On 11/1/19 1:37 AM, Eric Rescorla wrote: > Hmm..... I think that's only true if you are assuming that the NS > record for the leaf is DNSSEC secured, but that doesn't seem like a > safe assumption.
Generally speaking, I believe it's fine to add assumptions about DNSSEC validation, if that makes the ADoT protocol "better" in some way. (and I expect it will) It seems that DNSSEC will be much easier than this new stuff. By the way, I'm personally not yet 100% convinced by TLS and might e.g. add QUIC into consideration. At least from protocol perspective, as I'm not looking forward to adding yet another protocol to resolver implementations. Still, towards resolvers you almost always have very few connections, so handshakes amortize easily; towards authoritatives the situation is quite different, assuming we don't gravitate towards a small number of huge CDNs (for DNS)... which would bring back arguments from discussions around the privacy of securely tunneling all your queries to one CDN. Note that in any case, connection-based protocols (and adding complexity) will increase relative advantages of larger providers, but I'd personally prefer to minimize this effect. (Though perhaps that's mainly due to not being affiliated with a large one.) --Vladimir _______________________________________________ dns-privacy mailing list [email protected] https://www.ietf.org/mailman/listinfo/dns-privacy
