On Feb 15, 2021, at 2:31 PM, Eric Rescorla <[email protected]> wrote: > The reason is straightforward: if you do not provide authentication for the > server, then you do not have confidentiality in the face of an active > attacker. I'm pretty sure I've said this before, so I'm surprised at the > claim that "no one has given a reason"
You have indeed said it before, and it is indeed essential if having confidentiality in the face of an active attacker is required. The draft has always said that is not a requirement. > This doesn't sound like a very good idea to me. IMO we should only specify a > protocol that authenticates the server. Who do you mean by "we" in that sentence? So far, no one has specified a first draft of such a proposal, even after repeated requests over many months. --Paul Hoffman
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ dns-privacy mailing list [email protected] https://www.ietf.org/mailman/listinfo/dns-privacy
