On Nov 26, 2018, at 6:31 AM, Ray Bellis <[email protected]> wrote: > > On 23/11/2018 16:45, Paul Hoffman wrote: > >> The current round of pushback, all of which appeared after the standard was >> finished, seems to mostly be coming from DNS vendors, not ISPs or DNS >> operators. > > There was _plenty_ of pushback when this got presented at UKNOT, > especially among those ISPs that are currently using government- > mandated DNS-based blocking of CAI sites.
Ah! That is interesting to hear. Any links that you have to that would be greatly appreciated. > >> During the development of the DoH standard, people from many DNS vendors >> (including the one you work for) contributed to the spec without objection >> in the WG. > > I wouldn't say it was "without objection", because there were clearly some > significant impedance mismatches to resolve, both between the HTTP and DNS > people, and between the HTTP and DNS protocols. You may feel differently, but I saw no comments during WG or IETF Last Call that indicated that any mismatches still existed. If you feel that they do, the DOH WG is still open, and a draft describing the problems could garner interest. > Personally, I thought we were working on a means to provide an *ad-hoc* > DNS resolution and validation method in certain environments, and along > the way allow JS web-apps to perform proper DNS lookups. Fully agree. That is indeed what the RFC says. > The objections started when we heard that a particular browser vendor > wanted to make this ubiquitous for *all* DNS lookups. Then why aren't the objections aimed at that implementer instead of the spec? Any implementer can misuse any spec badly: that doesn't make the spec itself bad. The operational documents that come to the DNSOP WG are often about those situations. --Paul Hoffman
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ dns-privacy mailing list [email protected] https://www.ietf.org/mailman/listinfo/dns-privacy
