Re: [Add] New Version Notification for draft-reddy-add-server-policy-selection-03.txt
tirumal reddy <kondtir@gmail.com> Tue, 23 June 2020 06:11 UTC
Return-Path: <kondtir@gmail.com>
X-Original-To: add@ietfa.amsl.com
Delivered-To: add@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 54AE43A179A for <add@ietfa.amsl.com>; Mon, 22 Jun 2020 23:11:33 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id cYqn5xaSt8Dw for <add@ietfa.amsl.com>; Mon, 22 Jun 2020 23:11:31 -0700 (PDT)
Received: from mail-io1-xd2c.google.com (mail-io1-xd2c.google.com [IPv6:2607:f8b0:4864:20::d2c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C3BCD3A1799 for <add@ietf.org>; Mon, 22 Jun 2020 23:11:31 -0700 (PDT)
Received: by mail-io1-xd2c.google.com with SMTP id y2so4499533ioy.3 for <add@ietf.org>; Mon, 22 Jun 2020 23:11:31 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=E/cwJ4sQO90rkf2Fd7LBv97GEppKzOb7Ajz2Op4hIfk=; b=Ub9gDGW34ZLA38kqq9Mkn5Dkw4EWHg8ITdR9/Atr6wOyWiPmz67yYZfFutm3GrJTzS kGyJVQj5PJ2NVD3yeFB0sXN3bySkKigDAYWZd2lj/tttkt6uy0XEGyGxz39Z1wm9ay2R iXmaEL+uKy7jNknkQmCvA8f1rcfVUW6N9GoxWIddqpVJAurYnRny8yl+9ezj1qv8QQQe W+3Kyr/c5d+Cg6/t5DkRUWdvJ9tNzqWdPcQvNiA1djTz1c8XdLst+TMTfbQg7njxnWL4 R2IzYiycZQdXM9UcdrjkGp9ooY+Tnwyz8VaKjsuvZaOCoMh2xlYMqdioSRtx5MphZBZO py4Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=E/cwJ4sQO90rkf2Fd7LBv97GEppKzOb7Ajz2Op4hIfk=; b=eRg8fFB4XjimFk2TZvB2j3aFj9OahzHY3DiJ8Ip0LJhm6afhpzZvq+rrwuxjWWVj45 OwCZ4BRipLSmMKxo4DPMCCFzKsxhx4RJbT2siRAJOpt+kVgqFIma/+VKVLzqeqAjrYBo rP6mnbqthyRSUPenp7L4b8xAzJjwGgMo+oNBtjan9Lm2GNUF9SlmDPXmyp+eA+uoT7Y8 +L4FEwtJfT6ufYdAQLqKBXErCS29AoVNdC4M1w74jF+yUsTWqtUlvkGU9RM033QEfAnb xHGN2PJ8U7FqZ123x1Ju2XN3ifoLvvmplZbcoBcVgVYN/g/SGdLxsG+cNz+dOnWwPUB6 N4MA==
X-Gm-Message-State: AOAM533lRxremmaDX+okJ8Ogi7lmdVYO4VU2Iosn02uARQ++hzbR2LRV PyOZdIn9v7tMV86WP54chgDotDlk8ejMRA2PXQT8BIa4Iwc=
X-Google-Smtp-Source: ABdhPJzsiN28bzN+0kk+Ow2l8NAX6AJOV7QvAwVIez8ZRVFLlVgzIcAnkxzpjfEex9i64jRiknvyRG0CkN0mks79x+w=
X-Received: by 2002:a05:6602:2c0a:: with SMTP id w10mr23471562iov.46.1592892690684; Mon, 22 Jun 2020 23:11:30 -0700 (PDT)
MIME-Version: 1.0
References: <159247351170.10058.420472825533339226@ietfa.amsl.com>
In-Reply-To: <159247351170.10058.420472825533339226@ietfa.amsl.com>
From: tirumal reddy <kondtir@gmail.com>
Date: Tue, 23 Jun 2020 11:41:19 +0530
Message-ID: <CAFpG3gcj9PUkLMiJHtvhyoTJ3pGSbpgEuhwDTPTxk5YTpSfLdg@mail.gmail.com>
To: ADD Mailing list <add@ietf.org>
Cc: Dan Wing <dwing-ietf@fuggles.com>, "Michael C. Richardson" <mcr+ietf@sandelman.ca>, Mohamed Boucadair <mohamed.boucadair@orange.com>
Content-Type: multipart/alternative; boundary="000000000000fe5f8105a8ba3a23"
Archived-At: <https://mailarchive.ietf.org/arch/msg/add/Jr84GvMcevP7o3otAbeRktmY_JI>
Subject: Re: [Add] New Version Notification for draft-reddy-add-server-policy-selection-03.txt
X-BeenThere: add@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Applications Doing DNS <add.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/add>, <mailto:add-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/add/>
List-Post: <mailto:add@ietf.org>
List-Help: <mailto:add-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/add>, <mailto:add-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 23 Jun 2020 06:11:33 -0000
Hi all, We prepared an updated version of https://tools.ietf.org/html/draft-reddy-add-server-policy-selection-03 to address comments from Vittorio. The draft has been updated to provide the reasons for filtering (1) malware (2) phishing (3) block-list due to a policy by the operator of the DNS server (4) censored blocking based on a requirement from an external entity. As a reminder, it discusses how a DNS client can authenticate it is connecting to a DoH/DoT server hosted by a specific organization (e.g., ISP). This information is cryptographically signed to attest its authenticity. It is particularly useful when the DoH/DoT server is insecurely discovered and prevents the client from connecting to an attackers server. Comments and suggestions are more than welcome. Cheers, -Tiru On Thu, 18 Jun 2020 at 15:15, <internet-drafts@ietf.org> wrote: > > A new version of I-D, draft-reddy-add-server-policy-selection-03.txt > has been successfully submitted by Tirumaleswar Reddy and posted to the > IETF repository. > > Name: draft-reddy-add-server-policy-selection > Revision: 03 > Title: DNS Server Selection: DNS Server Information with > Assertion Token > Document date: 2020-06-17 > Group: Individual Submission > Pages: 24 > URL: > https://www.ietf.org/internet-drafts/draft-reddy-add-server-policy-selection-03.txt > Status: > https://datatracker.ietf.org/doc/draft-reddy-add-server-policy-selection/ > Htmlized: > https://tools.ietf.org/html/draft-reddy-add-server-policy-selection-03 > Htmlized: > https://datatracker.ietf.org/doc/html/draft-reddy-add-server-policy-selection > Diff: > https://www.ietf.org/rfcdiff?url2=draft-reddy-add-server-policy-selection-03 > > Abstract: > The document defines a mechanism that allows communication of DNS > resolver information to DNS clients for use in server selection > decisions. In particular, the document defines a mechanism for a DNS > server to communicate its filtering policy and privacy statement URL > to DNS clients. This information is cryptographically signed to > attest its authenticity. Such information is used for the selection > of DNS resolvers. Typically, evaluating the DNS privacy statement, > filtering policy, and the signatory, DNS clients with minimum human > intervention can select the DNS server that best supports the user's > desired privacy and filtering policy. > > This assertion is useful for encrypted DNS (e.g., DNS-over-TLS and > DNS-over-HTTPS) servers that are either public resolvers or are > discovered in a local network. > > > > > Please note that it may take a couple of minutes from the time of > submission > until the htmlized version and diff are available at tools.ietf.org. > > The IETF Secretariat > > >
- Re: [Add] New Version Notification for draft-redd… tirumal reddy