Hi dkg, On 12/10/18 9:55 AM, Daniel Kahn Gillmor wrote: > On Wed 2018-12-05 10:35:20 -0500, Brian Haberman wrote: >> I think it would be quite useful if someone were to explore the use of >> message layer security in the context of DNS. That could be one of the >> ones you listed above or it could be the work in MLS. Or even Double >> Ratchet. >> >> If any of these helped reduce the potential state management problem for >> DNS authoritative servers, that would be a major benefit IMO. > > It's not clear to me that MLS has significantly less state to manage > than TLS 1.3. Indeed, it might require *more* state management. Can > you point to information that suggests there is less of a burden of > state for MLS implementations? Is statefulness the main concern you're > trying to address?
State management has been a common theme for some people's concerns. At this time, I don't think we have a solid view on whether state is the highest priority, but it certainly gets a lot of attention. As for MLS, I think the quick exchange with Paul W. has led to MLS not looking like a good fit. I mentioned it for completeness when message layer security was raised. Regards, Brian
signature.asc
Description: OpenPGP digital signature
_______________________________________________ dns-privacy mailing list dns-privacy@ietf.org https://www.ietf.org/mailman/listinfo/dns-privacy