Robert, At 2016-06-11 01:29:09 -0400 Robert Edmonds <edmo...@mycre.ws> wrote:
> Shane Kerr wrote: > > I'm basically thinking that the next step is encrypting the > > resolver-to-authority session, right? Steps beyond that to increase > > privacy are much tricker, since they involve defeating traffic > > analysis, but it seems like encrypting resolver-to-authority is > > more-or-less well understood. > > It seems like you would want to encrypt traffic between AXFR client and > AXFR server as well. Even if the data in a zone is public, being able to > collect the history of a zone (e.g. to be able to tell the exact instant > a particular record of interest was added to it) may be useful to an > attacker. And key distribution between AXFR clients and servers is > probably even more well understood than key distribution between > resolver and authority. Hm... interesting point. Is there any reason not to use DNS over TLS for this purpose? Are there other considerations? (I guess maybe disabling both NOTIFY and IXFR for sensitive zones, as NOTIFY will leak information about the specific timings of zone changes and IXFR will leak information about the size of said changes.) Cheers, -- Shane
pgp6H0As4ZJTv.pgp
Description: OpenPGP digital signature
_______________________________________________ dns-privacy mailing list dns-privacy@ietf.org https://www.ietf.org/mailman/listinfo/dns-privacy
