[dns-privacy] I-D Action: draft-ietf-dprive-opportunistic-adotq-01.txt
internet-drafts@ietf.org Mon, 22 February 2021 21:27 UTC
Return-Path: <internet-drafts@ietf.org>
X-Original-To: dns-privacy@ietf.org
Delivered-To: dns-privacy@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id D3E733A205E; Mon, 22 Feb 2021 13:27:01 -0800 (PST)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: internet-drafts@ietf.org
To: i-d-announce@ietf.org
Cc: dns-privacy@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 7.26.0
Auto-Submitted: auto-generated
Precedence: bulk
Reply-To: dns-privacy@ietf.org
Message-ID: <161402922182.32521.239858429360343902@ietfa.amsl.com>
Date: Mon, 22 Feb 2021 13:27:01 -0800
Archived-At: <https://mailarchive.ietf.org/arch/msg/dns-privacy/ZzRf2a_zSmexkbl2JdjS1inv4t0>
Subject: [dns-privacy] I-D Action: draft-ietf-dprive-opportunistic-adotq-01.txt
X-BeenThere: dns-privacy@ietf.org
X-Mailman-Version: 2.1.29
List-Id: <dns-privacy.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dns-privacy/>
List-Post: <mailto:dns-privacy@ietf.org>
List-Help: <mailto:dns-privacy-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 22 Feb 2021 21:27:02 -0000
A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the DNS PRIVate Exchange WG of the IETF.
Title : Recursive to Authoritative DNS with Encryption
Authors : Paul Hoffman
Peter van Dijk
Filename : draft-ietf-dprive-opportunistic-adotq-01.txt
Pages : 9
Date : 2021-02-22
Abstract:
This document describes a use case and a method for a DNS recursive
resolver to use either opportunistic encryption (that is, encryption
with optional authentication) or fully-authenticated encryption when
communicating with authoritative servers. The motivating use case
for this method is that more encryption on the Internet is better,
some resolver operators will only want to offer fully-authenticated
encryption when encryption is available, and some resolver operators
believe that opportunistic encryption is better than no encryption at
all. The method described here is optional for both the recursive
resolver and the authoritative server. This method supports both
fully-authenticate encryption and opportunistic encryption using the
same mechanism for discovery of encryption support and discovery of
authenticated public keys for the server.
IMPORTANT NOTE: This version of the document is completely different
than the earlier version. It now covers both opportunistic and
fully-authenticated encryption. It is in a very rough state, and
there are many holes in the description.
The IETF datatracker status page for this draft is:
https://datatracker.ietf.org/doc/draft-ietf-dprive-opportunistic-adotq/
There are also htmlized versions available at:
https://tools.ietf.org/html/draft-ietf-dprive-opportunistic-adotq-01
https://datatracker.ietf.org/doc/html/draft-ietf-dprive-opportunistic-adotq-01
A diff from the previous version is available at:
https://www.ietf.org/rfcdiff?url2=draft-ietf-dprive-opportunistic-adotq-01
Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org.
Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/
- [dns-privacy] I-D Action: draft-ietf-dprive-oppor… internet-drafts