On Mon, Feb 15, 2021 at 2:36 PM Paul Hoffman <[email protected]> wrote:
> On Feb 15, 2021, at 2:31 PM, Eric Rescorla <[email protected]> wrote: > > The reason is straightforward: if you do not provide authentication for > the server, then you do not have confidentiality in the face of an active > attacker. I'm pretty sure I've said this before, so I'm surprised at the > claim that "no one has given a reason" > > You have indeed said it before, and it is indeed essential if having > confidentiality in the face of an active attacker is required. The draft > has always said that is not a requirement. > Which is one of the reasons I disagree with the draft. However, that's very different from "no one has given a reason". -Ekr
_______________________________________________ dns-privacy mailing list [email protected] https://www.ietf.org/mailman/listinfo/dns-privacy
