> -----Original Message----- > From: Paul Hoffman <paul.hoff...@icann.org> > Sent: Thursday, March 2, 2023 1:48 PM > To: Hollenbeck, Scott <shollenb...@verisign.com> > Cc: dpr...@ietf.org > Subject: [EXTERNAL] Re: [dns-privacy] [Ext] Intended Status for draft-ietf- > dprive-unilateral-probing > > Caution: This email originated from outside the organization. Do not click > links > or open attachments unless you recognize the sender and know the content is > safe. > > On Mar 2, 2023, at 10:11 AM, Hollenbeck, Scott > <shollenbeck=40verisign....@dmarc.ietf.org> wrote: > > > >> -----Original Message----- > >> From: Paul Hoffman <paul.hoff...@icann.org> > >> Sent: Wednesday, March 1, 2023 2:51 PM > >> To: Hollenbeck, Scott <shollenb...@verisign.com> > >> Cc: dpr...@ietf.org > >> Subject: [EXTERNAL] Re: [Ext] [dns-privacy] Intended Status for > > draft-ietf- > >> dprive-unilateral-probing > >> > >> Caution: This email originated from outside the organization. Do not > >> click > > links > >> or open attachments unless you recognize the sender and know the > >> content > > is > >> safe. > >> > >> On Mar 1, 2023, at 10:46 AM, Hollenbeck, Scott > >> <shollenbeck=40verisign....@dmarc.ietf.org> wrote: > >>> After a recent-re-read of draft-ietf-dprive-unilateral-probing and > >>> its > >> normative dependencies, I have a strong belief that the draft > >> describes > > more of > >> an experiment than a Proposed Standard. > >> > >> All protocols before they are deployed are experiments. > >> > >>> The reason we need "opportunistic" and "unilateral" actions is > >>> because > > there > >> are gaps in specification, implementation, and deployment of services > >> for recursive-authoritative encryption. > >> > >> That is not what the WG decided. It decided that opportunistic was > > sufficient for > >> some threat models. Other threat models have the gaps you discuss. > > > > [SAH] WG decisions aren't immutable. I posted this as a proposal for > > reconsideration. > > > >>> Experimental status worked for QNAME minimization. > >> > >> That's irrelevant. > >> > >>> It can work here, too. > >> > >> So could Informational; that is also irrelevant. > > > > [SAH] It's hardly irrelevant given the successful approach taken with > > QNAME minimization. It's a valid example of how Experimental status could > work. > > The experimental status of the original QNAME minimisation document was > due to there being protocol options that the WG thought could not be chosen > between without data from deployments. That is not the case with draft-ietf- > dprive-unilateral-probing. In fact, the opposite is the case: because the > probing > is unilateral, the resolver gets to make its own choices about what is working > and what is not. That's the whole point of the decision ladders in the > document.
[SAH] Perhaps, but this is what the working group's charter says about this topic: "Investigate potential solutions for adding confidentiality to DNS exchanges involving authoritative servers (Experimental)." Experimental. Not Proposed Standard. Scott _______________________________________________ dns-privacy mailing list dns-privacy@ietf.org https://www.ietf.org/mailman/listinfo/dns-privacy
