protected]>, Christian Huitema <[email protected]><mailto:[email protected]>, Allison Mankin <[email protected]><mailto:[email protected]>, Janardhan Iyengar <[email protected]><mailto:[email protected]>, Jana Iyengar <[email protected]><mailto:[email protected]> A new version of I-D, draft-huitema-quic-dnsoquic-00.txt has been successfully submitted by Christian Huitema and posted to the IETF repository. Name: draft-huitema-quic-dnsoquic Revision: 00 Title: Specification of DNS over QUIC Document date: 2017-04-10 Group: Individual Submission Pages: 18 URL: https://www.ietf.org/internet-drafts/draft-huitema-quic-dnsoquic-00.txt Status: https://datatracker.ietf.org/doc/draft-huitema-quic-dnsoquic/ Htmlized: https://tools.ietf.org/html/draft-huitema-quic-dnsoquic-00 Htmlized: https://datatracker.ietf.org/doc/html/draft-huitema-quic-dnsoquic-00 Abstract: This document describes the use of QUIC to provide transport privacy for DNS. The encryption provided by QUIC has similar properties to that provided by TLS, while QUIC transport eliminates the head-of- line blocking issues inherent with TCP and provides more efficient error corrections than UDP. DNS over QUIC has privacy properties similar to DNS over TLS specified in RFC7858, and performance similar to classic DNS over UDP. Please note that it may take a couple of minutes from the time of submission until the htmlized version and diff are available at tools.ietf.org. The IETF Secretariat
_______________________________________________ dns-privacy mailing list [email protected] https://www.ietf.org/mailman/listinfo/dns-privacy
