I'm very excited for 0-RTT support in DoQ, but I don't think that text (Section 9.1, Section 5.5) should be in this document. The benefits and risks associated with 0-RTT here have nothing to do with DoQ specifically; they are the same in DoT and DoH.
This working group already has an adopted document with the sole purpose of describing rules for safe use of 0-RTT [1]. I would like to see the text on 0-RTT moved into that document, so the working group can provide consistent guidance on the use of 0-RTT, regardless of transport. --Ben Schwartz [1] https://datatracker.ietf.org/doc/html/draft-ietf-dprive-early-data On Mon, Sep 6, 2021 at 4:01 AM Sara Dickinson <[email protected]> wrote: > Hi All, > > The 04 update to the DNS over QUIC draft includes the following changes: > > * Updated text on repayable transactions, server behaviour when receiving > 0-RTT data and session resumption > * Updated text on privacy issues with 0-RTT data and session resumption > * Updated recommendations on padding > * Updated text on flow control mechanisms > * Transaction Cancellation: Use of STOP_SENDING with new application error > code DOQ_REQUEST_CANCELLATION allows clients to cancel queries > * Request to create a registry for DoQ error codes, following recommended > practice > * Clarifying text on server initiated transactions > > Regards > > Sara. > > > > On 3 Sep 2021, at 17:33, [email protected] wrote: > > > > > > A New Internet-Draft is available from the on-line Internet-Drafts > directories. > > This draft is a work item of the DNS PRIVate Exchange WG of the IETF. > > > > Title : Specification of DNS over Dedicated QUIC > Connections > > Authors : Christian Huitema > > Sara Dickinson > > Allison Mankin > > Filename : draft-ietf-dprive-dnsoquic-04.txt > > Pages : 28 > > Date : 2021-09-03 > > > > Abstract: > > This document describes the use of QUIC to provide transport privacy > > for DNS. The encryption provided by QUIC has similar properties to > > that provided by TLS, while QUIC transport eliminates the head-of- > > line blocking issues inherent with TCP and provides more efficient > > error corrections than UDP. DNS over QUIC (DoQ) has privacy > > properties similar to DNS over TLS (DoT) specified in RFC7858, and > > latency characteristics similar to classic DNS over UDP. > > > > > > The IETF datatracker status page for this draft is: > > https://datatracker.ietf.org/doc/draft-ietf-dprive-dnsoquic/ > > > > There is also an htmlized version available at: > > https://datatracker.ietf.org/doc/html/draft-ietf-dprive-dnsoquic-04 > > > > A diff from the previous version is available at: > > https://www.ietf.org/rfcdiff?url2=draft-ietf-dprive-dnsoquic-04 > > > > > > Internet-Drafts are also available by anonymous FTP at: > > ftp://ftp.ietf.org/internet-drafts/ > > > > > > _______________________________________________ > > dns-privacy mailing list > > [email protected] > > https://www.ietf.org/mailman/listinfo/dns-privacy > > _______________________________________________ > dns-privacy mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/dns-privacy >
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ dns-privacy mailing list [email protected] https://www.ietf.org/mailman/listinfo/dns-privacy
