On 25 Jul 2018, at 18:07, Paul Wouters wrote:
On Jul 25, 2018, at 12:37, Paul Hoffman <[email protected]>
wrote:
Some resolver operators have recently spoken of a new use case:
giving assurance of results in unsigned zones, and assurance of child
NS and glue records in signed zones. This use case is not about
privacy.
That should not be considered a valid use case for privacy or
otherwise.
No one should trust data delivered over the internet without origin
security, regardless of which protocol we are talking about.
This use case has origin security. That is, the authoritative server
must be fully authenticated. It is similar to web content over TLS.
--Paul
_______________________________________________
dns-privacy mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dns-privacy
