[dns-privacy] I-D Action: draft-ietf-dprive-unilateral-probing-02.txt

internet-drafts@ietf.org Wed, 28 September 2022 00:47 UTC

Return-Path: <internet-drafts@ietf.org>
X-Original-To: dns-privacy@ietf.org
Delivered-To: dns-privacy@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 6D547C152703; Tue, 27 Sep 2022 17:47:33 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: internet-drafts@ietf.org
To: <i-d-announce@ietf.org>
Cc: dns-privacy@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 8.17.0
Auto-Submitted: auto-generated
Precedence: bulk
Reply-To: dns-privacy@ietf.org
Message-ID: <166432605343.37460.11849238533382716958@ietfa.amsl.com>
Date: Tue, 27 Sep 2022 17:47:33 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/dns-privacy/mm8Un2F2l0emfdV6JqZBHNEDSdQ>
Subject: [dns-privacy] I-D Action: draft-ietf-dprive-unilateral-probing-02.txt
X-BeenThere: dns-privacy@ietf.org
X-Mailman-Version: 2.1.39
List-Id: Addition of privacy to the DNS protocol <dns-privacy.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dns-privacy/>
List-Post: <mailto:dns-privacy@ietf.org>
List-Help: <mailto:dns-privacy-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 28 Sep 2022 00:47:33 -0000

A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the DNS PRIVate Exchange WG of the IETF.

        Title           : Unilateral Opportunistic Deployment of Encrypted Recursive-to-Authoritative DNS
        Authors         : Daniel Kahn Gillmor
                          Joey Salazar
                          Paul Hoffman
  Filename        : draft-ietf-dprive-unilateral-probing-02.txt
  Pages           : 27
  Date            : 2022-09-27

   This document sets out steps that DNS servers (recursive resolvers
   and authoritative servers) can take unilaterally (without any
   coordination with other peers) to defend DNS query privacy against a
   passive network monitor.  The steps in this document can be defeated
   by an active attacker, but should be simpler and less risky to deploy
   than more powerful defenses.

   The goal of this document is to simplify and speed deployment of
   opportunistic encrypted transport in the recursive-to-authoritative
   hop of the DNS ecosystem.  With wider easy deployment of the
   underlying transport on an opportunistic basis, we hope to facilitate
   the future specification of stronger cryptographic protections
   against more powerful attacks.

The IETF datatracker status page for this draft is:

There is also an htmlized version available at:

A diff from the previous version is available at:

Internet-Drafts are also available by rsync at rsync.ietf.org::internet-drafts