Can you be more specific on your bullet list? What I mean is that this list seems covered in "Threat Model and Problem Statement" so I am wondering what gaps there may be there, if any. Perhaps just ensuring you are talking to the correct/intended server (the cert issue you note)?
Jason On 10/29/19, 3:08 PM, "dns-privacy on behalf of John Levine" <[email protected] on behalf of [email protected]> wrote: In article <CAOdDvNoUhskQ_x5LWLpuVBy6JoZK03SLfR=njct0bnkgxip...@mail.gmail.com> you write: > >I appreciate the authors kicking off the effort with this draft that >proposes phase 2 requirements. As do I, but it still needs a lot of work. One thing that would help me a lot is matching up the features with what problem they're supposed to solve. * Keeping specific people from seeing your query stream (e.g., your ISP) * Keeping random snoopers from seeing your query stream * The above for particular parts of your query stream, e.g. 2LDs * Being sure you're talking to the right server (the certificate issue) * Other stuff? Depending on what your goal is, you might mix and match other techniques like local mirroring of zones, at least ones that aren't too huge. _______________________________________________ dns-privacy mailing list [email protected] https://www.ietf.org/mailman/listinfo/dns-privacy _______________________________________________ dns-privacy mailing list [email protected] https://www.ietf.org/mailman/listinfo/dns-privacy
