Paul Hoffman writes:
> >> During the development of the DoH standard, people from many DNS
> >> vendors (including the one you work for) contributed to the spec
> >> without objection in the WG.
[snip other comments]
One issue with the IETF specifications is that we allow for, and should
allow
In article <57202511-6de3-4bea-b65e-afbcaff40...@bellis.me.uk> you write:
>(I meant UKNOF, not UKNOT)
>
>https://www.youtube.com/watch?v=3tMGD6J04Jk
>
>Sara took a *lot* of off-mic discussion after that session, too.
I gather mandatory DNS blocks like this are common throughout Europe,
with
On 26/11/2018 15:37, Paul Hoffman wrote:
Ah! That is interesting to hear. Any links that you have to that
would be greatly appreciated.
(I meant UKNOF, not UKNOT)
https://www.youtube.com/watch?v=3tMGD6J04Jk
Sara took a *lot* of off-mic discussion after that session, too.
You may feel
On Nov 26, 2018, at 6:31 AM, Ray Bellis wrote:
>
> On 23/11/2018 16:45, Paul Hoffman wrote:
>
>> The current round of pushback, all of which appeared after the standard was
>> finished, seems to mostly be coming from DNS vendors, not ISPs or DNS
>> operators.
>
> There was _plenty_ of
On 23/11/2018 16:45, Paul Hoffman wrote:
The current round of pushback, all of which appeared after the
standard was finished, seems to mostly be coming from DNS vendors,
not ISPs or DNS operators.
There was _plenty_ of pushback when this got presented at UKNOT,
especially among those ISPs
On Nov 23, 2018, at 2:45 AM, Vittorio Bertola
wrote:
>> Please stop with the "IETF is disrupting" stuff. No one forces anyone to use
>> DoT or DoH. Both were features that the user communities asked for, and the
>> user communities will ask for changes when they get deployed.
> Which user
> Il 22 novembre 2018 alle 17.26 Paul Hoffman < paul.hoff...@icann.org
> mailto:paul.hoff...@icann.org > ha scritto:
>
> DoH did not suddenly allow browser vendors to do something new: they've
> been able to do exactly what DoH is standardizing for more than 20 years.
> Saying that
On Nov 22, 2018, at 19:29, Barry Raveendran Greene wrote:
>
>
>
>
> The “trade off” to move the DNS architecture away from residents to privacy
> is going to get people killed.
Since ISPs are doing this themselves already at large scale (use 8.8.8.8
instead of their own), I find the
On Nov 22, 2018, at 4:29 AM, Barry Raveendran Greene wrote:
> The irony is that this work is operationally destabilizing to the Internet
> and Telecom. We’re moving to an environment where the strength of a resilient
> ASN recovering communications in a disaster will be tested over and over
>
On Nov 22, 2018, at 2:03 AM, Vittorio Bertola
wrote:
>
>
>
>> Il 21 novembre 2018 alle 21.17 Christian Huitema ha
>> scritto:
>>
>> You make it sound like some aggressive attack, but it is a trade-off.
>> The IETF is working to enhance the privacy of DNS users,
>
> I'd argue the opposite
> On Nov 21, 2018, at 15:17, Christian Huitema wrote:
>
> You make it sound like some aggressive attack, but it is a trade-off.
> The IETF is working to enhance the privacy of DNS users, and the
> authenticity of DNS responses. Doing so inevitably affects the
> operations that relied on the
> Il 21 novembre 2018 alle 21.17 Christian Huitema ha
> scritto:
>
> You make it sound like some aggressive attack, but it is a trade-off.
> The IETF is working to enhance the privacy of DNS users,
I'd argue the opposite - what the IETF is doing is in the overall reducing the
privacy of
On 11/20/2018 11:39 PM, Vittorio Bertola wrote:
>> Il 21 novembre 2018 alle 5.44 Christian Huitema ha
>> scritto:
>>
>> Maybe. Over time various entities have developed control techniques that
>> work by limiting which domains are resolved in a particular context, and
>> how they are
> Il 21 novembre 2018 alle 5.44 Christian Huitema ha
> scritto:
>
> Maybe. Over time various entities have developed control techniques that
> work by limiting which domains are resolved in a particular context, and
> how they are resolved. But at the same time, the DNS is a widely
>
With dnssec yes. The publisher is then the only one in control. This is why it
is so problematic that the browsers have pushed back instead of working with
the dns people.
When personal VPNs became a thing, it didn’t take long for 90% of the VPN
“apps” to become malicious, redirecting DNS,
On 11/20/2018 11:38 AM, Jacques Latour wrote:
> +1 & I don't like the path is going as well, and specifically from an
> enterprise security point of view. Having DNS resolution that can bypass
> traditional enterprise security mechanisms is adding another layer of
> complexity to manage, you
tion
in enterprise networks. I could go on, but I just want to say " I don't like
the path is going".
Jack
-Original Message-
From: dns-privacy On Behalf Of Mukund Sivaraman
Sent: November 20, 2018 6:37 AM
To: dns-privacy@ietf.org
Subject: Re: [dns-privacy] [Doh] [Ext] DNS over H
17 matches
Mail list logo
