On Mon, Nov 4, 2019 at 7:32 AM Stephane Bortzmeyer <bortzme...@nic.fr> wrote:
> On Mon, Nov 04, 2019 at 07:12:46AM -0800, > Eric Rescorla <e...@rtfm.com> wrote > a message of 96 lines which said: > > > I'm less worried about the latter because I would expect recursive > > resolvers to generally be operated by people who are able to > > establish their port 853 status. > > Not all resolvers are big boxes in the central datacenter. I may want > to run a resolver on a small box at home even if my ISP blocks port > 853. > Yes, I didn't say "control" it, but "establish" it. My point is that you will generally know which state you are in and not need to do an automatic fallback. -Ekr > > Well, this is why I asked about the threat model. If we care about > > active attack, then this kind of approach does not work well. > > I tend to agree with Stephen Farrell here. If we insist on perfect > resistance to active attackers, we may never deploy anything. I would > suggest something more like "probe 853, remember what it was last time > (to warn the sysadmin about a sudden block), may be allow to whitelist > auth servers that must have DoT". > > For signaling, my personal preference goes to DANE, anyway. >
_______________________________________________ dns-privacy mailing list dns-privacy@ietf.org https://www.ietf.org/mailman/listinfo/dns-privacy