[dns-privacy] Fwd: New Version Notification for draft-pp-recursive-authoritative-opportunistic-03.txt
Paul Hoffman <paul.hoffman@icann.org> Wed, 25 November 2020 21:51 UTC
Return-Path: <paul.hoffman@icann.org>
X-Original-To: dns-privacy@ietfa.amsl.com
Delivered-To: dns-privacy@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 728E23A1CDA for <dns-privacy@ietfa.amsl.com>; Wed, 25 Nov 2020 13:51:00 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id clJHdCuaLP9H for <dns-privacy@ietfa.amsl.com>; Wed, 25 Nov 2020 13:50:59 -0800 (PST)
Received: from ppa3.lax.icann.org (ppa3.lax.icann.org [192.0.33.78]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0A6073A0B9C for <dns-privacy@ietf.org>; Wed, 25 Nov 2020 13:50:59 -0800 (PST)
Received: from MBX112-W2-CO-2.pexch112.icann.org (out.mail.icann.org [64.78.33.6]) by ppa3.lax.icann.org (8.16.0.42/8.16.0.42) with ESMTPS id 0APLov3N028191 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for <dns-privacy@ietf.org>; Wed, 25 Nov 2020 21:50:58 GMT
Received: from MBX112-W2-CO-1.pexch112.icann.org (10.226.41.128) by MBX112-W2-CO-2.pexch112.icann.org (10.226.41.130) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.659.4; Wed, 25 Nov 2020 13:50:57 -0800
Received: from MBX112-W2-CO-1.pexch112.icann.org ([10.226.41.128]) by MBX112-W2-CO-1.pexch112.icann.org ([10.226.41.128]) with mapi id 15.02.0721.002; Wed, 25 Nov 2020 13:50:57 -0800
From: Paul Hoffman <paul.hoffman@icann.org>
To: DNS Privacy Working Group <dns-privacy@ietf.org>
Thread-Topic: New Version Notification for draft-pp-recursive-authoritative-opportunistic-03.txt
Thread-Index: AQHWw3UO8NCnRavhyUWw9vsc/i+QGg==
Date: Wed, 25 Nov 2020 21:50:57 +0000
Message-ID: <4FEF9216-E0C0-4893-9A57-39C0EB42F6AD@icann.org>
References: <160634062539.8716.8463088393130392274@ietfa.amsl.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
x-originating-ip: [192.0.32.234]
x-source-routing-agent: Processed
Content-Type: multipart/signed; boundary="Apple-Mail=_4113C443-3FB7-40F6-A070-DBBADE545F85"; protocol="application/pkcs7-signature"; micalg="sha-256"
MIME-Version: 1.0
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.312, 18.0.737 definitions=2020-11-25_13:2020-11-25, 2020-11-25 signatures=0
Archived-At: <https://mailarchive.ietf.org/arch/msg/dns-privacy/XBv5ep6R9H9xYW0s8SgWU-hO14k>
Subject: [dns-privacy] Fwd: New Version Notification for draft-pp-recursive-authoritative-opportunistic-03.txt
X-BeenThere: dns-privacy@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <dns-privacy.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dns-privacy/>
List-Post: <mailto:dns-privacy@ietf.org>
List-Help: <mailto:dns-privacy-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 25 Nov 2020 21:51:00 -0000
Greetings again. Based on the request of the WG during last week's meeting, I have updated my draft to flesh out some of the ideas we discussed. As noted in the abstract and in the body of the draft, this version only proposes using pot-checking for discovery, even though that is not likely to be the final proposal. For those of you interested in the use case described in the document, please review and discuss how this might be improved. For those of you not interested in the use case described in the document, there was a few pleas during the WG meeting for fleshed-out drafts on fully authenticated encryption for DNS. --Paul Hoffman A new version of I-D, draft-pp-recursive-authoritative-opportunistic-03.txt has been successfully submitted by Paul Hoffman and posted to the IETF repository. Name: draft-pp-recursive-authoritative-opportunistic Revision: 03 Title: Recursive to Authoritative DNS with Opportunistic Encryption Document date: 2020-11-25 Group: Individual Submission Pages: 9 URL: https://www.ietf.org/archive/id/draft-pp-recursive-authoritative-opportunistic-03.txt Status: https://datatracker.ietf.org/doc/draft-pp-recursive-authoritative-opportunistic/ Htmlized: https://datatracker.ietf.org/doc/html/draft-pp-recursive-authoritative-opportunistic Htmlized: https://tools.ietf.org/html/draft-pp-recursive-authoritative-opportunistic-03 Diff: https://www.ietf.org/rfcdiff?url2=draft-pp-recursive-authoritative-opportunistic-03 Abstract: This document describes a use case and a method for a DNS recursive resolver to use opportunistic encryption (that is, encryption with optional authentication) when communicating with authoritative servers. The motivating use case for this method is that more encryption on the Internet is better, and opportunistic encryption is better than no encryption at all. The method here is optional for both the recursive resolver and the authoritative server. Nothing in this method prevents use cases and methods that require authenticated encryption. IMPORTANT NOTE: This version of the document describes discovery whether an authoritative server supports encryption using port- checking. This restriction is based on the request of the DPRIVE WG during its meeting at IETF 109. It is quite likely that the final protocol will include a better set of methods for such discovery.
- [dns-privacy] Fwd: New Version Notification for d… Paul Hoffman
- Re: [dns-privacy] [Ext] Fwd: New Version Notifica… Paul Hoffman