On Tue, Nov 26, 2019 at 10:13 AM Stephane Bortzmeyer
wrote:
> On Tue, Nov 26, 2019 at 09:51:14AM -0800,
> Brian Dickson wrote
> a message of 98 lines which said:
>
> > However, if the only place the client is able to establish an
> > encrypted path to is a forwarder, this leave open the
On Tue, Nov 26, 2019 at 9:35 AM Phillip Hallam-Baker
wrote:
> This notion of DNS resolver discovery seems very strange to me.
>
The larger issue (and the one I am interested in finding solutions for) is
that what is configured as a 'resolver', might actually be a 'forwarder'.
I.e. the path is
On Tue, Nov 26, 2019 at 09:51:14AM -0800,
Brian Dickson wrote
a message of 98 lines which said:
> However, if the only place the client is able to establish an
> encrypted path to is a forwarder, this leave open the possibility
> that the forwarder->(forwarder->[...])->resolver might involve
On Tue, Nov 26, 2019 at 1:08 PM Stephane Bortzmeyer
wrote:
> On Tue, Nov 26, 2019 at 12:35:13PM -0500,
> Phillip Hallam-Baker wrote
> a message of 166 lines which said:
>
> > 2) Admin/User Configured DNS
> > The client obtains the information to connect to a resolver through
> an
> >
This notion of DNS resolver discovery seems very strange to me. There are
three ways in which a DNS resolver can be realistically determined by a
client whether that is in the platform (Windows/OSX/Linux/etc) or the
application.
1) Promiscuous DNS
The client obtains the information to connect
On Tue, Nov 26, 2019 at 12:35:13PM -0500,
Phillip Hallam-Baker wrote
a message of 166 lines which said:
> 2) Admin/User Configured DNS
> The client obtains the information to connect to a resolver through an
> Administrator or User configuration action. This may be inserting an IP
>