On 24 Sep 2018, at 7:08, Brian Haberman wrote: > All, > I would like the focus for this week (9/24-9/30) to be on > clarifying the requirements from the user's perspective. So far, I have > seen: > > * DNS transaction privacy, if possible > * User willingness to send PII if transaction is encrypted > > Do others have additional requirements?
Not a requirement, but a strong desire: ability for a resolver to efficiently discover whether an authoritative server has privacy enhancements turned on. With that ability, given a list of NS records, a resolver might choose the privacy-enhanced one first. > If you agree with the above, could you describe a scenario to highlight > the requirements? The requirement for "DNS transaction privacy, if possible" is simple: it is known that malicious third parties will snoop the network for DNS traffic, and some resolver operators want to thwart that for the benefit of their customers. --Paul Hoffman
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ dns-privacy mailing list dns-privacy@ietf.org https://www.ietf.org/mailman/listinfo/dns-privacy