IETF Logo Mail Archive

Re: [dns-privacy] ADoX experiments (was: Re: Intermediate proposal (what I was saying at the mic))

Bill Woodcock <woody@pch.net> Tue, 31 August 2021 12:23 UTC

Return-Path: <woody@pch.net>
X-Original-To: dns-privacy@ietfa.amsl.com
Delivered-To: dns-privacy@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B73773A11F2 for <dns-privacy@ietfa.amsl.com>; Tue, 31 Aug 2021 05:23:19 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id euXHxf7yaRn3 for <dns-privacy@ietfa.amsl.com>; Tue, 31 Aug 2021 05:23:16 -0700 (PDT)
Received: from mail.pch.net (keriomail.pch.net [206.220.231.84]) (using TLSv1.1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 804983A11F1 for <dns-privacy@ietf.org>; Tue, 31 Aug 2021 05:23:16 -0700 (PDT)
X-Footer: cGNoLm5ldA==
Received: from smtpclient.apple ([69.166.14.2]) by mail.pch.net (Kerio Connect 9.2.7 patch 3) with ESMTPS (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256 bits)); Tue, 31 Aug 2021 05:23:14 -0700
From: Bill Woodcock <woody@pch.net>
Message-Id: <AD432442-796F-408C-89ED-CE0396B2B078@pch.net>
Content-Type: multipart/signed; boundary="Apple-Mail=_A525581E-ADCB-4876-A85C-D10136224035"; protocol="application/pgp-signature"; micalg="pgp-sha256"
Mime-Version: 1.0 (Mac OS X Mail 14.0 \(3654.120.0.1.13\))
Date: Tue, 31 Aug 2021 14:23:11 +0200
In-Reply-To: <1a6d0690-3d03-b265-ac8d-ad5017e2aedf@innovationslab.net>
Cc: dns-privacy@ietf.org
To: Brian Haberman <brian@innovationslab.net>
References: <CABcZeBNRZsyjd-M_hKOwxdqY=Y7oZs5-d4waqPHb9gO-GJNV+Q@mail.gmail.com> <8b2ac283-614e-40d2-b6bf-5e67d5324aaa@www.fastmail.com> <9f184e77-056a-3a49-8832-249d36bbab82@cs.tcd.ie> <4cdc1d2f-47cb-9c23-f049-cf1ebf6717a5@innovationslab.net> <1a6d0690-3d03-b265-ac8d-ad5017e2aedf@innovationslab.net>
X-Mailer: Apple Mail (2.3654.120.0.1.13)
Archived-At: <https://mailarchive.ietf.org/arch/msg/dns-privacy/rQm4z0j1eZydm7_Ea5Vcg_UOYvU>
Subject: Re: [dns-privacy] ADoX experiments (was: Re: Intermediate proposal (what I was saying at the mic))
X-BeenThere: dns-privacy@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Addition of privacy to the DNS protocol <dns-privacy.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dns-privacy/>
List-Post: <mailto:dns-privacy@ietf.org>
List-Help: <mailto:dns-privacy-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 31 Aug 2021 12:23:20 -0000

On 8/17/21 8:16 AM, Brian Haberman wrote:
> I believe we need the following:
> 
> 3. At least one authoritative server operator willing to deploy the
> experimental implementation,
> 
> 4. At least one recursive resolver operator willing to deploy the
> experimental implementation,
> 
> Are there any volunteers to start working on details of such an experiment?

I had, at the outset, said that PCH and Quad9 would be immediately implementing any ADoX that makes it as far as running code, and in case that didn’t make it into your notes, I’ll reiterate it now.  As I’ve said before, we STRONGLY PREFER implementations which include TLS client authentication.

                                -Bill

v2.23.0 | Report a Bug | By Email