On Thu, Apr 27, 2017 at 2:51 PM, Christian Huitema <[email protected]> wrote:
> > [...] > > Of course, one only gets the privacy benefits if the TLS demuxing is not > based on clear text fields like the SNI or the ALPN. DKG proposes an > heuristic, based on the observation that the first bytes of application > data are enough to differentiate HTTP and DNS. Heuristics like these > have the advantage of being easily deployed. They do have the > inconvenient of affecting the long term evolution of the application > protocols. We may want to look at a robust long term alternative. > Perhaps we should revisit the decision not to encrypt the ALPN extension (NPN redux?). It seems that might have helped use cases like these in the more robust manner. -- Shumon Huque
_______________________________________________ dns-privacy mailing list [email protected] https://www.ietf.org/mailman/listinfo/dns-privacy
