Ondřej Surý <[email protected]> writes:

> The malicious server can just say "nope, this is new".

Agreed, it does not prevent someone in the middle from doing what we're
already heading to: TCP always and all data always.

That wasn't the point.  90% of the requests that would be transmitted
over TCP every 5 minutes.  If someone the middle really wanted that to
continue, I agree you're stuck.  But if most of the parties on the
planet do play nicely (and most do) then we can greatly reduce the
potential traffic levels.

> I believe it is dangerous to say "it is ok to deploy PQC algorithms with
> large signatures" because we have these optimizations.

I don't think I ever said that.

> The fact is that we either need a PQC algorithm that will be
> size-suitable for DNS or we will have to brace for the impact of
> completely switching to TCP.

The top of my document lays out an argument that:

1. we better accept TCP is coming
2. but we may try to reduce the amount of traffic we do send to mitigate
some of that impact.

-- 
Wes Hardaker
Google

_______________________________________________
DNSOP mailing list -- [email protected]
To unsubscribe send an email to [email protected]

Reply via email to