IETF Logo Mail Archive

Re: [BEHAVE] RFC6147 and RFC7208 interoperability issues

Klaus Frank <klaus.frank@posteo.de> Mon, 07 February 2022 18:39 UTC

Return-Path: <klaus.frank@posteo.de>
X-Original-To: behave@ietfa.amsl.com
Delivered-To: behave@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5AEF93A0B47 for <behave@ietfa.amsl.com>; Mon, 7 Feb 2022 10:39:09 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.099
X-Spam-Level:
X-Spam-Status: No, score=-7.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_HI=-5, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=posteo.de
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HisAWifLr3MH for <behave@ietfa.amsl.com>; Mon, 7 Feb 2022 10:39:04 -0800 (PST)
Received: from mout01.posteo.de (mout01.posteo.de [185.67.36.65]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 000E93A1409 for <behave@ietf.org>; Mon, 7 Feb 2022 10:38:14 -0800 (PST)
Received: from submission (posteo.de [185.67.36.169]) by mout01.posteo.de (Postfix) with ESMTPS id A1CF5240029 for <behave@ietf.org>; Mon, 7 Feb 2022 19:38:11 +0100 (CET)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=posteo.de; s=2017; t=1644259091; bh=OZhx+DWkssxXfwJE3j/cnr5c6TiHu07aGtLPwSeVQIc=; h=Date:Subject:To:From:From; b=c0g69u3PytoZnk7Sn1Mjfz+BvKVJWnVrRlbvs8aZAgiUJMHZaPAhieX3VPu/jeDdJ Rs6/3Ilv3ug+hUX4jCKjzfLcY6ZBge4GFuFw+Q599U6er7eyecVxrVkpWl6hWYBmoA f+UiZOYbJ2VVCrznY+a72qXk10gEEPZqLSVwa9CTD2s3O9GPRgXxdnYXTxkP96ZkCa 5phKU3HMQLQPNGar33EjTY3leQmEdO6e9CWR23Rs2FhqrLhnrLDumGjRRHncP7Y4Ls 8ji8b+NYgcQWhVxaoWghnHVcDTeXNDl1qZj2lWsxyUR92rrXJqQOC8ZdDI/gjLzkFy tDa9xs//BIeOw==
Received: from customer (localhost [127.0.0.1]) by submission (posteo.de) with ESMTPSA id 4Jsvz65wdVz9rxW for <behave@ietf.org>; Mon, 7 Feb 2022 19:38:10 +0100 (CET)
Message-ID: <ab06597f-d312-1707-7d46-95ff00eb5bda@posteo.de>
Date: Mon, 07 Feb 2022 18:38:08 +0000
MIME-Version: 1.0
Content-Language: en-US
To: behave@ietf.org
References: <45e423cc-4095-cca2-bf8c-aa15e977b19c@posteo.de> <ff858dee-a21a-a50d-72a5-da7915ac2de4@network-heretics.com> <71b5cdb0-78af-0f77-debc-84e178fe5e3a@posteo.de> <7a008cc2-e8a3-f91d-c782-96866c36a9db@network-heretics.com> <ee760818-a3c4-3755-6bdf-afcec6fcaaad@posteo.de> <B7DFC369-E7B7-4171-9C85-F75986B5AEF6@gmail.com> <6123a322-e9a7-7f90-391f-9b4c4461ce45@network-heretics.com> <e95993e4-4166-4b3d-1637-8ca451b093b6@huitema.net> <7b7cf541-3387-6d0b-0fbe-273a08fd37ed@posteo.de> <0d18c171-f713-4590-d9a6-3c5729a3384c@huitema.net> <a4dbfa8c-abb4-e4e7-e53c-d7f54a2e5bf9@posteo.de> <50b919ba-22e5-cfd0-5e44-b905d42c50b7@it.uc3m.es> <8c10d7d6-ad60-2373-c809-1b75b8d1448c@huitema.net>
From: Klaus Frank <klaus.frank@posteo.de>
In-Reply-To: <8c10d7d6-ad60-2373-c809-1b75b8d1448c@huitema.net>
Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg="sha-512"; boundary="------------ms060106030004040703070506"
Archived-At: <https://mailarchive.ietf.org/arch/msg/behave/zqiKZqCcEK5y0FOxTyk3rGT6pRU>
Subject: Re: [BEHAVE] RFC6147 and RFC7208 interoperability issues
X-BeenThere: behave@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: mailing list of BEHAVE IETF WG <behave.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/behave>, <mailto:behave-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/behave/>
List-Post: <mailto:behave@ietf.org>
List-Help: <mailto:behave-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/behave>, <mailto:behave-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 07 Feb 2022 18:39:10 -0000

Cloudflare and google both have also DNS64 revolvers exactly for that 
reason...

On 2022-02-07 19:03, Christian Huitema wrote:
> Maybe. But the situation has changed since April 2011. ISPs cannot any 
> more assume that all hosts will be using the resolver embedded in the 
> NAT64 gateway -- some hosts, or some applications, may very well use 
> some alternate encrypted DNS service, e.g., using DoH and connect to 
> Quad9, Cloudflare or Google. The cases describe in section 6 of 
> RFC6147 are going to be more and

v2.23.0 | Report a Bug | By Email