> On 31 Mar 2021, at 13:33, Brian Haberman <[email protected]> wrote: > > I was wondering the same thing. 8806 would definitely preclude the need > to support encryption at the root.
This is one of the things that puzzles me about the current discussion. The WG seems to be pushing TLS-based solutions and ignoring/dismissing other options. For instance RFC8806 or QNAME minimisation may well yield good enough privacy outcomes with fewer moving parts or operational impacts. We’d know these trade-offs if the WG was willing to do a threat model and/or risk analysis to provide more clarity about what problem(s) need solving. We all want better privacy of course. For some definition of privacy. But what does that actually mean in the context of queries to authoritative servers at the root or TLDs? And is TLS the *only* game in town? _______________________________________________ dns-privacy mailing list [email protected] https://www.ietf.org/mailman/listinfo/dns-privacy
