Hi All, The main updates in this version of the draft are:
* Significantly update descriptions for both AXoT and IXoT for message and connection handling taking into account previous specifications in more detail * Add use of APLN and limitations on traffic on XoT connections. * Add new discussions of padding for both AXoT and IXoT * Add text on SIG(0) * Update security considerations * Move multi-primary considerations to earlier as they are related to connection handling Best regards Sara. > On 13 Jul 2020, at 17:43, [email protected] wrote: > > > A New Internet-Draft is available from the on-line Internet-Drafts > directories. > This draft is a work item of the DNS PRIVate Exchange WG of the IETF. > > Title : DNS Zone Transfer-over-TLS > Authors : Willem Toorop > Sara Dickinson > Shivan Sahib > Pallavi Aras > Allison Mankin > Filename : draft-ietf-dprive-xfr-over-tls-02.txt > Pages : 27 > Date : 2020-07-13 > > Abstract: > DNS zone transfers are transmitted in clear text, which gives > attackers the opportunity to collect the content of a zone by > eavesdropping on network connections. The DNS Transaction Signature > (TSIG) mechanism is specified to restrict direct zone transfer to > authorized clients only, but it does not add confidentiality. This > document specifies use of TLS, rather then clear text, to prevent > zone contents collection via passive monitoring of zone transfers. > > > The IETF datatracker status page for this draft is: > https://datatracker.ietf.org/doc/draft-ietf-dprive-xfr-over-tls/ > > There are also htmlized versions available at: > https://tools.ietf.org/html/draft-ietf-dprive-xfr-over-tls-02 > https://datatracker.ietf.org/doc/html/draft-ietf-dprive-xfr-over-tls-02 > > A diff from the previous version is available at: > https://www.ietf.org/rfcdiff?url2=draft-ietf-dprive-xfr-over-tls-02 > > > Please note that it may take a couple of minutes from the time of submission > until the htmlized version and diff are available at tools.ietf.org. > > Internet-Drafts are also available by anonymous FTP at: > ftp://ftp.ietf.org/internet-drafts/ > > > _______________________________________________ > dns-privacy mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/dns-privacy _______________________________________________ dns-privacy mailing list [email protected] https://www.ietf.org/mailman/listinfo/dns-privacy
