Re: [dns-privacy] Root Server Operators Statement on DNS Encryption
Erik Kline <ek.ietf@gmail.com> Wed, 31 March 2021 00:08 UTC
Return-Path: <ek.ietf@gmail.com>
X-Original-To: dns-privacy@ietfa.amsl.com
Delivered-To: dns-privacy@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9A22F3A0B02 for <dns-privacy@ietfa.amsl.com>; Tue, 30 Mar 2021 17:08:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0a5T9c19jh1I for <dns-privacy@ietfa.amsl.com>; Tue, 30 Mar 2021 17:08:27 -0700 (PDT)
Received: from mail-oo1-xc2d.google.com (mail-oo1-xc2d.google.com [IPv6:2607:f8b0:4864:20::c2d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CBDCF3A0A34 for <dprive@ietf.org>; Tue, 30 Mar 2021 17:08:26 -0700 (PDT)
Received: by mail-oo1-xc2d.google.com with SMTP id p2-20020a4aa8420000b02901bc7a7148c4so4198278oom.11 for <dprive@ietf.org>; Tue, 30 Mar 2021 17:08:26 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=0zEr/4yo/HVUah2kf7CcB0tmOrPUjb90oocstUK88EE=; b=I5HahEbUtCxErUtm+pI6EzPmThS0rB3AkkHD/W6BcvoDlx4/I+foEH5qmgiQNw2SHM 1RPnMju7JNSkQ3M8hQKWgRuGQrLFGsJy4idDTTyuIV3UeotM9S21OZ1bmOeVsHCDt/rq W2X9JOU+77bgXyU19BS2qhWLOV0bwUX7g/O7EYKbNVEUouYWzvMTmw+mM5QWZ33WKNnW EDNLLC1hrrYf1UESZIEPmFMovCZz80lInnPh8KVshXoGCXsyL3zNpGPLeRLAkwg0X89Q 5WfqP0Bz1Oa9U0WQv6dRPB5m6XGGT087d4zxdpfVFdmlf9ABuccSqnEZDLFROex5j+rs axRg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=0zEr/4yo/HVUah2kf7CcB0tmOrPUjb90oocstUK88EE=; b=hAEI0DdMUPdndvYYFa7xii31GYUu/2Rx4hRv7tq2x/os24eKfwKIJ6KpwYT6OPVBwW sjTIn0OuKfzp6t0740AWX6ZMou8CYn8qDfbvSr9JMJsRiStu2vPNuhQaorS1/o9ic0aj XOFQkEtjwxqoVES8FGORFHaA3LuZK6djmDGg20nz9d4fJiRgacAmqGs2gjDnL6v/eo3C 3YFsy8j1Kr/OHLfy/P97OtRTBR8qtUjwWliib7DkEFs1E9mHeCjD5dkUNfbiQTpvQoFO RCvaGIgncA12L+AZ4k8f9yqdY84DaFF7WTN/J5oA6XeqDR/uYm2xysfcG49s79DKUXGS V+Ww==
X-Gm-Message-State: AOAM533XrWA0ZM/1d/E/Re9uHiy09xmCbJnlaytgG/KHbuH5HuABlWjC dJ1MdN98ILJQL0xuH1EIxLLBw+xX2iP1nh4Qp6U=
X-Google-Smtp-Source: ABdhPJx2ix/UdDwPyG//UJDs9SNOmKasThzBbDegcY9SpMxSe3PU+3MWXqZadU6oWG46vScMtRSgqObGa8HVDpyWa7E=
X-Received: by 2002:a4a:244d:: with SMTP id v13mr456278oov.66.1617149304893; Tue, 30 Mar 2021 17:08:24 -0700 (PDT)
MIME-Version: 1.0
References: <c925da9089fa4b1e991ec74fc9c11e7f@verisign.com> <CAChr6Sxwao=FAcoeHMuOf0L=JCZ+wvhsr9BNZW_dbt+1=HWQwg@mail.gmail.com>
In-Reply-To: <CAChr6Sxwao=FAcoeHMuOf0L=JCZ+wvhsr9BNZW_dbt+1=HWQwg@mail.gmail.com>
From: Erik Kline <ek.ietf@gmail.com>
Date: Tue, 30 Mar 2021 17:08:14 -0700
Message-ID: <CAMGpriX5rbswMQnjh4gZqsLjh2xUJxjJVxe2rEAVu=RdLAbGFw@mail.gmail.com>
To: Rob Sayre <sayrer@gmail.com>
Cc: "Hollenbeck, Scott" <shollenbeck=40verisign.com@dmarc.ietf.org>, "dprive@ietf.org" <dprive@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000ddf30405bec9e954"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dns-privacy/eGkSfZ7cGyyLvSr98IpBceYKMcQ>
Subject: Re: [dns-privacy] Root Server Operators Statement on DNS Encryption
X-BeenThere: dns-privacy@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <dns-privacy.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dns-privacy/>
List-Post: <mailto:dns-privacy@ietf.org>
List-Help: <mailto:dns-privacy-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 31 Mar 2021 00:08:38 -0000
On Tue, Mar 30, 2021 at 5:01 PM Rob Sayre <sayrer@gmail.com> wrote: > On Tue, Mar 30, 2021 at 7:49 AM Hollenbeck, Scott <shollenbeck= > 40verisign.com@dmarc.ietf.org> wrote: > >> This is worth reading: >> >> https://root-servers.org/media/news/Statement_on_DNS_Encryption.pdf > > > I am not sure I agree it is worth reading. > > Why can't "The Root Server Operators" run QUIC etc as well as their > existing UDP methods? > > thanks, > Rob > (no hats) >From my reading the answer, and the whole document, seems to be summarizable in this one excerpt: "Root Server Operators do not feel comfortable being the early adopters of authoritative DNS encryption and would like to first see increased deployment in other parts of the DNS hierarchy." Seems fair to me, for the time being.
- [dns-privacy] Root Server Operators Statement on … Hollenbeck, Scott
- Re: [dns-privacy] Root Server Operators Statement… Rob Sayre
- Re: [dns-privacy] Root Server Operators Statement… Erik Kline
- Re: [dns-privacy] Root Server Operators Statement… Rob Sayre
- Re: [dns-privacy] Root Server Operators Statement… Jim Reid
- Re: [dns-privacy] Root Server Operators Statement… Eric Rescorla
- Re: [dns-privacy] Root Server Operators Statement… Stephen Farrell
- Re: [dns-privacy] Root Server Operators Statement… Stephen Farrell
- Re: [dns-privacy] Root Server Operators Statement… Erik Kline
- Re: [dns-privacy] Root Server Operators Statement… Eric Rescorla
- Re: [dns-privacy] Root Server Operators Statement… Rob Sayre
- Re: [dns-privacy] Root Server Operators Statement… Stephen Farrell
- Re: [dns-privacy] Root Server Operators Statement… Vladimír Čunát
- Re: [dns-privacy] Root Server Operators Statement… Stephane Bortzmeyer
- Re: [dns-privacy] Root Server Operators Statement… Stephane Bortzmeyer
- Re: [dns-privacy] Root Server Operators Statement… Stephane Bortzmeyer
- Re: [dns-privacy] Root Server Operators Statement… Stephane Bortzmeyer
- Re: [dns-privacy] Root Server Operators Statement… Brian Haberman
- Re: [dns-privacy] Root Server Operators Statement… Frederico A C Neves
- Re: [dns-privacy] Root Server Operators Statement… Jim Reid
- Re: [dns-privacy] Root Server Operators Statement… Stephen Farrell
- Re: [dns-privacy] Root Server Operators Statement… Hollenbeck, Scott
- Re: [dns-privacy] Root Server Operators Statement… Stephane Bortzmeyer
- Re: [dns-privacy] Root Server Operators Statement… Jim Reid
- Re: [dns-privacy] Root Server Operators Statement… Vladimír Čunát
- Re: [dns-privacy] Root Server Operators Statement… Stephen Farrell
- Re: [dns-privacy] Root Server Operators Statement… Stephen Farrell
- Re: [dns-privacy] Root Server Operators Statement… Stephane Bortzmeyer
- Re: [dns-privacy] Root Server Operators Statement… Stephane Bortzmeyer
- Re: [dns-privacy] Root Server Operators Statement… Jim Reid
- Re: [dns-privacy] Root Server Operators Statement… Stephen Farrell
- Re: [dns-privacy] Root Server Operators Statement… Brian Haberman
- Re: [dns-privacy] Root Server Operators Statement… Brian Haberman
- Re: [dns-privacy] Root Server Operators Statement… Rob Sayre
- Re: [dns-privacy] Root Server Operators Statement… Bill Woodcock
- Re: [dns-privacy] Root Server Operators Statement… Rob Sayre
- Re: [dns-privacy] Root Server Operators Statement… Bill Woodcock
- Re: [dns-privacy] Root Server Operators Statement… Rob Sayre
- Re: [dns-privacy] Root Server Operators Statement… Bill Woodcock
- Re: [dns-privacy] Root Server Operators Statement… Rob Sayre
- Re: [dns-privacy] Root Server Operators Statement… Bill Woodcock
- Re: [dns-privacy] Root Server Operators Statement… Stephen Farrell
- Re: [dns-privacy] Root Server Operators Statement… Bill Woodcock
- Re: [dns-privacy] Root Server Operators Statement… Rob Sayre
- Re: [dns-privacy] Root Server Operators Statement… Bill Woodcock
- Re: [dns-privacy] Root Server Operators Statement… Andrew Campling
- Re: [dns-privacy] Root Server Operators Statement… Bill Woodcock
- Re: [dns-privacy] Root Server Operators Statement… Andrew Campling
- Re: [dns-privacy] Root Server Operators Statement… Bill Woodcock
- Re: [dns-privacy] Root Server Operators Statement… Christian Huitema
- Re: [dns-privacy] Root Server Operators Statement… Rob Sayre
- Re: [dns-privacy] Root Server Operators Statement… Tomas Krizek
- Re: [dns-privacy] Root Server Operators Statement… Petr Špaček
- Re: [dns-privacy] Root Server Operators Statement… Brian Haberman
- Re: [dns-privacy] Root Server Operators Statement… Bill Woodcock
- Re: [dns-privacy] Root Server Operators Statement… Vittorio Bertola
- Re: [dns-privacy] Root Server Operators Statement… Stephane Bortzmeyer
- Re: [dns-privacy] Root Server Operators Statement… Stephane Bortzmeyer
- Re: [dns-privacy] Root Server Operators Statement… Stephane Bortzmeyer
- [dns-privacy] DDoS resiliance & DNS-over-TCP (was… Shane Kerr
- Re: [dns-privacy] Root Server Operators Statement… Christian Huitema
- [dns-privacy] RFC7626 and risk/threat analysis Jim Reid
- Re: [dns-privacy] Root Server Operators Statement… John Heidemann
- Re: [dns-privacy] Root Server Operators Statement… Wes Hardaker
- Re: [dns-privacy] Root Server Operators Statement… Brian Haberman