[Add] Fwd: New Version Notification for draft-reddy-add-server-policy-selection-01.txt

tirumal reddy <kondtir@gmail.com> Fri, 10 April 2020 06:39 UTC

Return-Path: <kondtir@gmail.com>
X-Original-To: add@ietfa.amsl.com
Delivered-To: add@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E2D323A1867 for <add@ietfa.amsl.com>; Thu, 9 Apr 2020 23:39:03 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id QCpSk6VonM-X for <add@ietfa.amsl.com>; Thu, 9 Apr 2020 23:38:58 -0700 (PDT)
Received: from mail-il1-x132.google.com (mail-il1-x132.google.com [IPv6:2607:f8b0:4864:20::132]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AE5703A1866 for <add@ietf.org>; Thu, 9 Apr 2020 23:38:58 -0700 (PDT)
Received: by mail-il1-x132.google.com with SMTP id d2so634328ilc.0 for <add@ietf.org>; Thu, 09 Apr 2020 23:38:58 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to; bh=3izHXKwrVYuQyR60ol6VPZZ/W4tqJvnpbRQlldmG5sA=; b=IzTrx0cMhhBfiwxwrwuisudJyC/0xWwMtPUzbBmLhiEVQSgtd/pwmbPz+2QdN5CwhF 1BtOxAp+sJHM7UsRwc7KNSSm6lA+3cvsW3MBbWZKdPrWuMJG2KpaMm+ddnV1ajTYrl0E S0wiyAn8AlR5W5b6GMyb4gpxiUXfW47uBB9G2xqD2GqlpIzpCdI6wIIIua6nMcwmIc9a LnouV8ymqTydHmiJaiZffPxJVJ3Q/vX+NYndrGDmuQ7+hR2+4ath+CK28TI+CqQKqaSK cTDF+O+9/eKJ4QPEdA+DtuIm4k2/3waFGowzxHtakxcM/YrbnMI9ARAu6i5x5ABQBqvx Fwag==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to; bh=3izHXKwrVYuQyR60ol6VPZZ/W4tqJvnpbRQlldmG5sA=; b=daCWVPkPMMQF7Yuor5XabwCZppk4NBn27Gs+N8xYOCYkA1WEJMpOgMnebgzvzvkZlM Dbk2R0bk4fn8ky3/PLo8I2zj46wzkNVoMGlc3cmj87vumR6jbTE1fhlX6Roz+8O2gZFN 78uSNGkKpRNcv0hph737CCrBcLqZOXYGNKIxYoULGp7LktI7dSY3OUERaWTdSmnzHZ+N nQAgSR0F1yYbKbKhPRbLfF3BtqvutlsTNRdM778/Pin3kJrUSYVr+Er78bzcFZqbdOOm gLxJTPbycIbDSaJ3SAU1dRxoDeplbjLOvScJVaZADx6rmjQJgDxFb3ksrsnyJ3rLSsYC phFA==
X-Gm-Message-State: AGi0PuYvf31HiE5o9RwPRcixkAxO/uSMxT4+oDpYKysPkTyomIFwE59/ I/7WO92DHlcHaqZ3SO9RzRXYUfAy62w9UMggun8UP8gaozdFNQ==
X-Google-Smtp-Source: APiQypL6EQNK6IKDm7f3EEoy+tu+aQ83Y5p3nxyC1pD2fwL8wJZb2O1LxYTePlIUbGVHciAuKLDeuxhkXSIASpExLNY=
X-Received: by 2002:a92:8c08:: with SMTP id o8mr3492527ild.123.1586500737703; Thu, 09 Apr 2020 23:38:57 -0700 (PDT)
MIME-Version: 1.0
References: <158649818263.21105.15562293019640935019@ietfa.amsl.com>
In-Reply-To: <158649818263.21105.15562293019640935019@ietfa.amsl.com>
From: tirumal reddy <kondtir@gmail.com>
Date: Fri, 10 Apr 2020 12:08:46 +0530
Message-ID: <CAFpG3gdDp_c1N8Pb_4nqpwzQs92KFsSsnQVyzJA0KSpzU__nYA@mail.gmail.com>
To: ADD Mailing list <add@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000e822f905a2e9fc17"
Archived-At: <https://mailarchive.ietf.org/arch/msg/add/llMpU46X8lCS4-dY8TeMQrhgwAs>
Subject: [Add] Fwd: New Version Notification for draft-reddy-add-server-policy-selection-01.txt
X-BeenThere: add@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Applications Doing DNS <add.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/add>, <mailto:add-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/add/>
List-Post: <mailto:add@ietf.org>
List-Help: <mailto:add-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/add>, <mailto:add-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 10 Apr 2020 06:39:04 -0000

Hi all,

We prepared an updated version of
https://tools.ietf.org/html/draft-reddy-add-server-policy-selection-01 to
highlight how a DNS client can cryptographically identify it is connecting
to a DoT/DoH server hosted by a specific organization (e.g., ISP). It is
particularly useful when the DoH/DoT server is insecurely discovered and
prevents the client from connecting to a attackers server.

As a reminder, it also defines a mechanism for a DNS server to communicate
its filtering policy and privacy statement URL to DNS clients. This
information is cryptographically signed to attest its authenticity.

Cheers,
-Tiru

---------- Forwarded message ---------
From: <internet-drafts@ietf.org>
Date: Fri, 10 Apr 2020 at 11:26
Subject: New Version Notification for
draft-reddy-add-server-policy-selection-01.txt
To: Dan Wing <dwing-ietf@fuggles.com>om>, Tirumaleswar Reddy.K <
kondtir@gmail.com>gt;, Michael C. Richardson <mcr+ietf@sandelman.ca>ca>, Mohamed
Boucadair <mohamed.boucadair@orange.com>



A new version of I-D, draft-reddy-add-server-policy-selection-01.txt
has been successfully submitted by Tirumaleswar Reddy and posted to the
IETF repository.

Name:           draft-reddy-add-server-policy-selection
Revision:       01
Title:          DNS Server Selection: DNS Server Information with Assertion
Token
Document date:  2020-04-09
Group:          Individual Submission
Pages:          23
URL:
https://www.ietf.org/internet-drafts/draft-reddy-add-server-policy-selection-01.txt
Status:
https://datatracker.ietf.org/doc/draft-reddy-add-server-policy-selection/
Htmlized:
https://tools.ietf.org/html/draft-reddy-add-server-policy-selection-01
Htmlized:
https://datatracker.ietf.org/doc/html/draft-reddy-add-server-policy-selection
Diff:
https://www.ietf.org/rfcdiff?url2=draft-reddy-add-server-policy-selection-01

Abstract:
   The document defines a mechanism that allows communication of DNS
   resolver information to DNS clients for use in selection decisions.
   In particular, the document defines a mechanism for a DNS server to
   communicate its filtering policy and privacy statement URL to DNS
   clients.  This information is cryptographically signed to attest its
   authenticity.  Such information is used for the selection of DNS
   resolvers.  Typically, evaluating the DNS privacy statement,
   filtering policy, and the signatory, DNS clients with minimum human
   intervention can select the DNS server that best supports the user's
   desired privacy and filtering policy.

   This assertion is useful for DNS-over-TLS and DNS-over-HTTPS servers
   that are either public resolvers or are discovered in a local
   network.




Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org.

The IETF Secretariat