Thanks for starting the discussion Shane. On 8 August 2016 at 23:41, Shane Kerr <sh...@time-travellers.org> wrote: > My own feeling is that this should be > enough; apparently the recommendation to require TLS was made in the > HTTP/2 working group and rejected, so I am not sure that we need to > re-visit the entire discussion around the DNS over HTTP protocol.
That's the result of a fairly old discussion. You will note that all protocols that use HTTP developed since (a long time ago) all require HTTPS. The reasons that HTTP decided cleartext wasn't prohibited don't apply to a new protocol. Also note that HTTP/2 on the web is - at least to my knowledge - exclusively HTTPS at the moment. The RFC might not mandate encryption, but no one has deployed the unencrypted variant at any real scale. _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop