[dns-privacy] I-D Action: draft-ietf-dprive-opportunistic-adotq-01.txt
internet-drafts@ietf.org Mon, 22 February 2021 21:27 UTC
Return-Path: <internet-drafts@ietf.org>
X-Original-To: dns-privacy@ietf.org
Delivered-To: dns-privacy@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id D3E733A205E; Mon, 22 Feb 2021 13:27:01 -0800 (PST)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: internet-drafts@ietf.org
To: i-d-announce@ietf.org
Cc: dns-privacy@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 7.26.0
Auto-Submitted: auto-generated
Precedence: bulk
Reply-To: dns-privacy@ietf.org
Message-ID: <161402922182.32521.239858429360343902@ietfa.amsl.com>
Date: Mon, 22 Feb 2021 13:27:01 -0800
Archived-At: <https://mailarchive.ietf.org/arch/msg/dns-privacy/ZzRf2a_zSmexkbl2JdjS1inv4t0>
Subject: [dns-privacy] I-D Action: draft-ietf-dprive-opportunistic-adotq-01.txt
X-BeenThere: dns-privacy@ietf.org
X-Mailman-Version: 2.1.29
List-Id: <dns-privacy.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dns-privacy/>
List-Post: <mailto:dns-privacy@ietf.org>
List-Help: <mailto:dns-privacy-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 22 Feb 2021 21:27:02 -0000
A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the DNS PRIVate Exchange WG of the IETF. Title : Recursive to Authoritative DNS with Encryption Authors : Paul Hoffman Peter van Dijk Filename : draft-ietf-dprive-opportunistic-adotq-01.txt Pages : 9 Date : 2021-02-22 Abstract: This document describes a use case and a method for a DNS recursive resolver to use either opportunistic encryption (that is, encryption with optional authentication) or fully-authenticated encryption when communicating with authoritative servers. The motivating use case for this method is that more encryption on the Internet is better, some resolver operators will only want to offer fully-authenticated encryption when encryption is available, and some resolver operators believe that opportunistic encryption is better than no encryption at all. The method described here is optional for both the recursive resolver and the authoritative server. This method supports both fully-authenticate encryption and opportunistic encryption using the same mechanism for discovery of encryption support and discovery of authenticated public keys for the server. IMPORTANT NOTE: This version of the document is completely different than the earlier version. It now covers both opportunistic and fully-authenticated encryption. It is in a very rough state, and there are many holes in the description. The IETF datatracker status page for this draft is: https://datatracker.ietf.org/doc/draft-ietf-dprive-opportunistic-adotq/ There are also htmlized versions available at: https://tools.ietf.org/html/draft-ietf-dprive-opportunistic-adotq-01 https://datatracker.ietf.org/doc/html/draft-ietf-dprive-opportunistic-adotq-01 A diff from the previous version is available at: https://www.ietf.org/rfcdiff?url2=draft-ietf-dprive-opportunistic-adotq-01 Please note that it may take a couple of minutes from the time of submission until the htmlized version and diff are available at tools.ietf.org. Internet-Drafts are also available by anonymous FTP at: ftp://ftp.ietf.org/internet-drafts/
- [dns-privacy] I-D Action: draft-ietf-dprive-oppor… internet-drafts