On Sat, 26 Sep 2020 at 14:39, Eliot Lear <[email protected]> wrote: > Hi Tiru > > On 26 Sep 2020, at 09:39, tirumal reddy <[email protected]> wrote: > > In the home network use case, if the CPE does not support an encrypted DNS > forwarder, endpoint will discover and use the ISP encrypted DNS recursive > server. The CPE will no longer be able to enforce MUD rules. For instance, > Firefox can discover and use Comcast Encrypted DNS recursive server, see > https://tools.ietf.org/id/draft-rescorla-doh-cdisco-00.html. > > > > Not necessarily. That is a matter of signaling between the CPE and the > ISP. >
No, the special use domain name (SUDN) does not require any update to the CPE. The signaling from the endpoint is resolved by the ISP DNS recursive server and, it is not between the CPE and the ISP. -Tiru > > Eliot >
_______________________________________________ OPSAWG mailing list [email protected] https://www.ietf.org/mailman/listinfo/opsawg
