Hi all,

Based on the feedback received at IETF-104, we have updated the draft 
https://tools.ietf.org/html/draft-reddy-dprive-bootstrap-dns-server-03.  
Comments, suggestions, and questions are more than welcome.

As a reminder, the draft discusses procedure to automatically bootstrap 
endpoints to discover and authenticate DNS-over-(D)TLS and DNS-over-HTTPS 
servers provided by a local network.

Major updates are:

1. Removed the use of Explicit Trust Anchor.
2. Updated the PAKE scheme.
3. Added EST server discovery procedure
4. A new privacy certificate extension is defined that identifies the privacy 
preserving data policy of the DNS server.
5. Configuring authentication domain name (ADN) and associating the DNS server 
certificate (similar to PKIX-EE(1) defined in DANE).

Cheers,
-Tiru


From: <[email protected]<mailto:[email protected]>>
Date: Tue, 7 May 2019 at 20:27
Subject: New Version Notification for 
draft-reddy-dprive-bootstrap-dns-server-03.txt
To: Mohamed Boucadair 
<[email protected]<mailto:[email protected]>>, 
Tirumaleswar Reddy <[email protected]<mailto:[email protected]>>, Dan Wing 
<[email protected]<mailto:[email protected]>>, Michael C. Richardson 
<[email protected]<mailto:mcr%[email protected]>>



A new version of I-D, draft-reddy-dprive-bootstrap-dns-server-03.txt
has been successfully submitted by Tirumaleswar Reddy and posted to the
IETF repository.

Name:           draft-reddy-dprive-bootstrap-dns-server
Revision:       03
Title:          A Bootstrapping Procedure to Discover and Authenticate 
DNS-over-(D)TLS and DNS-over-HTTPS Servers
Document date:  2019-05-07
Group:          Individual Submission
Pages:          21
URL:            
https://www.ietf.org/internet-drafts/draft-reddy-dprive-bootstrap-dns-server-03.txt
Status:         
https://datatracker.ietf.org/doc/draft-reddy-dprive-bootstrap-dns-server/
Htmlized:       
https://tools.ietf.org/html/draft-reddy-dprive-bootstrap-dns-server-03
Htmlized:       
https://datatracker.ietf.org/doc/html/draft-reddy-dprive-bootstrap-dns-server
Diff:           
https://www.ietf.org/rfcdiff?url2=draft-reddy-dprive-bootstrap-dns-server-03

Abstract:
   This document specifies mechanisms to automatically bootstrap
   endpoints (e.g., hosts, Customer Equipment) to discover and
   authenticate DNS-over-(D)TLS and DNS-over-HTTPS servers provided by a
   local network.




Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at 
tools.ietf.org<http://tools.ietf.org>.

The IETF Secretariat
_______________________________________________
dns-privacy mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dns-privacy

Reply via email to