Dear Christian et al,
Hello - I hope this finds you well. Please find an additional section
suggestion and comments for “draft-ietf-dprive-dnsoquic-04”, below. Your
feedback is greatly appreciated.
Best,
Matthew Quick, Verisign
____________________________
9. Privacy Considerations
Justification:
The reference to [I-D.ietf-dprive-rfc7626-bis] is obsoleted when it became
[RFC9076] in July 2021.
Existing Text:
The general considerations of encrypted transports provided in "DNS Privacy
Considerations" [I-D.ietf-dprive-rfc7626-bis] apply to DoQ.
Suggested Text:
The general considerations of encrypted transports provided in "DNS Privacy
Considerations" [RFC9076] apply to DoQ.
____________________________
9.1 Privacy Considerations
Justification:
The reference to [RFC7626] is obsoleted when it became [RFC9076] in July 2021.
Existing Text:
This risk is in fact a subset of the general problem of observing the behavior
of the recursive resolver discussed in "DNS Privacy Considerations" [RFC7626].
Suggested Text:
This risk is in fact a subset of the general problem of observing the behavior
of the recursive resolver discussed in "DNS Privacy Considerations" [RFC9076].
____________________________
9. Privacy Considerations
Justification:
The new text only applies to interactions with authoritative name servers, not
stub to recursive, so it fits well as an additional part of Section 9 – Privacy
Considerations. Also, RFC 9076 only mentions QNAME minimization, so it’s
helpful to have a separate place to expand the explanation of data privacy.
New Section Suggested Text:
9.5. Relationship with Minimization Techniques
QNAME minimization [RFC7816] reduces the sensitive information exchanged to
only what’s necessary to perform a requested function. This reduces the risk of
disclosure to both outside and inside parties, with no operational impact on
the receiver. Additional minimization methods include NXDOMAIN cut processing
[RFC8020], and aggressive DNSSEC caching [RFC8198].
____________________________
12.2. Informative References
Justification:
This updates the document reference to [I-D.ietf-dprive-rfc7626-bis] and
[RFC7626] to [RFC9076].
Existing Text:
[I-D.ietf-dprive-rfc7626-bis]
Wicinski, T., "DNS Privacy Considerations", draft-ietf-
dprive-rfc7626-bis-09 (work in progress), March 2021.
…
[RFC7626] Bortzmeyer, S., "DNS Privacy Considerations", RFC 7626,
DOI 10.17487/RFC7626, August 2015,
<https://www.rfc-editor.org/info/rfc7626>.
Suggested Text:
[RFC9076] T. Wicinski, "DNS Privacy Considerations",
RFC 9076, DOI 10.17487/RFC9076, July 2021,
<https://www.rfc-editor.org/info/rfc9076>.
Matthew Quick
Senior Engineer
Industry Standards & Technical Engagement
[email protected]<mailto:[email protected]>
571.732.6173
[signature_817490243]
12061 Bluemont Way, Reston, VA 20190
_______________________________________________
dns-privacy mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dns-privacy
