Re: [dns-privacy] [DNSOP] New: draft-bertola-bcp-doh-clients
"Konda, Tirumaleswar Reddy" <TirumaleswarReddy_Konda@McAfee.com> Mon, 11 March 2019 15:07 UTC
Return-Path: <TirumaleswarReddy_Konda@mcafee.com>
X-Original-To: dns-privacy@ietfa.amsl.com
Delivered-To: dns-privacy@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B6F0E13116E; Mon, 11 Mar 2019 08:07:37 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.3
X-Spam-Level:
X-Spam-Status: No, score=-4.3 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=mcafee.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id p5M6bDWblXMC; Mon, 11 Mar 2019 08:07:34 -0700 (PDT)
Received: from DNVWSMAILOUT1.mcafee.com (dnvwsmailout1.mcafee.com [161.69.31.173]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 06ED213115A; Mon, 11 Mar 2019 08:07:33 -0700 (PDT)
X-NAI-Header: Modified by McAfee Email Gateway (5500)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mcafee.com; s=s_mcafee; t=1552316645; h=From: To:CC:Subject:Thread-Topic:Thread-Index:Date: Message-ID:References:In-Reply-To:Accept-Language: Content-Language:X-MS-Has-Attach:X-MS-TNEF-Correlator: dlp-product:dlp-version:dlp-reaction:authentication-results: x-originating-ip:x-ms-publictraffictype:x-ms-office365-filtering-correlation-id: x-microsoft-antispam:x-ms-traffictypediagnostic: x-ms-exchange-purlcount:x-microsoft-exchange-diagnostics: x-microsoft-antispam-prvs:x-forefront-prvs: x-forefront-antispam-report:received-spf:x-ms-exchange-senderadcheck: x-microsoft-antispam-message-info:Content-Type: MIME-Version:X-MS-Exchange-CrossTenant-Network-Message-Id: X-MS-Exchange-CrossTenant-originalarrivaltime: X-MS-Exchange-CrossTenant-fromentityheader: X-MS-Exchange-CrossTenant-id:X-MS-Exchange-CrossTenant-mailboxtype: X-MS-Exchange-Transport-CrossTenantHeadersStamped: X-OriginatorOrg:X-NAI-Spam-Flag:X-NAI-Spam-Threshold: X-NAI-Spam-Score:X-NAI-Spam-Version; bh=Z V9XPsCyUZuIWfK0U6j3XMQOeb/v+WwEDuGz1+isEz k=; b=drM6eFNwjdbpq6lRTVJpYvZv1B2k1zDHxpde8MwtHI8Z xiiSRPc0MdObACqTvqs/C0gwH881ZIslQjHggnVupHEbMeV36+ Llp+cf05DNGKfLgsDrNetJNNZ9D+uzPP47QHwelQlfL8pdVdBU rFf3mABNP1W1xqkruzJ+O+pkomU=
Received: from DNVEXAPP1N06.corpzone.internalzone.com (unknown [10.44.48.90]) by DNVWSMAILOUT1.mcafee.com with smtp (TLS: TLSv1/SSLv3,256bits,ECDHE-RSA-AES256-SHA384) id 4d23_2773_afb60513_be75_48fd_9cec_d2c84b98a6cd; Mon, 11 Mar 2019 09:04:04 -0600
Received: from DNVEXAPP1N05.corpzone.internalzone.com (10.44.48.89) by DNVEXAPP1N06.corpzone.internalzone.com (10.44.48.90) with Microsoft SMTP Server (TLS) id 15.0.1395.4; Mon, 11 Mar 2019 09:06:55 -0600
Received: from DNVO365EDGE2.corpzone.internalzone.com (10.44.176.74) by DNVEXAPP1N05.corpzone.internalzone.com (10.44.48.89) with Microsoft SMTP Server (TLS) id 15.0.1395.4 via Frontend Transport; Mon, 11 Mar 2019 09:06:55 -0600
Received: from NAM04-CO1-obe.outbound.protection.outlook.com (10.44.176.243) by edge.mcafee.com (10.44.176.74) with Microsoft SMTP Server (TLS) id 15.0.1395.4; Mon, 11 Mar 2019 09:06:54 -0600
Received: from BYAPR16MB2790.namprd16.prod.outlook.com (20.178.233.91) by BYAPR16MB2534.namprd16.prod.outlook.com (20.177.225.18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1686.21; Mon, 11 Mar 2019 15:06:53 +0000
Received: from BYAPR16MB2790.namprd16.prod.outlook.com ([fe80::9c48:452b:e39c:ef39]) by BYAPR16MB2790.namprd16.prod.outlook.com ([fe80::9c48:452b:e39c:ef39%2]) with mapi id 15.20.1686.021; Mon, 11 Mar 2019 15:06:53 +0000
From: "Konda, Tirumaleswar Reddy" <TirumaleswarReddy_Konda@McAfee.com>
To: nalini elkins <nalini.elkins@e-dco.com>, Paul Vixie <paul@redbarn.org>
CC: Stephen Farrell <stephen.farrell@cs.tcd.ie>, "doh@ietf.org" <doh@ietf.org>, "dnsop@ietf.org" <dnsop@ietf.org>, Christian Huitema <huitema@huitema.net>, "dns-privacy@ietf.org" <dns-privacy@ietf.org>, Vittorio Bertola <vittorio.bertola=40open-xchange.com@dmarc.ietf.org>, "Ackermann, Michael" <mackermann@bcbsm.com>
Thread-Topic: [dns-privacy] [DNSOP] New: draft-bertola-bcp-doh-clients
Thread-Index: AQHU18EUlfcZSGs9J0KNFyMWu+pdj6YF5gQAgAACz4CAAJwPEA==
Date: Mon, 11 Mar 2019 15:06:53 +0000
Message-ID: <BYAPR16MB279065EE519680E7FC9A637CEA480@BYAPR16MB2790.namprd16.prod.outlook.com>
References: <1700920918.12557.1552229700654@appsuite.open-xchange.com> <7667c4d7-2e78-0a27-84af-cf1c00fd4897@cs.tcd.ie> <1991054337.12802.1552259263075@appsuite.open-xchange.com> <eea64b30-aad0-a030-5360-1b1484f1d0e3@huitema.net> <CAPsNn2WhjHSEHJUEL8GB6X0d24fkajgPnY4YgkOQbXjyxb5q8Q@mail.gmail.com> <e62efaf3-4a35-4a52-5ed4-dee2e7fafe72@huitema.net> <69f989ba-0939-b917-b586-9e3af3fb8b74@redbarn.org> <CAPsNn2XNCzgAdfJtxBVboAe+d6sbCiV2fZv9185wm+HN+3zRdg@mail.gmail.com>
In-Reply-To: <CAPsNn2XNCzgAdfJtxBVboAe+d6sbCiV2fZv9185wm+HN+3zRdg@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
dlp-product: dlpe-windows
dlp-version: 11.2.0.6
dlp-reaction: no-action
authentication-results: spf=none (sender IP is ) smtp.mailfrom=TirumaleswarReddy_Konda@McAfee.com;
x-originating-ip: [49.37.203.5]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: cddb0001-2a1b-423f-1f14-08d6a63331fb
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600127)(711020)(4605104)(2017052603328)(7153060)(7193020); SRVR:BYAPR16MB2534;
x-ms-traffictypediagnostic: BYAPR16MB2534:
x-ms-exchange-purlcount: 2
x-microsoft-exchange-diagnostics: 1;BYAPR16MB2534;23:S6ASkrD1sZYPl+BvyYxgwXwbqZTHQtHCiXHAu/1s66+BNA4exQ7yWWTH3NH/I/HC8p7IuzEfBsdScO3nNfvxkA+af4dV+Upq1ccklO2IQGen72ybUKqK9pzAfWWVLo0apbTX6iqxCEGscYUiMaBXEU9ut8iQv1Z+AXCm26Qk7P5Hr4iXCdgg1N4Sk8tHEz7MYM8lNVpumCcBjnBRN2qwfcSQPsWTO4ElMFocY4Xd6k/GlSx8NyNYHCWODXTjpdTuW+LD+DbaYH2JpdjIiHZsjTUA50Jj9qQoXh+grI8g+d2oqHS+MM1TfTI+B6bsdo2nmst1AXRnZQa/uKM5k/dJJE1DTCf+wAV2hVX//4iHJd0p+EW9LULM4ehlK8R8L37P7epqSsGI86oVwt2e5x0M8DRDC35Vt1WoaTWj2XqoQU+eeirmHOIzhY7RIjDAFOZxFOAurHdaoD503R4OdJoiu9gXLCfHgELEVDR3Haa28vg1w3BUbj91dygZmKEPqOxLVVzgByC0gMB6jiqrddtOVdyr9/xbPzEr2XF2KjqrfgA/VH1+M62gaT4ky8aT8fRCWKslL92AWgBwQJa+XBQh5He0W+7E29m/8Trl0uiIoiTzXh1BcSUcSynJCIyGtfRaEta/SO9jq4lv0Mx7mxxrM1BcORYbtyrxhP1LpBUOn/H/q//mAFjHAvzSzuW8aVfpsYg4V3V667NYQMpTCJSaRgdcHerUOs4I010LQBmgV9jJlM6nYAsDSHviWI4Y7e48HvPvZe9ztHQRQ8zlp+lGuJ5fW9lXI8Vaab110JGjzm9QctyG6Ss+zLS0tT27N+Y+KiLkRzMyQicimf7w/h+B8gM+Mcxv0JcKJoHTmpq9B3nxkTbkQ95MGRh56UU4p6KL4hpEhk8bnbVnCk3Rd6WYJ0paWJMz56EESjLTcgO8TKSWaoDtR+slVXr8Hc0eQ6mQUYT0kjPjuhMvInwQYWk5zr99zV+gSgyJwMeFNT3OTgRBbWoTEdweoLdjD2ej8iLmwoD5VVBzyZTekjJN5s3BEulJvte+lw0+3+NqPLec0txOZn2Udchg1VMnSH1WeqsCdCvzVRGjkQcJcKluHtG+/HP45+QaFIFsGRJ7+I8GINSi3h5LTui6Ui+qmEXl+eRF5dne4pqiz2aTc7CkDSo+YUotJtlxLhpwrNL6CUq/vGagHqOgJcG9AIuB/WbRXI5PV9hgLvKj1gQANBp5FmxIj6A7EL3acOSA7kat5ZaLrasWChp2QmeVwG7K7WVjxKIOEtqRGWuHcWmZl7NUQIxmJssyll0I+bS+LfOSRse8P0Erj9HZvZsTIzFGeL13bMW784sdD645lipKyzy3jO+JZeM3Z/wWtsuQ0Ls6mXxO0Z41qnn8bGJQ/JOty+In1NEelyn6WwlY0TuZwA0Lehq5pf0XADOKkjmW2BzzIBNsso+G/SBaQfHxg0Z98lsz9KzwLITYn+ATx+iaorTOZ/RNjyO0wtCQaXbe3AgIJlWjpAwLMPv5Wz6FvjtsWKocM2zg
x-microsoft-antispam-prvs: <BYAPR16MB2534CB10390474F748E40680EA480@BYAPR16MB2534.namprd16.prod.outlook.com>
x-forefront-prvs: 09730BD177
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(376002)(396003)(366004)(39860400002)(346002)(136003)(199004)(189003)(32952001)(316002)(105586002)(53936002)(102836004)(66066001)(76176011)(33656002)(7696005)(54906003)(110136005)(606006)(186003)(99286004)(6506007)(106356001)(71190400001)(71200400001)(53546011)(6246003)(4326008)(2906002)(8936002)(14454004)(8676002)(229853002)(81166006)(81156014)(80792005)(26005)(68736007)(7736002)(97736004)(54896002)(72206003)(966005)(52536013)(790700001)(74316002)(53386004)(86362001)(5660300002)(476003)(478600001)(6116002)(236005)(93886005)(3846002)(25786009)(446003)(486006)(256004)(5024004)(14444005)(11346002)(6436002)(66574012)(6306002)(55016002)(9686003)(85282002); DIR:OUT; SFP:1101; SCL:1; SRVR:BYAPR16MB2534; H:BYAPR16MB2790.namprd16.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: McAfee.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: teVwJn81MqvgBQ0yhGH2exmiguzpV8MC4X1LGsrRkNbazuBkX0X6f2drIq20QMfiVBj23NjBLYj6JBgbr0QaWZnGX16ni2bTubu+UiVUyRaub8zebd47njFzR/49XpiMGqKMmKlbAycvO2V1k8WMCz9BPB8axW6KM4xNzVWZiqhliAbyH49Burt84Zh5wJdPmRBuH6UEYIfoK4MPl/ruLKGFm0FXFRaA/aeiUS8bhFouBVoX0h8CuSjblODiHfzrFYR5c7a/zDaVDe6gme/9I78PxpmTzbuZWxO9fss3L2aVX+67lBXYBipe/x+sZV4IBAU0G2VTRPrSJA6Ty1jmU7z9uc9ELCDeqWDFIOin/wFhqu732rNjislp/XQiS178K5amOpWtonw+Mz7/mPB7swJZroHWbJcL5eBxAtIjBZg=
Content-Type: multipart/alternative; boundary="_000_BYAPR16MB279065EE519680E7FC9A637CEA480BYAPR16MB2790namp_"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: cddb0001-2a1b-423f-1f14-08d6a63331fb
X-MS-Exchange-CrossTenant-originalarrivaltime: 11 Mar 2019 15:06:53.0677 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 4943e38c-6dd4-428c-886d-24932bc2d5de
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BYAPR16MB2534
X-OriginatorOrg: mcafee.com
X-NAI-Spam-Flag: NO
X-NAI-Spam-Threshold: 15
X-NAI-Spam-Score: 0
X-NAI-Spam-Version: 2.3.0.9418 : core <6500> : inlines <7030> : streams <1815404> : uri <2810816>
Archived-At: <https://mailarchive.ietf.org/arch/msg/dns-privacy/jaU6Vq-AioMXtXMxt7S7NqEgb-Y>
Subject: Re: [dns-privacy] [DNSOP] New: draft-bertola-bcp-doh-clients
X-BeenThere: dns-privacy@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <dns-privacy.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dns-privacy/>
List-Post: <mailto:dns-privacy@ietf.org>
List-Help: <mailto:dns-privacy-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 11 Mar 2019 15:07:42 -0000
Please see inline [TR] From: dns-privacy <dns-privacy-bounces@ietf.org> On Behalf Of nalini elkins Sent: Monday, March 11, 2019 11:05 AM To: Paul Vixie <paul@redbarn.org> Cc: Stephen Farrell <stephen.farrell@cs.tcd.ie>; doh@ietf.org; dnsop@ietf.org; Christian Huitema <huitema@huitema.net>; dns-privacy@ietf.org; Vittorio Bertola <vittorio.bertola=40open-xchange.com@dmarc.ietf.org>; Ackermann, Michael <mackermann@bcbsm.com> Subject: Re: [dns-privacy] [DNSOP] New: draft-bertola-bcp-doh-clients CAUTION: External email. Do not click links or open attachments unless you recognize the sender and know the content is safe. ________________________________ Paul, > (yes, i will be part of a major new project to identify and block all DoH services, so > that behavioural security policies can still work, because you may have > noticed that the internet has never become MORE secure from new tech, > but it occasionally becomes LESS secure more slowly because of policy.) I would be very interested, if you are so inclined, to hear more of what you are thinking. Is this something you can (are willing to) talk about? [TR] Enterprise networks are already able to block DoH services, it is causing the DoH client to fallback to clear-text DNS compromising endpoint security and privacy. In draft https://tools.ietf.org/html/draft-reddy-dprive-bootstrap-dns-server-01 we are proposing mechanisms to automatically bootstrap endpoints to discover and authenticate privacy-enabling DNS servers provided by the Enterprise network. The user also gets to know the privacy preserving data policy by the DNS server and can decide whether to switch to another network or if the user trusts the network and privacy policy, the user can enable strict privacy profile with the privacy enabling DNS server discovered in the Enterprise network itself instead of downgrading to opportunistic privacy profile. Cheers, -Tiru It sounds like a very thought-provoking initiative. Thanks, Nalini On Mon, Mar 11, 2019 at 10:55 AM Paul Vixie <paul@redbarn.org<mailto:paul@redbarn.org>> wrote: Christian Huitema wrote on 2019-03-10 21:14: .... > There are a bunch of conflicting requirements here, and it would be good > to tease out the contradictions. Consider the following cases: > > 1) I am using my phone, and using application-X. > > 2) I am at home, using application-X on my home computer. > > 3) I am using Wi-Fi in a hotel, and using application-X. > > 4) I am using my work laptop on the enterprise network, and using > application-X > > 5) I am using my work laptop in a hotel, and using application-X > > 6) I am using my work laptop on the network of a customer, and using > application-X. this distinction is not useful. there are two cases. a user or app trusts its network. or not. in the first case, you'll use an RDNS service which is in the set (allowed (preferred)). that is, you'll use the server you desire most out of the set that your network operator allows you to reach. in the second case, you'll use a VPN, for all of your traffic, not just for DNS, because if you hide your DNS but not the connections which result from such hiding, it will add no measurable privacy. > Today, plenty of people claim the right to control how I use the DNS: my > phone carrier, my ISP at home, the company that got the contract to > manage the hotel's Wi-Fi, the IT manager for my company's laptop, the IT > manager for the company that I am visiting. Out of those, there is just > one scenario for which the claim has some legitimacy: if the company > pays for my laptop and own the laptop, yes of course it has a legitimate > claim to control how I am using it. Otherwise, I, the user, get to > decide. If I like the application's setting better than the network's > default, then of course I expect those settings to stick. this distinction is also false. if you are using my network, then it makes no difference which of us bought you that laptop. you will use the RDNS i allow you to use. RDNS is part of the control plane, and i use it for both monitoring and control. sometimes that's so that i can see malware beacon to its C&C. sometimes that's so that i can institute parental controls. if you don't like my rules, you should vote with your feet, and not visit me. because that is the only choice you will have. (yes, i will be part of a major new project to identify and block all DoH services, so that behavioural security policies can still work, because you may have noticed that the internet has never become MORE secure from new tech, but it occasionally becomes LESS secure more slowly because of policy.) quoting again the salient passage of RFC 8484's self-damning introduction: > ... Two primary use cases were considered during this protocol's > development. These use cases are preventing on-path devices from > interfering with DNS operations, ... let me give you advance notice: "i aim to misbehave."[1] that is, _i am on-path, and i intend to interfere._ why on earth the IETF decided to equate dissidents (of whom there are tens of thousands, all of which need full VPN's not just DoH for actual safety) with bots (of which there are tens of millions), and set up a war between end users and network operators, i will never understand, or try to. now, we fight. -- P Vixie -- Thanks, Nalini Elkins President Enterprise Data Center Operators www.e-dco.com<http://www.e-dco.com>
- [dns-privacy] New: draft-bertola-bcp-doh-clients Vittorio Bertola
- Re: [dns-privacy] New: draft-bertola-bcp-doh-clie… Stephen Farrell
- Re: [dns-privacy] New: draft-bertola-bcp-doh-clie… Vittorio Bertola
- Re: [dns-privacy] New: draft-bertola-bcp-doh-clie… Christian Huitema
- Re: [dns-privacy] New: draft-bertola-bcp-doh-clie… Vittorio Bertola
- Re: [dns-privacy] New: draft-bertola-bcp-doh-clie… nalini elkins
- Re: [dns-privacy] [DNSOP] New: draft-bertola-bcp-… Christian Huitema
- Re: [dns-privacy] [DNSOP] New: draft-bertola-bcp-… nalini elkins
- Re: [dns-privacy] [DNSOP] New: draft-bertola-bcp-… Paul Vixie
- Re: [dns-privacy] [DNSOP] New: draft-bertola-bcp-… nalini elkins
- Re: [dns-privacy] [DNSOP] New: draft-bertola-bcp-… Christian Huitema
- Re: [dns-privacy] [DNSOP] New: draft-bertola-bcp-… Paul Vixie
- Re: [dns-privacy] New: draft-bertola-bcp-doh-clie… Neil Cook
- Re: [dns-privacy] New: draft-bertola-bcp-doh-clie… Stephen Farrell
- Re: [dns-privacy] New: draft-bertola-bcp-doh-clie… Neil Cook
- Re: [dns-privacy] [DNSOP] New: draft-bertola-bcp-… Konda, Tirumaleswar Reddy
- Re: [dns-privacy] [DNSOP] New: draft-bertola-bcp-… nalini elkins
- Re: [dns-privacy] [DNSOP] New: draft-bertola-bcp-… Paul Vixie
- Re: [dns-privacy] [DNSOP] New: draft-bertola-bcp-… nalini elkins
- Re: [dns-privacy] [DNSOP] New: draft-bertola-bcp-… Brian Dickson
- Re: [dns-privacy] [DNSOP] New: draft-bertola-bcp-… Stephen Farrell
- Re: [dns-privacy] [Doh] [DNSOP] New: draft-bertol… Eliot Lear
- Re: [dns-privacy] [Doh] [DNSOP] New: draft-bertol… Daniel Stenberg
- Re: [dns-privacy] [Doh] [DNSOP] New: draft-bertol… Eric Rescorla
- Re: [dns-privacy] [Doh] [DNSOP] New: draft-bertol… Paul Vixie
- Re: [dns-privacy] [DNSOP] New: draft-bertola-bcp-… nalini elkins
- Re: [dns-privacy] [DNSOP] New: draft-bertola-bcp-… Stephen Farrell
- Re: [dns-privacy] [DNSOP] New: draft-bertola-bcp-… Konda, Tirumaleswar Reddy
- Re: [dns-privacy] [Doh] [DNSOP] New: draft-bertol… Konda, Tirumaleswar Reddy
- Re: [dns-privacy] [DNSOP] New: draft-bertola-bcp-… Neil Cook
- Re: [dns-privacy] [EXTERNAL] Re: [Doh] [DNSOP] Ne… Winfield, Alister
- Re: [dns-privacy] [EXTERNAL] [Doh] [DNSOP] New: d… Eliot Lear
- Re: [dns-privacy] [EXTERNAL] [Doh] [DNSOP] New: d… Konda, Tirumaleswar Reddy
- Re: [dns-privacy] [Doh] New: draft-bertola-bcp-do… Stephane Bortzmeyer
- Re: [dns-privacy] New: draft-bertola-bcp-doh-clie… Stephane Bortzmeyer
- Re: [dns-privacy] [Doh] [DNSOP] New: draft-bertol… Stephane Bortzmeyer
- Re: [dns-privacy] [DNSOP] New: draft-bertola-bcp-… Stephane Bortzmeyer
- Re: [dns-privacy] [Doh] [DNSOP] New: draft-bertol… Konda, Tirumaleswar Reddy
- Re: [dns-privacy] [DNSOP] [Doh] New: draft-bertol… Neil Cook
- Re: [dns-privacy] [Doh] [DNSOP] New: draft-bertol… Eric Rescorla
- Re: [dns-privacy] [DNSOP] New: draft-bertola-bcp-… Jim Reid
- Re: [dns-privacy] [Doh] New: draft-bertola-bcp-do… Neil Cook
- Re: [dns-privacy] [DNSOP] [Doh] New: draft-bertol… Jim Reid
- Re: [dns-privacy] [EXTERNAL] [Doh] [DNSOP] New: d… Eliot Lear
- Re: [dns-privacy] [DNSOP] New: draft-bertola-bcp-… Christian Huitema
- Re: [dns-privacy] [DNSOP] [Doh] New: draft-bertol… Paul Vixie
- Re: [dns-privacy] [DNSOP] [Doh] New: draft-bertol… Paul Vixie
- Re: [dns-privacy] [DNSOP] [Doh] New: draft-bertol… Michael Sinatra
- Re: [dns-privacy] [Doh] New: draft-bertola-bcp-do… Yishai Beeri (yishaib)
- Re: [dns-privacy] [DNSOP] [Doh] New: draft-bertol… Paul Vixie
- Re: [dns-privacy] [Doh] [DNSOP] New: draft-bertol… Stephen Farrell
- Re: [dns-privacy] [DNSOP] [Doh] New: draft-bertol… Christian Huitema
- Re: [dns-privacy] [Doh] [DNSOP] New: draft-bertol… Stephen Farrell
- Re: [dns-privacy] [DNSOP] [Doh] New: draft-bertol… Paul Vixie
- Re: [dns-privacy] [DNSOP] [Doh] New: draft-bertol… Brian Dickson
- Re: [dns-privacy] [Doh] New: draft-bertola-bcp-do… Stephane Bortzmeyer
- Re: [dns-privacy] [DNSOP] [Doh] New: draft-bertol… Ralf Weber
- Re: [dns-privacy] [Doh] [DNSOP] New: draft-bertol… Paul Vixie
- Re: [dns-privacy] [DNSOP] [Doh] New: draft-bertol… Paul Vixie
- Re: [dns-privacy] [DNSOP] [Doh] New: draft-bertol… Christian Huitema
- Re: [dns-privacy] [DNSOP] [Doh] New: draft-bertol… Paul Vixie
- Re: [dns-privacy] [Doh] [DNSOP] New: draft-bertol… Stephen Farrell
- Re: [dns-privacy] [DNSOP] New: draft-bertola-bcp-… Mark Andrews
- Re: [dns-privacy] [Doh] [DNSOP] New: draft-bertol… Paul Wouters
- Re: [dns-privacy] [DNSOP] [Doh] New: draft-bertol… Paul Wouters
- Re: [dns-privacy] [Doh] [DNSOP] New: draft-bertol… Stephen Farrell
- Re: [dns-privacy] [DNSOP] [Doh] New: draft-bertol… Raymond Burkholder
- Re: [dns-privacy] [DNSOP] [Doh] New: draft-bertol… Vittorio Bertola
- Re: [dns-privacy] [DNSOP] [Doh] New: draft-bertol… nalini elkins
- Re: [dns-privacy] [DNSOP] [Doh] New: draft-bertol… Vittorio Bertola
- Re: [dns-privacy] [DNSOP] [Doh] New: draft-bertol… Christian Huitema
- Re: [dns-privacy] [DNSOP] [Doh] New: draft-bertol… Raymond Burkholder
- Re: [dns-privacy] [DNSOP] [Doh] New: draft-bertol… Christian Huitema
- Re: [dns-privacy] [Doh] [DNSOP] New: draft-bertol… Vittorio Bertola
- Re: [dns-privacy] [Doh] [DNSOP] New: draft-bertol… Christian Huitema
- Re: [dns-privacy] [Doh] [DNSOP] New: draft-bertol… Eliot Lear
- Re: [dns-privacy] [Doh] [DNSOP] New: draft-bertol… Konda, Tirumaleswar Reddy
- Re: [dns-privacy] [DNSOP] [Doh] New: draft-bertol… Paul Vixie
- Re: [dns-privacy] [DNSOP] [Doh] New: draft-bertol… Paul Vixie
- Re: [dns-privacy] [DNSOP] [Doh] New: draft-bertol… Paul Vixie
- Re: [dns-privacy] [Doh] [DNSOP] New: draft-bertol… Brian Haberman
- Re: [dns-privacy] [Doh] [DNSOP] New: draft-bertol… Livingood, Jason
- Re: [dns-privacy] [DNSOP] [Doh] New: draft-bertol… Christian Huitema
- Re: [dns-privacy] [DNSOP] [Doh] New: draft-bertol… Brian Dickson
- Re: [dns-privacy] [DNSOP] [Doh] New: draft-bertol… Raymond Burkholder
- Re: [dns-privacy] [DNSOP] New: draft-bertola-bcp-… william manning
- Re: [dns-privacy] [DNSOP] New: draft-bertola-bcp-… Watson Ladd
- Re: [dns-privacy] [DNSOP] New: draft-bertola-bcp-… Paul Vixie