Re: TLS Statistics

[rainer]

Am 2023-08-02 08:43, schrieb Ritterhoff, Florian:

Hello everyone,

we have activated DoT and DoH for a few days. We would like to make a
statement regarding the use.

Unfortunately, we are currently unable to find any explicit statistics
or explicit log attribute or similar that would allow conclusions
about the use of TLS.
Can someone possibly help here?



In theory, you could probably use bro/zeek to generate these.

I haven't looked at this specifically, but I recently used it to make 
statistics about who still uses TLS 1.0 and 1.1 on our mailservers 
(before we shut it off).



Rainer
--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from 
this list

ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.


bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: TLS Statistics

[Arsen STASIC]

Hi,

we stumbled over the same issue and we didn't want to wait for the change
request to be implemented so we run DoT as a separate process. Running two
or more named processes has a downside if they are operated in recursive
mode, the cache isn't shared and therefor provably not as hot. This
should also work with DoH by starting a third process.

cheers,
Arsen

* Richard T.A. Neal  [2023-08-02 08:00 (+)]:
> Hi Florian,
> 
> This feature doesn’t yet exist but is tentatively planned for the 9.19.x 
> timeframe. You can see more about it here:
> https://gitlab.isc.org/isc-projects/bind9/-/issues/2748
> 
> Best,
> 
> Richard.
> 
> From: bind-users  On Behalf Of Ritterhoff, 
> Florian
> Sent: Wednesday, August 2, 2023 7:43 AM
> To: bind-users@lists.isc.org
> Subject: TLS Statistics
> 
> Hello everyone,
> 
> 
> we have activated DoT and DoH for a few days. We would like to make a 
> statement regarding the use.
> 
> 
> Unfortunately, we are currently unable to find any explicit statistics or 
> explicit log attribute or similar that would allow conclusions about the use 
> of TLS.
> Can someone possibly help here?
> 
> 
> Best regards
> Florian Ritteroff
> --
> Florian Ritterhoff - Zentrale IT
> Hochschule München University of Applied Sciences
> Lothstraße 34, 80335 München, G2.21a
> T +49 89 1265-1745
> 
-- 
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from 
this list

ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.


bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: TLS Statistics

[Mark Elkins via bind-users]

Seems like an excellent idea.
I've added  an additional "Thumbs Up" to the ISC web page linked below. 
Perhaps others might do the same so this already two year old idea can 
be implemented a bit sooner?


On 2023/08/02 10:00, Richard T.A. Neal wrote:


Hi Florian,

This feature doesn’t yet exist but is tentatively planned for the 
9.19.x timeframe. You can see more about it here:


https://gitlab.isc.org/isc-projects/bind9/-/issues/2748 



Best,

Richard.

*From:*bind-users  *On Behalf Of 
*Ritterhoff, Florian

*Sent:* Wednesday, August 2, 2023 7:43 AM
*To:* bind-users@lists.isc.org
*Subject:* TLS Statistics

Hello everyone,



we have activated DoT and DoH for a few days.We would like to make a 
statement regarding the use.




Unfortunately, we are currently unable to find any explicit statistics 
or explicit log attribute or similar that would allow conclusions 
about the use of TLS.


Can someone possibly help here?



Best regards

Florian Ritteroff

--
Florian Ritterhoff - Zentrale IT
Hochschule München University of Applied Sciences
Lothstraße 34, 80335 München, G2.21a
T +49 89 1265-1745



--

Mark James ELKINS  -  Posix Systems - (South) Africa
m...@posix.co.za   Tel: +27.826010496 
For fast, reliable, low cost Internet in ZA: https://ftth.posix.co.za 




-- 
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from 
this list

ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.


bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

RE: TLS Statistics

[Richard T.A. Neal]

Hi Florian,

This feature doesn’t yet exist but is tentatively planned for the 9.19.x 
timeframe. You can see more about it here:
https://gitlab.isc.org/isc-projects/bind9/-/issues/2748

Best,

Richard.

From: bind-users  On Behalf Of Ritterhoff, 
Florian
Sent: Wednesday, August 2, 2023 7:43 AM
To: bind-users@lists.isc.org
Subject: TLS Statistics

Hello everyone,


we have activated DoT and DoH for a few days. We would like to make a statement 
regarding the use.


Unfortunately, we are currently unable to find any explicit statistics or 
explicit log attribute or similar that would allow conclusions about the use of 
TLS.
Can someone possibly help here?


Best regards
Florian Ritteroff
--
Florian Ritterhoff - Zentrale IT
Hochschule München University of Applied Sciences
Lothstraße 34, 80335 München, G2.21a
T +49 89 1265-1745

-- 
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from 
this list

ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.


bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users