Re: [dns-privacy] Root Server Operators Statement on DNS Encryption
Rob Sayre <sayrer@gmail.com> Wed, 31 March 2021 21:39 UTC
Return-Path: <sayrer@gmail.com>
X-Original-To: dns-privacy@ietfa.amsl.com
Delivered-To: dns-privacy@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 774063A3823 for <dns-privacy@ietfa.amsl.com>; Wed, 31 Mar 2021 14:39:59 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.096
X-Spam-Level:
X-Spam-Status: No, score=-2.096 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id eqwp5WOMuHrh for <dns-privacy@ietfa.amsl.com>; Wed, 31 Mar 2021 14:39:55 -0700 (PDT)
Received: from mail-il1-x131.google.com (mail-il1-x131.google.com [IPv6:2607:f8b0:4864:20::131]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A17EA3A3828 for <dprive@ietf.org>; Wed, 31 Mar 2021 14:39:27 -0700 (PDT)
Received: by mail-il1-x131.google.com with SMTP id z9so334762ilb.4 for <dprive@ietf.org>; Wed, 31 Mar 2021 14:39:27 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=ONfbPS70Ryt9H/yR3PwsIhS1r9bTzUGSOlNQWd1x3i0=; b=jUbGQ2CvyrLUB8MXEcKUmu/SaE5u+MaApkeyG1Q0udFMHjUGB5RfhiQOLcm1Cflveh OjCl5hS5gLUetDVpWfwHqPqClZqJ1X30cMDZ1xU8Go/D24wlL10A/UebexWHvBZjjPd1 1WGbQqSvV6tm9E9NGJrhAifgcXICXEGzUWIz/IirwsY5C44QDmZFD2+v3z0u5HXKx/HQ G3Yjd6UEnBznngrm42kccjqxixp8Zr/l7XmQpCZ3bylvEbxUvqsr4D9/sXFFLyscqF8t ATNxrodo61tJU+pvJQch4xzIwDxCuKR3/PtNMi1oRgqly6tpy/Xqf8fgSDV9WBS04EpN 3rDA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=ONfbPS70Ryt9H/yR3PwsIhS1r9bTzUGSOlNQWd1x3i0=; b=mAiVd6ut7LczsbcYlg4Ml77z62viphRBrxKJ2CYlwWKgNgali/h70p/mTk7FiIMC2T 34xEKaAU5StSheE3pHXeLC9XkkTiBK+UE248tZ/ICAryj0QqgEBVKO0wLJ0NgZamhpZ9 NsRwhvF3XmWha4ppJv3Zy11d85z9xoZUWGR7Ne4SYsGBBtavBWAhGm7/8ELt5a2l11Q9 HY82GuDkGOIiaNWQhtON1BcNI8JKg5ndrpJOXxFc89t+VMWO+P6U526nhMe9YivX1cPV kJBJjZLUWHas583ZK0uTnxLy4gwxhO+b+kOYM2AablVk/I7la6NA860HPNYkh5diMw7Q thgQ==
X-Gm-Message-State: AOAM532bIncLTk7kHxN8dE5WdCufRl2FqsC49fK9BeVSUXrSYNuyb5Oi c2zGHmdfQfFMcQeO8Qj+HeNo3puf19J0lH8l+us=
X-Google-Smtp-Source: ABdhPJyPVVP3HY3+PKhDfpCA070RVFLKIoN3vE0v1Hh0dkgh7OE8uiIKSMOa30l8YzdaUFdm5mxyr7uTisdq1wuOesc=
X-Received: by 2002:a92:d68c:: with SMTP id p12mr4279396iln.73.1617226765662; Wed, 31 Mar 2021 14:39:25 -0700 (PDT)
MIME-Version: 1.0
References: <c925da9089fa4b1e991ec74fc9c11e7f@verisign.com> <CAChr6Sxwao=FAcoeHMuOf0L=JCZ+wvhsr9BNZW_dbt+1=HWQwg@mail.gmail.com> <20210331091238.GA10597@nic.fr> <CAChr6SxPNVAZMYfZqF+K6Xf8FPGa9ZgHkL-uUvtKMEiJSPmp8Q@mail.gmail.com> <2607D274-936F-4A31-9E4D-EEBCF45BE838@pch.net> <CAChr6Szg+EbFqSpFPco8Gyb9pzNNnrSoQJcXTDVeg40_EXiPDg@mail.gmail.com> <4B1CCB51-C777-4434-B28E-76C22C12E4DA@pch.net> <CAChr6Sym=tm-vj-3FB-GbOG6U=U4CFsRE6yyWJk14waZQLbRiQ@mail.gmail.com> <ABD711DE-80CE-4B15-9153-82DA25E4F000@pch.net>
In-Reply-To: <ABD711DE-80CE-4B15-9153-82DA25E4F000@pch.net>
From: Rob Sayre <sayrer@gmail.com>
Date: Wed, 31 Mar 2021 14:39:14 -0700
Message-ID: <CAChr6Swfnc_s_-3TS6NuCzuqWduA-E6270x4uSLNGnTF+sLnmQ@mail.gmail.com>
To: Bill Woodcock <woody@pch.net>
Cc: "dprive@ietf.org" <dprive@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000e37d8d05bedbf202"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dns-privacy/J8Ohb52LWuev_Uh8E_rOBBGht_Q>
Subject: Re: [dns-privacy] Root Server Operators Statement on DNS Encryption
X-BeenThere: dns-privacy@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <dns-privacy.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dns-privacy/>
List-Post: <mailto:dns-privacy@ietf.org>
List-Help: <mailto:dns-privacy-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 31 Mar 2021 21:39:59 -0000
On Wed, Mar 31, 2021 at 2:34 PM Bill Woodcock <woody@pch.net> wrote: > So you’re saying that we all need to go spend some non-negative number, > which, for us, is 3x-5x as much, in order that third parties should not > know the relative volume of recursor cache-misses with respect to different > TLDs? > > Why is this something I would want to spend my money to achieve, when > there are problems that aren’t hypothetical, and for which there are real > live constituents, on which I could spend the money instead? > I think it's fine if you don't want to implement any given IETF RFC. Plenty of other businesses have found the cost of encryption to be negligible on modern networking stacks, especially for long-lived TLS connections. Your business might be different--you know best there. thanks, Rob
- [dns-privacy] Root Server Operators Statement on … Hollenbeck, Scott
- Re: [dns-privacy] Root Server Operators Statement… Rob Sayre
- Re: [dns-privacy] Root Server Operators Statement… Erik Kline
- Re: [dns-privacy] Root Server Operators Statement… Rob Sayre
- Re: [dns-privacy] Root Server Operators Statement… Jim Reid
- Re: [dns-privacy] Root Server Operators Statement… Eric Rescorla
- Re: [dns-privacy] Root Server Operators Statement… Stephen Farrell
- Re: [dns-privacy] Root Server Operators Statement… Stephen Farrell
- Re: [dns-privacy] Root Server Operators Statement… Erik Kline
- Re: [dns-privacy] Root Server Operators Statement… Eric Rescorla
- Re: [dns-privacy] Root Server Operators Statement… Rob Sayre
- Re: [dns-privacy] Root Server Operators Statement… Stephen Farrell
- Re: [dns-privacy] Root Server Operators Statement… Vladimír Čunát
- Re: [dns-privacy] Root Server Operators Statement… Stephane Bortzmeyer
- Re: [dns-privacy] Root Server Operators Statement… Stephane Bortzmeyer
- Re: [dns-privacy] Root Server Operators Statement… Stephane Bortzmeyer
- Re: [dns-privacy] Root Server Operators Statement… Stephane Bortzmeyer
- Re: [dns-privacy] Root Server Operators Statement… Brian Haberman
- Re: [dns-privacy] Root Server Operators Statement… Frederico A C Neves
- Re: [dns-privacy] Root Server Operators Statement… Jim Reid
- Re: [dns-privacy] Root Server Operators Statement… Stephen Farrell
- Re: [dns-privacy] Root Server Operators Statement… Hollenbeck, Scott
- Re: [dns-privacy] Root Server Operators Statement… Stephane Bortzmeyer
- Re: [dns-privacy] Root Server Operators Statement… Jim Reid
- Re: [dns-privacy] Root Server Operators Statement… Vladimír Čunát
- Re: [dns-privacy] Root Server Operators Statement… Stephen Farrell
- Re: [dns-privacy] Root Server Operators Statement… Stephen Farrell
- Re: [dns-privacy] Root Server Operators Statement… Stephane Bortzmeyer
- Re: [dns-privacy] Root Server Operators Statement… Stephane Bortzmeyer
- Re: [dns-privacy] Root Server Operators Statement… Jim Reid
- Re: [dns-privacy] Root Server Operators Statement… Stephen Farrell
- Re: [dns-privacy] Root Server Operators Statement… Brian Haberman
- Re: [dns-privacy] Root Server Operators Statement… Brian Haberman
- Re: [dns-privacy] Root Server Operators Statement… Tomas Krizek
- Re: [dns-privacy] Root Server Operators Statement… Rob Sayre
- Re: [dns-privacy] Root Server Operators Statement… Bill Woodcock
- Re: [dns-privacy] Root Server Operators Statement… Rob Sayre
- Re: [dns-privacy] Root Server Operators Statement… Bill Woodcock
- Re: [dns-privacy] Root Server Operators Statement… Rob Sayre
- Re: [dns-privacy] Root Server Operators Statement… Bill Woodcock
- Re: [dns-privacy] Root Server Operators Statement… Rob Sayre
- Re: [dns-privacy] Root Server Operators Statement… Bill Woodcock
- Re: [dns-privacy] Root Server Operators Statement… Stephen Farrell
- Re: [dns-privacy] Root Server Operators Statement… Bill Woodcock
- Re: [dns-privacy] Root Server Operators Statement… Rob Sayre
- Re: [dns-privacy] Root Server Operators Statement… Bill Woodcock
- Re: [dns-privacy] Root Server Operators Statement… Andrew Campling
- Re: [dns-privacy] Root Server Operators Statement… Bill Woodcock
- Re: [dns-privacy] Root Server Operators Statement… Andrew Campling
- Re: [dns-privacy] Root Server Operators Statement… Bill Woodcock
- Re: [dns-privacy] Root Server Operators Statement… Christian Huitema
- Re: [dns-privacy] Root Server Operators Statement… Rob Sayre
- Re: [dns-privacy] Root Server Operators Statement… Petr Špaček
- Re: [dns-privacy] Root Server Operators Statement… Brian Haberman
- Re: [dns-privacy] Root Server Operators Statement… Bill Woodcock
- Re: [dns-privacy] Root Server Operators Statement… Vittorio Bertola
- Re: [dns-privacy] Root Server Operators Statement… Stephane Bortzmeyer
- Re: [dns-privacy] Root Server Operators Statement… Stephane Bortzmeyer
- Re: [dns-privacy] Root Server Operators Statement… Stephane Bortzmeyer
- [dns-privacy] DDoS resiliance & DNS-over-TCP (was… Shane Kerr
- Re: [dns-privacy] Root Server Operators Statement… Christian Huitema
- [dns-privacy] RFC7626 and risk/threat analysis Jim Reid
- Re: [dns-privacy] Root Server Operators Statement… John Heidemann
- Re: [dns-privacy] Root Server Operators Statement… Wes Hardaker
- Re: [dns-privacy] Root Server Operators Statement… Brian Haberman