Dear Ondrej,
Thank you for the comments. We do find that there are some proposals on
the DNS-based framework in today’s side meetings. We will get some feedbacks
from IETFers and decide whether side meeting or BoF is a good fit.
Yours,
Jun Zhang
From: Ondřej Surý <[email protected]>
Sent: Monday, March 16, 2026 8:34 AM
To: junzhang <[email protected]>
Cc: [email protected]; Andrzej Duda <[email protected]>; Houda Labiod
<[email protected]>; Maciej Korczynski
<[email protected]>; olivier hureau <[email protected]>
Subject: Re: [DNSOP] New individual draft for discussion: A DNS-Based Framework
for Privacy-Preserving Identity
Hi,
I’ve read this document and this feels to me that you are building a new
protocol
on top of DNS. I believe that best course of action would be to go through a
process
of chartering a new working group if there’s a sufficient number of people
interested
in this (similar to other DNS-based frameworks). The chartering of the new WG
should
start with specifying the problem statement. And I would actually suggest
starting with
having side meeting or BoF first:
BOF Coordination
Meetings<https://wiki.ietf.org/group/iesg/bof-coordination-meetings>
wiki.ietf.org<https://wiki.ietf.org/group/iesg/bof-coordination-meetings>
[cid:[email protected]]<https://wiki.ietf.org/group/iesg/bof-coordination-meetings>
As in, this feels like this is topic that only marginally touches DNS (let’s
put some TXT
in DNS) and if this takes of, I would expect more work to be done than just
this one draft.
Cheers,
Ondrej
On 5. 3. 2026, at 23:29, junzhang
<[email protected]<mailto:[email protected]>>
wrote:
Dear All,
We have submitted one new individual draft for discussion: A DNS-Based
Framework for Privacy-Preserving Identity.
Feedbacks are welcome.
Yours,
Jun Zhang
Name: draft-duda-dnsop-dns-did
Revision: 00
Title: A DNS-Based Framework for Privacy-Preserving Identity
Date: 2026-03-02
Group: Individual Submission
Pages: 8
URL: https://www.ietf.org/archive/id/draft-duda-dnsop-dns-did-00.txt
Status: https://datatracker.ietf.org/doc/draft-duda-dnsop-dns-did/
HTML: https://www.ietf.org/archive/id/draft-duda-dnsop-dns-did-00.html
HTMLized: https://datatracker.ietf.org/doc/html/draft-duda-dnsop-dns-did
Abstract:
This document presents a framework for privacy-preserving identity
management based on DNS, supporting large-scale management of users,
IoT devices, and AI agents. It introduces Self-Certifying
Identifiers (SIDs), User/Service Trustees as trusted proxies, and
leverages DNSSEC-secured TXT records to bind public keys to
identities. The framework enables privacy-by-design, where real
identities are hidden behind trusted entities, through privacy-
preserving intermediarie. Credentials bound to SIDs support role-
based access control, while ephemeral tokens ensure short-lived
authorization. Although initially DNS-dependent, the model can
extend to other directories like DIDs or IPFS. This approach aligns
with zero-trust architectures and supports automated, AI-driven
interactions in future networks.
_______________________________________________
DNSOP mailing list -- [email protected]<mailto:[email protected]>
To unsubscribe send an email to
[email protected]<mailto:[email protected]>
_______________________________________________
DNSOP mailing list -- [email protected]
To unsubscribe send an email to [email protected]
