On 11/20/2018 11:38 AM, Jacques Latour wrote: > +1 & I don't like the path is going as well, and specifically from an > enterprise security point of view. Having DNS resolution that can bypass > traditional enterprise security mechanisms is adding another layer of > complexity to manage, you can't have a free for all in domain name resolution > in enterprise networks. I could go on, but I just want to say " I don't like > the path is going".
Maybe. Over time various entities have developed control techniques that work by limiting which domains are resolved in a particular context, and how they are resolved. But at the same time, the DNS is a widely distributed database accessible through thousands of servers. Given this wide availability, do you really believe that these control techniques are stable in the long run? -- Christian Huitema _______________________________________________ dns-privacy mailing list [email protected] https://www.ietf.org/mailman/listinfo/dns-privacy
