Re: [dns-privacy] I-D Action: draft-ietf-dprive-start-tls-for-dns-00.txt

2015-05-18 Thread Phillip Hallam-Baker
On Mon, May 18, 2015 at 6:51 AM, Christian Grothoff wrote: > On 05/15/2015 01:35 PM, Phillip Hallam-Baker wrote: > > Any DNSvNext protocol MUST work in 100% of network situations where > > DNS works or else it has 0% of being adopted. > > Dear Phillip, > > Can I hold you to this statement with re

Re: [dns-privacy] I-D Action: draft-ietf-dprive-start-tls-for-dns-00.txt

2015-05-18 Thread Christian Grothoff
On 05/15/2015 01:35 PM, Phillip Hallam-Baker wrote: > Any DNSvNext protocol MUST work in 100% of network situations where > DNS works or else it has 0% of being adopted. Dear Phillip, Can I hold you to this statement with respect to this network situation where DNS "works": http://code.kryo.se/io

Re: [dns-privacy] I-D Action: draft-ietf-dprive-start-tls-for-dns-00.txt

2015-05-18 Thread Simon Josefsson
Phillip Hallam-Baker writes: >> > Google is currently working on HTTP over UDP to shave a second of page >> load >> > times. This group is working is proposing to move the most latency >> critical >> > interaction from UDP to TLS. >> >> Some people here pointed out that the initial goal is for st

Re: [dns-privacy] I-D Action: draft-ietf-dprive-start-tls-for-dns-00.txt

2015-05-18 Thread Phillip Hallam-Baker
On Mon, May 18, 2015 at 6:37 AM, Simon Josefsson wrote: > Phillip Hallam-Baker writes: > > > Any DNSvNext protocol MUST work in 100% of network situations where DNS > > works or else it has 0% of being adopted. > > That's simply impossible. A goal like that will just distract us. It is comple

Re: [dns-privacy] How many mechanisms in draft-ietf-dprive-start-tls-for-dns?

2015-05-18 Thread Simon Josefsson
Paul Hoffman writes: >> That approach is what dual-stack IPv4+IPv6 applications did before >> people realized defining "fails" is non-trivial and came up with the >> happy eyeballs approach to let the quickest path win, and not bother >> waiting for the "fail" to be determined. > > And if we late

Re: [dns-privacy] How many mechanisms in draft-ietf-dprive-start-tls-for-dns?

2015-05-18 Thread Simon Josefsson
"Christian Huitema" writes: >> On any other topic I would agree. Breaking DNS should be one of the >> things to worry about. > > Maybe we should make the distinction between "stub resolver" and > "iterative resolver" part of the architecture. This would be very much > the same split as between an

Re: [dns-privacy] I-D Action: draft-ietf-dprive-start-tls-for-dns-00.txt

2015-05-18 Thread Simon Josefsson
Phillip Hallam-Baker writes: > Any DNSvNext protocol MUST work in 100% of network situations where DNS > works or else it has 0% of being adopted. That's simply impossible. A goal like that will just distract us. > Google is currently working on HTTP over UDP to shave a second of page load > t