Re: [dns-privacy] I-D Action: draft-ietf-dprive-dns-over-tls-00.txt
Warren Kumari <warren@kumari.net> Fri, 18 September 2015 21:04 UTC
Return-Path: <warren@kumari.net>
X-Original-To: dns-privacy@ietfa.amsl.com
Delivered-To: dns-privacy@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9B4F41B35B3 for <dns-privacy@ietfa.amsl.com>; Fri, 18 Sep 2015 14:04:01 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.978
X-Spam-Level:
X-Spam-Status: No, score=-1.978 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FM_FORGED_GMAIL=0.622, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fbJEWU6msJVj for <dns-privacy@ietfa.amsl.com>; Fri, 18 Sep 2015 14:04:00 -0700 (PDT)
Received: from mail-yk0-f174.google.com (mail-yk0-f174.google.com [209.85.160.174]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C92C41B359E for <dns-privacy@ietf.org>; Fri, 18 Sep 2015 14:03:59 -0700 (PDT)
Received: by ykdg206 with SMTP id g206so57913191ykd.1 for <dns-privacy@ietf.org>; Fri, 18 Sep 2015 14:03:59 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc:content-type; bh=vOBO8BfzDmZHZZf0DWDbzTcdOzpOyBcSH7rwnxsPG90=; b=e4JJK86KtCMSmS0v+h41SP2sHKIl2DqAfOSOiRcKP09Z9VJOy7SziU2KT6OhlgjCmF +oGJl6DVkAHSBMOgEBlZUHQWRWs0Cm4/KBvmKKFHzvotfxCD1pSdXIQj2VjdXyOqYXpM 1YIz55M2F78Ub9NaE8+0XjLNcEkMmLD9h4X9Do9o2DlSCCADbghnoknKki8NPlnilfBD N9j0As6H5G8RHCJj8gjqPdxmmiMd8QKsXc8noUbDwAj/WtB9ZNomK7dNNUee1WbGfPID +ynW/ZYpxQH/MOXVmNGzSaEa9eNbojWgzk1QP2q68M1Ly6NfFfpQ+e2qfEsXrsyTPPIb d6fQ==
X-Gm-Message-State: ALoCoQkaouwWZshZXneF98Zd2c8sCXvYzXXjmFZ/69AxBr13jTMUHQNordujQ5c5lAEAEpgfR4AG
MIME-Version: 1.0
X-Received: by 10.129.16.212 with SMTP id 203mr6577636ywq.142.1442610239094; Fri, 18 Sep 2015 14:03:59 -0700 (PDT)
Received: by 10.37.52.135 with HTTP; Fri, 18 Sep 2015 14:03:58 -0700 (PDT)
In-Reply-To: <ED605611-C613-415B-B46A-C31CDA693218@verisign.com>
References: <20150918202150.7868.46636.idtracker@ietfa.amsl.com> <ED605611-C613-415B-B46A-C31CDA693218@verisign.com>
Date: Fri, 18 Sep 2015 17:03:58 -0400
Message-ID: <CAHw9_iLGk+qowdAHd9rea9jdDwQ0mmyHghDs_z6VY=+ZV2JM-g@mail.gmail.com>
From: Warren Kumari <warren@kumari.net>
To: "Wessels, Duane" <dwessels@verisign.com>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <http://mailarchive.ietf.org/arch/msg/dns-privacy/TlA4Xuu3c1z3A7gp-Gc3xSJNPEU>
Cc: "dns-privacy@ietf.org" <dns-privacy@ietf.org>
Subject: Re: [dns-privacy] I-D Action: draft-ietf-dprive-dns-over-tls-00.txt
X-BeenThere: dns-privacy@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: <dns-privacy.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dns-privacy/>
List-Post: <mailto:dns-privacy@ietf.org>
List-Help: <mailto:dns-privacy-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 18 Sep 2015 21:04:01 -0000
On Fri, Sep 18, 2015 at 4:34 PM, Wessels, Duane <dwessels@verisign.com> wrote: > This is an update to the draft formerly named draft-ietf-dprive-start-tls-for-dns-01. If searching mail archives for previous discussion of this draft you may need to use the former name. > Thank you authors. We would appreciate it if the WG could do a careful review of this document and point out the issues, inconsistencies, errors and omissions. We'd like to get things rolling along somewhat faster than we have been... W > The former draft described two approaches to establishing a DNS-over-TLS session: upgrade-based (aka STARTTLS for DNS) and port-based. In this new version we have removed the upgrade-based approach and describe only the use of a well-known port. > > The URL below will show the differences between this and the previous document. > > http://tools.ietf.org//rfcdiff?url1=https://tools.ietf.org/id/draft-ietf-dprive-start-tls-for-dns-01.txt&url2=https://tools.ietf.org/id/draft-ietf-dprive-dns-over-tls-00.txt > > DW > > > > >> On Sep 18, 2015, at 1:21 PM, internet-drafts@ietf.org wrote: >> >> >> A New Internet-Draft is available from the on-line Internet-Drafts directories. >> This draft is a work item of the DNS PRIVate Exchange Working Group of the IETF. >> >> Title : DNS over TLS: Initiation and Performance Considerations >> Authors : Zi Hu >> Liang Zhu >> John Heidemann >> Allison Mankin >> Duane Wessels >> Paul Hoffman >> Filename : draft-ietf-dprive-dns-over-tls-00.txt >> Pages : 17 >> Date : 2015-09-18 >> >> Abstract: >> This document describes the use of TLS to provide privacy for DNS. >> Encryption provided by TLS eliminates opportunities for eavesdropping >> on DNS queries in the network, such as discussed in RFC 7258. In >> addition, this document specifies two usage profiles for DNS-over-TLS >> and provides advice on performance considerations to minimize >> overhead from using TCP and TLS with DNS. >> >> Note: this document was formerly named >> draft-ietf-dprive-start-tls-for-dns. Its name has been changed to >> better describe the mechanism now used. Please refer to working >> group archives under the former name for history and previous >> discussion. [RFC Editor: please remove this paragraph prior to >> publication] >> >> >> The IETF datatracker status page for this draft is: >> https://datatracker.ietf.org/doc/draft-ietf-dprive-dns-over-tls/ >> >> There's also a htmlized version available at: >> https://tools.ietf.org/html/draft-ietf-dprive-dns-over-tls-00 >> >> >> Please note that it may take a couple of minutes from the time of submission >> until the htmlized version and diff are available at tools.ietf.org. >> >> Internet-Drafts are also available by anonymous FTP at: >> ftp://ftp.ietf.org/internet-drafts/ >> >> _______________________________________________ >> dns-privacy mailing list >> dns-privacy@ietf.org >> https://www.ietf.org/mailman/listinfo/dns-privacy > > > _______________________________________________ > dns-privacy mailing list > dns-privacy@ietf.org > https://www.ietf.org/mailman/listinfo/dns-privacy > -- I don't think the execution is relevant when it was obviously a bad idea in the first place. This is like putting rabid weasels in your pants, and later expressing regret at having chosen those particular rabid weasels and that pair of pants. ---maf
- [dns-privacy] I-D Action: draft-ietf-dprive-dns-o… internet-drafts
- Re: [dns-privacy] I-D Action: draft-ietf-dprive-d… Wessels, Duane
- Re: [dns-privacy] I-D Action: draft-ietf-dprive-d… Warren Kumari
- Re: [dns-privacy] I-D Action: draft-ietf-dprive-d… Simon Josefsson
- Re: [dns-privacy] I-D Action: draft-ietf-dprive-d… Stephane Bortzmeyer
- Re: [dns-privacy] I-D Action: draft-ietf-dprive-d… Wessels, Duane
- Re: [dns-privacy] I-D Action: draft-ietf-dprive-d… Wessels, Duane
- Re: [dns-privacy] I-D Action: draft-ietf-dprive-d… Stephane Bortzmeyer
- Re: [dns-privacy] I-D Action: draft-ietf-dprive-d… Simon Josefsson
- Re: [dns-privacy] I-D Action: draft-ietf-dprive-d… Wessels, Duane