On Dec 5, 2018, at 7:35 AM, Brian Haberman <[email protected]> wrote: > I think it would be quite useful if someone were to explore the use of > message layer security in the context of DNS.
That's my intention. > That could be one of the > ones you listed above or it could be the work in MLS. What does MLS bring to the table that is not in the already-standardized formats? > Or even Double > Ratchet. I thought that double ratchet was for online protocols, not message protocols. > If any of these helped reduce the potential state management problem for > DNS authoritative servers, that would be a major benefit IMO. It would be good to hear the needs of both sides first. HTTP over TLS has proven that it is quite possible to use an online security protocol even for lots of short messages. Amortizing the big CPU calculations may counterbalance the cost of the state management, or it might not. --Paul Hoffman
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ dns-privacy mailing list [email protected] https://www.ietf.org/mailman/listinfo/dns-privacy
