> > ### S4.6.3 or S8
> >
> > * I think a very important caveat here is when a node running its own
> > recursive resolver has just joined a network and not yet completed any
> > captive portal probes. Initiating encrypted transport connections prior
> > to satisfying the captive portal testing
Erik Kline has entered the following ballot position for
draft-ietf-dprive-unilateral-probing-12: No Objection
When responding, please keep the subject line intact and reply to all
email addresses included in the To and CC lines. (Feel free to cut this
introductory paragraph, however.)
Please
Erik Kline has entered the following ballot position for
draft-ietf-dprive-dnsoquic-10: Yes
When responding, please keep the subject line intact and reply to all
email addresses included in the To and CC lines. (Feel free to cut this
introductory paragraph, however.)
Please refer to
https
Sara,
Thanks very much!
(After listening to Allison's talk at DNS OARC 35 tonight, I wonder if
there should be an appendix section with the pronunciation guideline that
"XoT" is pronounced "zot". ;-) )
___
dns-privacy mailing list
dns-privacy@ietf.org
g/arch/msg/tls-reg-review/JHoSPXIITFZx43PePWu2Kw-yAOs/
> et seq.
>
> -Ben
>
> On Tue, May 04, 2021 at 09:33:03PM -0700, Erik Kline wrote:
> > When I went to go find where the "dot" ALPN came from I couldn't find it
> > easily.
> >
> > The IANA reg
When I went to go find where the "dot" ALPN came from I couldn't find it
easily.
The IANA registry said 7858, but when we did DoT for Android I didn't
remember any ALPN text, and I couldn't find it in 7858. Nor could I find
it in 8310. Perhaps I just wasn't paying close enough attention.
___
Erik Kline has entered the following ballot position for
draft-ietf-dprive-xfr-over-tls-11: Yes
When responding, please keep the subject line intact and reply to all
email addresses included in the To and CC lines. (Feel free to cut this
introductory paragraph, however.)
Please refer to https
On Tue, Mar 30, 2021 at 5:33 PM Stephen Farrell
wrote:
>
> Hiya,
>
> On 31/03/2021 01:24, Eric Rescorla wrote:
> > As I said earlier, this seems overly conservative given our experience
> with
> > large scale TLS-based services.
>
> For the root servers, I don't get why QNAME minimisation
> isn't
On Tue, Mar 30, 2021 at 5:01 PM Rob Sayre wrote:
> On Tue, Mar 30, 2021 at 7:49 AM Hollenbeck, Scott 40verisign@dmarc.ietf.org> wrote:
>
>> This is worth reading:
>>
>> https://root-servers.org/media/news/Statement_on_DNS_Encryption.pdf
>
>
> I am not sure I agree it is worth reading.
>
> Wh
Erik Kline has entered the following ballot position for
draft-ietf-dprive-rfc7626-bis-06: Yes
When responding, please keep the subject line intact and reply to all
email addresses included in the To and CC lines. (Feel free to cut this
introductory paragraph, however.)
Please refer to https
On Tue, 20 Aug 2019 at 03:13, Iain Sharp wrote:
> Thanks for the informative replies.
>
> The use cases I was thinking of are similar to those outlined by Bob and
> Stephen. Hypothetically, there might also be scenarios where the
> application wishes the DNS to be done without security (e.g. for
On Tue, 7 May 2019 at 14:07, Thomas Peterson
wrote:
> If a mechanism that facilitates certificate validation is important then
> the only two options I believe we have are:
>
> A: Providing a host name only within the option, and expect clients to
> use Do53 to resolve it, performing host name va
On Thu, 27 Dec 2018 at 08:33, Stephane Bortzmeyer wrote:
> On Fri, Dec 21, 2018 at 06:59:43PM -0800,
> manu tman wrote
> a message of 43 lines which said:
>
> > As some you already know, Cloudflare and Facebook have been running a
> pilot
> > on using DoT between Cloudflare DNS and Facebook au
On 13 April 2018 at 02:23, Paul Hoffman wrote:
> On 12 Apr 2018, at 9:59, Brian Haberman wrote:
>
>> Erik Kline posted about this about a month ago on this list. In general,
>> I think this appears to have some interest behind it.
>
>
> Gh, I can't believe I
Charter 2.1 looks fine to me.
On 5 April 2018 at 12:44, Brian Haberman wrote:
> Tim & I are still looking for feedback on this updated charter. Please
> chime in or we will have to close the WG down.
>
> Brian
>
>
> On 3/21/18 9:44 AM, Brian Haberman wrote:
>> Slightly updated text to capture a m
I'm expecting to die a thousand deaths for this question, but...
TL;DR: Should we have some kind of URI schemes for encrypted DNS
protocols (i.e. identifying the transport)?
--
The motivation for this comes from working on adding DNS-over-TLS
support into Android.
Background: an app can always
16 matches
Mail list logo