Hi Tommy, > On 18 Mar 2021, at 17:13, Tommy Pauly <[email protected]> > wrote: > > Mainly, this is relevant for resolvers that directly receive client-generated > queries, are not directly on the local network (and thus already know a lot > about the user), and are in a position where a client can use a proxy to > access them. Large public resolvers do fall into this category, but it isn’t > limited. It could also be the resolvers used for ISPs, carriers, etc.
Can you explain how you think this could also be the resolvers used for ISPs, carriers etc.? To my understanding this draft explicitly excludes the vast majority of them. They are typically *not* public resolvers, and for a proxy not to be colluding with the resolver operator, the proxy would have to be located outside the administrative domain of the ISP/carrier, i.e. outside their network. Perhaps there is some scenario you envisage where third-parties would host and operate proxies within the ISP/Carrier network? Neil _______________________________________________ dns-privacy mailing list [email protected] https://www.ietf.org/mailman/listinfo/dns-privacy
