All, An updated version of draft-hzpa-dprive-xfr-over-tls has been submitted which contains much more detail on data flows, authentication mechanisms and other issues than the previous version.
Feedback and review welcomed. Best regards Sara. > Begin forwarded message: > > From: [email protected] > Subject: New Version Notification for draft-hzpa-dprive-xfr-over-tls-02.txt > Date: 8 July 2019 at 18:27:36 BST > To: "Sara Dickinson" <[email protected]>, "Han Zhang" <[email protected]>, > "Willem Toorop" <[email protected]>, "Allison Mankin" > <[email protected]>, "Pallavi Aras" <[email protected]> > > > A new version of I-D, draft-hzpa-dprive-xfr-over-tls-02.txt > has been successfully submitted by Sara Dickinson and posted to the > IETF repository. > > Name: draft-hzpa-dprive-xfr-over-tls > Revision: 02 > Title: DNS Zone Transfer-over-TLS > Document date: 2019-07-08 > Group: Individual Submission > Pages: 18 > URL: > https://www.ietf.org/internet-drafts/draft-hzpa-dprive-xfr-over-tls-02.txt > Status: > https://datatracker.ietf.org/doc/draft-hzpa-dprive-xfr-over-tls/ > Htmlized: https://tools.ietf.org/html/draft-hzpa-dprive-xfr-over-tls-02 > Htmlized: > https://datatracker.ietf.org/doc/html/draft-hzpa-dprive-xfr-over-tls > Diff: > https://www.ietf.org/rfcdiff?url2=draft-hzpa-dprive-xfr-over-tls-02 > > Abstract: > DNS zone transfers are transmitted in clear text, which gives > attackers the opportunity to collect the content of a zone by > eavesdropping on network connections. The DNS Transaction Signature > (TSIG) mechanism is specified to restrict direct zone transfer to > authorized clients only, but it does not add confidentiality. This > document specifies use of DNS-over-TLS to prevent zone contents > collection via passive monitoring of zone transfers. > > > > > Please note that it may take a couple of minutes from the time of submission > until the htmlized version and diff are available at tools.ietf.org. > > The IETF Secretariat >
_______________________________________________ dns-privacy mailing list [email protected] https://www.ietf.org/mailman/listinfo/dns-privacy
