Good point ("s/new/other" in my definition of "encrypted DNS"). And I agree,
"encrypted DNS" is a superset of "DoH and DoT" but not the other way around.
Thanks,
Tommy
________________________________
From: Joe Abley <[email protected]>
Sent: Thursday, July 25, 2019 10:24 AM
To: Tommy Jensen <[email protected]>
Cc: Martin Hoffmann <[email protected]>; Paul Hoffman
<[email protected]>; dnsop <[email protected]>
Subject: Re: [DNSOP] [Ext] I-D Action: draft-hoffman-dns-terminology-ter-01..txt
On Jul 25, 2019, at 19:14, Tommy Jensen
<[email protected]<mailto:[email protected]>>
wrote:
> I still maintain that having descriptive terms should be preferable
over an abundance of abbreviations, particular in documents. In this
case, why not "classic DNS" or "traditional DNS"? Likewise, "encrypted
DNS" instead of DoTH.
I agree with "encrypted DNS" because that makes the meaning (DoH or DoT or X :
X is some new way to encrypt DNS) clear when it is intended
Like DNSCrypt with UDP transport?
Or like an apex TXT record that contains a one-time token to authenticate a
zone to a service?
I spent some time this week at the Africa DNS Forum in Botswana promoting the
idea that the concept of "DNS Security" is usefully more broad than just
DNSSEC. Perhaps we need a corresponding effort to broaden "DNS Encryption"
beyond DoH and DoT?
Joe
_______________________________________________
DNSOP mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dnsop
