Hi all, We have published https://tools.ietf.org/html/draft-reddy-dprive-dprive-privacy-policy-00 that discusses a mechanism for the DNS server to communicate its cryptographically signed privacy policy information to a DNS client. By evaluating the DNS privacy policy and the signatory, the DNS client can choose to select or avoid a DoT/DoH server if it doesn't comply with the client's privacy expectations.
Comments, suggestions and questions are more than welcome. Cheers, -Tiru ---------- Forwarded message --------- From: <[email protected]<mailto:[email protected]>> Date: Thu, 3 Oct 2019 at 15:59 Subject: New Version Notification for draft-reddy-dprive-dprive-privacy-policy-00.txt To: Tirumaleswar Reddy <[email protected]<mailto:[email protected]>>, Dan Wing <[email protected]<mailto:[email protected]>>, Michael C. Richardson <[email protected]<mailto:mcr%[email protected]>> A new version of I-D, draft-reddy-dprive-dprive-privacy-policy-00.txt has been successfully submitted by Tirumaleswar Reddy and posted to the IETF repository. Name: draft-reddy-dprive-dprive-privacy-policy Revision: 00 Title: DNS server privacy policy with assertion token Document date: 2019-10-03 Group: Individual Submission Pages: 24 URL: https://www.ietf.org/internet-drafts/draft-reddy-dprive-dprive-privacy-policy-00.txt Status: https://datatracker.ietf.org/doc/draft-reddy-dprive-dprive-privacy-policy/ Htmlized: https://tools.ietf.org/html/draft-reddy-dprive-dprive-privacy-policy-00 Htmlized: https://datatracker.ietf.org/doc/html/draft-reddy-dprive-dprive-privacy-policy Abstract: Users want to control how their DNS queries are handled by DNS servers so they can configure their system to use DNS servers that comply with their privacy expectations. This document defines a mechanism for a DNS server to communicate its privacy policy to a DNS client. This communication is cryptographically signed to attest to its authenticity. By evaluating the DNS privacy policy and the signatory, the DNS client can choose a DNS server that best supports its desired privacy policies. The privacy assertion token is particularly useful for DNS-over-TLS and DNS-over-HTTPS servers, both public resolvers and those discovered on the local network. Please note that it may take a couple of minutes from the time of submission until the htmlized version and diff are available at tools.ietf.org<http://tools.ietf.org>. The IETF Secretariat
_______________________________________________ dns-privacy mailing list [email protected] https://www.ietf.org/mailman/listinfo/dns-privacy
