Re: [dns-privacy] Moving things along...

On Fri, Feb 27, 2015 at 5:17 PM, Daniel Kahn Gillmor wrote: > On Thu 2015-02-26 08:57:19 -0500, Phillip Hallam-Baker wrote: > > On Thu, Feb 26, 2015 at 6:35 AM, Neil Cook > wrote: > >> Whilst I don’t deny that ISPs are using middelboxes for things like > >> advertising etc, it should also be poi

Re: [dns-privacy] Moving things along...

On Thu 2015-02-26 08:57:19 -0500, Phillip Hallam-Baker wrote: > On Thu, Feb 26, 2015 at 6:35 AM, Neil Cook wrote: >> Whilst I don’t deny that ISPs are using middelboxes for things like >> advertising etc, it should also be pointed out that many ISPs are concerned >> about security, and may be usin

Re: [dns-privacy] Moving things along...

On Feb 25, 2015, at 4:11 PM, Warren Kumari wrote: > Are you interested on working on CGA-TSIGe and would you like to > devote some (10 minutes) of the meeting time in Dallas to a > presentation / discussion on CGA-TSIGe? No. ___ dns-privacy mailing lis

Re: [dns-privacy] Moving things along...

> On 26 Feb 2015, at 13:57, Phillip Hallam-Baker wrote: > > On Thu, Feb 26, 2015 at 6:35 AM, Neil Cook > wrote: > > I think we are actually in violent agreement here. > Yep, nothing I said is against DPRIV, just wanted to make sure these use case were handled

Re: [dns-privacy] Moving things along...

On Thu, Feb 26, 2015 at 6:35 AM, Neil Cook wrote: I think we are actually in violent agreement here. > On 23 Feb 2015, at 14:20, Phillip Hallam-Baker > wrote: > > > > Busting the DNS middleboxen provided by ISPs to residential users is a > very different matter. They are selling Internet conne

Re: [dns-privacy] Moving things along...

> On 23 Feb 2015, at 14:20, Phillip Hallam-Baker wrote: > > Busting the DNS middleboxen provided by ISPs to residential users is a very > different matter. They are selling Internet connectivity and their customer > has a right to get what they paid for, not a walled garden controlled by the

Re: [dns-privacy] Moving things along...

On Mon, Feb 23, 2015 at 1:04 AM, Hosnieh Rafiee wrote: > > From: dns-privacy [mailto:dns-privacy-boun...@ietf.org] On Behalf Of Phillip > Hallam-Baker > > > We have to avoid loaded terms like minimal changes. What is a minimal change > is a very subjective question. > > > We have middlebox issue

Re: [dns-privacy] Moving things along...

On Mon, Feb 23, 2015 at 1:04 AM, Hosnieh Rafiee wrote: > > From: dns-privacy [mailto:dns-privacy-boun...@ietf.org] On Behalf Of > Phillip Hallam-Baker > > > We have to avoid loaded terms like minimal changes. What is a minimal > change is a very subjective question. > > > We have middlebox issues

Re: [dns-privacy] Moving things along...

From: dns-privacy [mailto:dns-privacy-boun...@ietf.org] On Behalf Of Phillip Hallam-Baker We have to avoid loaded terms like minimal changes. What is a minimal change is a very subjective question. We have middlebox issues. Since a middlebox can't do anything useful to an encrypted message

Re: [dns-privacy] Moving things along...

Responding to Hosnieh: We have to avoid loaded terms like minimal changes. What is a minimal change is a very subjective question. We have middlebox issues. Since a middlebox can't do anything useful to an encrypted message and because my objective is to bypass government censorship schemes, my a

Re: [dns-privacy] Moving things along...

: > > > with almost no clear change on DNS protocol. > > Stop playing with words: if it requires a change in both client and server, it > *is* a change in the protocol (even if the DNS part is unmodified, which is, for > instance, the case with DNS-over-TLS-on-new-port). If it can be deployed > u

Re: [dns-privacy] Moving things along...

On Sun, Feb 22, 2015 at 09:22:51PM +0100, Hosnieh Rafiee wrote a message of 49 lines which said: > with almost no clear change on DNS protocol. Stop playing with words: if it requires a change in both client and server, it *is* a change in the protocol (even if the DNS part is unmodified, wh

Re: [dns-privacy] Moving things along...

Warren, Secauth is different than CGA-TSIGe. CGA-TSIGe is about secure authentication for DNS (not for everything) and encrypting the whole DNS message with almost no clear change on DNS protocol. So this is also can be an option and solution space for Dprive. I don't know what Stephen is sayi

Re: [dns-privacy] Moving things along...

> On 22/02/15 13:04, Hosnieh Rafiee wrote: > >> > A good summary. I've read these CGA-TSIG documents and I still do > >> > not understand the problem it solves, and how. A big explanation > >> > effort, > > starting > >> > from a problem statement, seems necessary. > > Secure authentication + dat

Re: [dns-privacy] Moving things along...

On Sun, Feb 22, 2015 at 2:21 PM, Stephen Farrell wrote: > > > On 22/02/15 13:04, Hosnieh Rafiee wrote: >>> > A good summary. I've read these CGA-TSIG documents and I still do not >>> > understand the problem it solves, and how. A big explanation effort, >> starting >>> > from a problem statement,

Re: [dns-privacy] Moving things along...

On 22/02/15 13:04, Hosnieh Rafiee wrote: >> > A good summary. I've read these CGA-TSIG documents and I still do not >> > understand the problem it solves, and how. A big explanation effort, > starting >> > from a problem statement, seems necessary. > Secure authentication + data encryption > >

Re: [dns-privacy] Moving things along...

> > On Wed, Feb 18, 2015 at 05:45:16PM -0500, Warren Kumari > wrote a message of 101 lines which said: > > > The CGA-TSIG document itself seems to have been shopped around a large > > amount, starting in 2012 -- I see it being pushed in IntArea, SAAG, > > DANE, DNSOP, DNSEXT and DPRIVE. > > >

Re: [dns-privacy] Moving things along...

On Wed, Feb 18, 2015 at 05:45:16PM -0500, Warren Kumari wrote a message of 101 lines which said: > The CGA-TSIG document itself seems to have been shopped around a large > amount, starting in 2012 -- I see it being pushed in IntArea, SAAG, > DANE, DNSOP, DNSEXT and DPRIVE. > > It has been dis

Re: [dns-privacy] Moving things along...

On , Phillip Hallam-Baker wrote: On Wed, Feb 18, 2015 at 3:26 PM, Hosnieh Rafiee wrote: Does it mean that you want to only go with solution to change DNS protocol? You don't want to put any other solution in agenda which doesn't change much the DNS protocol such as cga-tsige. The might be more

Re: [dns-privacy] Moving things along...

Hi Warren, On , Warren Kumari wrote: On Wed, Feb 18, 2015 at 3:26 PM, Hosnieh Rafiee wrote: Does it mean that you want to only go with solution to change DNS protocol? You don't want to put any other solution in agenda which doesn't change much the DNS protocol such as cga-tsige. The might

Re: [dns-privacy] Moving things along...

On Wed, Feb 18, 2015 at 04:50:49PM -0500, Warren Kumari wrote a message of 78 lines which said: > Sorry, I should have been more clear - > draft-hoffman-dprive-dns-tls-* has been combined with the Verisign > document. No, _I_m sorry, I didn't read draft-hzhwm-dprive-start-tls-for-dns-01 yet.

Re: [dns-privacy] Moving things along...

On Wed, Feb 18, 2015 at 3:26 PM, Hosnieh Rafiee wrote: > Does it mean that you want to only go with solution to change DNS protocol? > You don't want to put any other solution in agenda which doesn't change > much > the DNS protocol such as cga-tsige. The might be more examples. > > Best, > Hosn

Re: [dns-privacy] Moving things along...

> > Best, > Hosnieh > > > >> -Original Message- >> From: dns-privacy [mailto:dns-privacy-boun...@ietf.org] On Behalf Of >> Warren Kumari >> Sent: Wednesday, February 18, 2015 8:48 PM >> To: dns-privacy@ietf.org >> Subject: [dns-privacy] Moving th

Re: [dns-privacy] Moving things along...

On Feb 18, 2015, at 11:56 AM, Stephane Bortzmeyer wrote: > On Wed, Feb 18, 2015 at 02:48:25PM -0500, > Warren Kumari wrote > a message of 48 lines which said: > >> We now have 2 primary document sets under consideration: > > What is your assessment of draft-hoffman-dprive-dns-tls-* Ah, sorry,

Re: [dns-privacy] Moving things along...

On Wednesday, February 18, 2015, Stephane Bortzmeyer wrote: > On Wed, Feb 18, 2015 at 02:48:25PM -0500, > Warren Kumari > wrote > a message of 48 lines which said: > > > We now have 2 primary document sets under consideration: > > What is your assessment of draft-hoffman-dprive-dns-tls-* and >

Re: [dns-privacy] Moving things along...

vacy [mailto:dns-privacy-boun...@ietf.org] On Behalf Of > Warren Kumari > Sent: Wednesday, February 18, 2015 8:48 PM > To: dns-privacy@ietf.org > Subject: [dns-privacy] Moving things along... > > Dear DPRIVE, > > Apologies for the lack of momentum - your chairs had gotten s

Re: [dns-privacy] Moving things along...

On Wed, Feb 18, 2015 at 02:48:25PM -0500, Warren Kumari wrote a message of 48 lines which said: > We now have 2 primary document sets under consideration: What is your assessment of draft-hoffman-dprive-dns-tls-* and draft-wijngaards-dnsop-confidentialdns? Lacking a common set of criteria to

[dns-privacy] Moving things along...

Dear DPRIVE, Apologies for the lack of momentum - your chairs had gotten sidetracked by holidays, lots of travel, day-jobs, etc and have not been giving the WG the time it deserves. Getting things moving again, we need to decide on a way forward. We now have 2 primary document sets under conside