Re: [dns-privacy] Call For Adoption: draft-wing-dprive-dnsodtls

[🔓Dan Wing <dwing@cisco.com>]

On 20-May-2015 07:40 am, Bob Harold <rharolde@umich.edu> wrote: 
> 
> 
> On Wed, May 20, 2015 at 10:03 AM, Tim Wicinski <tjw.ietf@gmail.com <mailto:tjw.ietf@gmail.com>> wrote:
> During the previous Call for Adoption a number of participants expressed interest in adopting this work.  WG members felt it needed some improvements, but thought it had potential. The authors addressed the issues and feel it meets what the working group was seeking, and have requested that we initiate a call for adoption.
> 
> If the working group adopts this document, it only means it wishes to study this solution more carefully.  The working group may still determine to not move forward with it.
> 
> The draft is available here: https://datatracker.ietf.org/doc/draft-wing-dprive-dnsodtls/ <https://datatracker.ietf.org/doc/draft-wing-dprive-dnsodtls/>
> Please review this draft to see if you think it is suitable for adoption by , and comments to the list, clearly stating your view.
> 
> Please also indicate if you are willing to contribute text, review, etc.
> 
>  
> I support adoption, and I will review.
> 
> I am unclear on Page 5
> 6.  Demultiplexing, Polling, Port Usage, and Discovery
> 
> "After performing the above steps, the host should determine if the
>    DNS server supports DNSoD by sending a DTLS ClientHello message."
> 
> It is unclear to me what the "above steps" actually refers to.  Can you clarify?

Section 6 suggests how a DNSoDTLS client can determine that its connected network will work with DNSoDTLS.  The exact method and algorithm will require more discussion in the WG, especially to balance the needs for security and interoperability against implementation flexibility.

-d