> On Aug 20, 2019, at 9:15 AM, Ben Schwartz > <[email protected]> wrote: > > A similar approach cannot be applied to ADoT. Instead, we must define a > complete, secure, performant ADoT negotiation system inside the DNS. Until > we have such a system defined, ADoT is not possible (except in limited > experiments).
We have a working example of such transition: using the alternate service indication in HTTP to transition to HTTP 2 or to QUIC. The key there is to consider the problem as a transition from old and insecure to new and secure and to effect that transition over time. Perform a regular query over UDP or TLS, obtain additional information that DoT or DoH could have been used, remember that for next time. Yes, that means that the first transaction is not protected. But then if we delay transition many more transactions are also unprotected. I like the idea of a progressive transition without disruption. -- Christian Huitema _______________________________________________ dns-privacy mailing list [email protected] https://www.ietf.org/mailman/listinfo/dns-privacy
