Hi Daniel
On Thu, Dec 13, 2018 at 02:32:41PM -0500, Daniel Kahn Gillmor wrote:
> The degenerate scenario i'd painted on the call was:
>
> * consider a DPRIVE-capable DNS resolver; for whatever reason, only a
>single request has been made to it since it booted.
>
> * a new cleartext
On Fri 2018-12-14 03:30:29 +0530, Mukund Sivaraman wrote:
> I don't think this way. :) I think it will not support every RFC 1035
> DNS name, but only a subset of it. It should work for every valid name,
> because they are valid names and some application may want it. Why
> settle for hacks when
Hi Mukund--
On Tue 2018-12-11 11:13:39 +0530, Mukund Sivaraman wrote:
> During last night's meeting, there was talk about use of a split-cache -
> one with answers learned from plain transports and another with answers
> learned via secure transports.
I think i was the one that mentioned that
On Tue 2018-12-11 11:08:06 +0530, Mukund Sivaraman wrote:
> 1. The RDATA of an NS record has to be a hostname, so it would limit the
> amount of data that can be encoded within the NSDNAME. As an example,
> base32 encoding is not possible.
why is base32 encoding not possible for a hostname?
just
On Thu, Dec 13, 2018 at 04:21:39PM -0500, Daniel Kahn Gillmor wrote:
> Hi Mukund--
>
> thanks for your prompt followup!
>
> On Fri 2018-12-14 02:22:12 +0530, Mukund Sivaraman wrote:
> > The trailing '='s are part of the base32 encoding.
> >
> > [muks@naina ~]$ echo -n
> >
Hi Daniel
First, thank you for replying. I wondered if I'd said something
completely wrong. :)
On Thu, Dec 13, 2018 at 01:50:39PM -0500, Daniel Kahn Gillmor wrote:
> On Tue 2018-12-11 11:08:06 +0530, Mukund Sivaraman wrote:
> > 1. The RDATA of an NS record has to be a hostname, so it would limit
Hi Mukund--
thanks for your prompt followup!
On Fri 2018-12-14 02:22:12 +0530, Mukund Sivaraman wrote:
> The trailing '='s are part of the base32 encoding.
>
> [muks@naina ~]$ echo -n
> "MFRGGZDFMZTWQ2LKNNWG23TPOBYXE43UOV3HO6DZPI3TQOJQGEZA" | base32 -d
>
Hi Paul
On Thu, Dec 13, 2018 at 09:11:52PM +, Paul Hoffman wrote:
> There are many ways to get a key and then compare the hash of the key with
> the hash you get securely from the DNS.
>
> > If it can be
> > demonstrated to work for near-future algorithms (next 2-3 decades), then
> > it's
>
> On Fri 2018-12-14 02:22:12 +0530, Mukund Sivaraman wrote:
> > The trailing '='s are part of the base32 encoding.
> >
> > [muks@naina ~]$ echo -n
> "MFRGGZDFMZTWQ2LKNNWG23TPOBYXE43UOV3HO6DZPI3TQOJQGEZA" | base32 -d
> > abcdefghijklmnopqrstuvwxyz789012[muks@naina ~]$ echo -n
>