On 12/16/19 12:22 PM, Vittorio Bertola wrote: > Incidentally, though it is much easier said than done, I think that being > able to apply different trust models to different types of networks, so that > the OS/application behaves differently when you connect to a random wi-fi in > a cafe than when you connect to the usual network in your home, would really > help in finding possible middle grounds in terms of deployment models.
Trust model: I could imagine each client having a pre-configured *list* of TLS-certificate names trusted for the purpose of encrypted DNS. You might add your ISP's in there or you might not. Then address+port+protocol from DHCP (or any insecure magic) seems fine to me - it only matters whether it "matches" an item on the list... otherwise there would fallback to a public service. For example, some items of the list would also have a configured IP, or perhaps even bootstrapping with the untrusted DNS could be done. Of course, here I'm not trying to address what exactly is the client (I personally prefer OS level) and how exactly the choice is exposed to the human users (a hard question). --Vladimir _______________________________________________ dns-privacy mailing list [email protected] https://www.ietf.org/mailman/listinfo/dns-privacy
