On Mon, Nov 04, 2019 at 08:20:05AM -0800, Tommy Pauly <[email protected]> wrote a message of 45 lines which said:
> However, there are a couple reasons we're interested in having DoH > servers directly support receiving Oblivious queries: Ok, but these reasons should be put in the draft (may be in an appendix), to avoid repeated questions. > Tor is also meant as a generic connection-level anonymity system, > and thus seems overly complex for the purpose of proxying a > request/response protocol such as DNS. On the other hand, it has been well-examined, well-checked and well-attacked so we know the trust we can put in it. A new cryptography protocol is always risky. There have been exactly the same discussion at the beginning of DPRIVE about the encryption layer for DNS. The proponents of TLS (which won, and gave RFC 7858) mentioned the fact that TLS was battle-hardened and well studied, the adversaries preferred a more DNS-friendly protocol, such as draft-wijngaards-dnsop-confidentialdns. _______________________________________________ dns-privacy mailing list [email protected] https://www.ietf.org/mailman/listinfo/dns-privacy
