On Aug 16, 2021, at 12:43, Hollenbeck, Scott <[email protected]> wrote: > >> Neither of the proposed protocols have any way for an end user to know >> what part of the recursive-to-authoritative traffic used to answer their >> query >> (if any) was encrypted. > > [SAH] It's not just about end users. Operators who implement and deploy this > technology need to understand its limitations
What would a recursive DNS server do different if the encrypted connection might be reduced to plaintext ? It’s only options are “keep using it” or “fallback to clear text” Paul _______________________________________________ dns-privacy mailing list [email protected] https://www.ietf.org/mailman/listinfo/dns-privacy
