irst
starting to talk about operational implications, I say "this happens all the
time, and the IETF is well used to it".
Sincerely, Hugo Connery
From: Ben Schwartz [bem...@google.com]
Sent: Thursday, 15 August 2019 17:00
To: Hugo Maxwell Conner
I support adoption.
Regards,
Hugo Connery
--
Head of IT, DTU Environment, http://www.env.dtu.dk
From: dns-privacy [dns-privacy-boun...@ietf.org] on behalf of Brian Haberman
[br...@innovationslab.net]
Sent: Wednesday, 27 March 2019 15:29
To:
Hi,
Christian makes a very good point about distributing the DNS query cache out of
the recursive resolver into the clients, which is a privacy boon. However,
that comes at the cost of increased load on the authoritative servers as that
collective recursive resolver cache is not standing
Hi All,
I just wanted to say that the final draft gives me great confidence in the
"collective discussion on merit" process of the IETF.
The final padding strategy document includes the "no padding" option, and
relegates it to an appendix, and also includes the "Full Monty" padding (which
I
Hi Alex,
Thanks so much for adding the Maximal Padding strategy. The section is clear,
the subtitle is humorous, and the final NOT RECOMMENDED gives the strategy its
place.
Regards,
Hugo Connery
--
Head of IT, DTU Environment, http://www.env.dtu.dk
From:
Hi all,
This is the argument that I expected; single port allocation looks
clean, and enables "simple" delivery of processing resources.
That's why we created ports, no? (please flame here, I have no
idea about this historical claim).
The underlying question raised by this lovely proposition
still need the recursive to auth encryption ...
/Hugo
From: Christian Huitema [huit...@huitema.net]
Sent: Friday, 3 June 2016 19:26
To: 'Paul Wouters'; Hugo Maxwell Connery
Cc: dns-privacy@ietf.org
Subject: RE: [dns-privacy] Deployment issues
On Thursday, June
Hi,
I hope the WG will start looking at that "next step".
There are resource issues with running TLS to auth servers.
But, that is easily solved: the people who want to do this
bear the burden, and those that dont get publically shunned
(and possibly dont care).
Hugo Connery
Hi,
I tried to point this out at the beginning;
encrypting connections to local caching resolvers
without encrypting the auth resolver connection
gives the same security as Tor Browser.
But, something is better than nothing. Better for the world
having the "I live in an anonymity
efforts.
Thanks to all for their input, especially Mark (ISC)
and Vixie.
Regards, Hugo Connery
--
Technical University of Denmark
From: Paul Vixie [p...@redbarn.org]
Sent: Monday, 26 January 2015 01:01
To: Christian Grothoff
Cc: Hugo Maxwell Connery; dn
Hi,
Below I show a trivial amount of work for compliance with
draft-grothoff-iesg-special-use-p2p-names by caching
recursive resolvers which have implemented Response
Policy Zones (i.e BIND and numerous others). I am not
claiming that this is the best solution, or that it
is the best way to do
Hi,
There seem to have been issues with problem statements.
My two cents.
Fix the Internet w.r.t pervasive monitoring will not lead,
in 'reasonable' time, to concrete standards.
Instead, groups are formed with a charter, including a limited
scope of field for consideration. Other scopes can
to
run alongside. Anyway...
On 23/10/14 12:36, Hugo Maxwell Connery wrote:
DNS information is clearly public information. But that
does not mean that one needs to publish *who* is accessing
that public data.
Another way in which one could conceivably do that is by issuing
bogus requests, (i.e
Summary:
* I attempt to explain passive dns (I am not an expert)
* passive DNS is very useful in combating abuse of the DNS
* the passive DNS architecture would likely require adjustment
to conform to confidentiality goals
I believe that many members of this discussion do not understand
14 matches
Mail list logo