Re: [dns-privacy] [Ext] next steps for draft-opportunistic-adotq
Stephen Farrell <stephen.farrell@cs.tcd.ie> Sat, 27 March 2021 02:02 UTC
Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: dns-privacy@ietfa.amsl.com
Delivered-To: dns-privacy@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0A7393A1A10 for <dns-privacy@ietfa.amsl.com>; Fri, 26 Mar 2021 19:02:27 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, NICE_REPLY_A=-0.001, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cs.tcd.ie
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MbwHJbaNPztC for <dns-privacy@ietfa.amsl.com>; Fri, 26 Mar 2021 19:02:22 -0700 (PDT)
Received: from mercury.scss.tcd.ie (mercury.scss.tcd.ie [134.226.56.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1DFB43A1A11 for <dns-privacy@ietf.org>; Fri, 26 Mar 2021 19:02:21 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by mercury.scss.tcd.ie (Postfix) with ESMTP id E30EABE2F; Sat, 27 Mar 2021 02:02:17 +0000 (GMT)
X-Virus-Scanned: Debian amavisd-new at scss.tcd.ie
Received: from mercury.scss.tcd.ie ([127.0.0.1]) by localhost (mercury.scss.tcd.ie [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RoDNRzTBboIr; Sat, 27 Mar 2021 02:02:15 +0000 (GMT)
Received: from [10.244.2.119] (95-45-153-252-dynamic.agg2.phb.bdt-fng.eircom.net [95.45.153.252]) by mercury.scss.tcd.ie (Postfix) with ESMTPSA id AB806BE1C; Sat, 27 Mar 2021 02:02:15 +0000 (GMT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cs.tcd.ie; s=mail; t=1616810535; bh=plTZL2C1MiHF5Ztu8K3LEUFshWGCwdY57et9GZdtnCM=; h=To:Cc:References:From:Subject:Date:In-Reply-To:From; b=adSellj8DFIH39dAptk/3SKmO0ZQind7jMd+tqQCjR8MdbGGfQFP4nsXp0H/4bF19 FX2/yEWnlFhh8yGa5wimyg+SYhiLKPRgBg5ASWcLEiyIxXhmCcBMHD6Te52GHwgxu5 BFhu+wWysUzQX8Wl5U1IKVZlxvcQnALvzWwtRVrI=
To: Eric Rescorla <ekr@rtfm.com>, Jim Reid <jim@rfc1035.com>
Cc: DNS Privacy Working Group <dns-privacy@ietf.org>, Bill Woodcock <woody@pch.net>
References: <A68841F4-B7CC-4AAC-BC9F-0961ADF2C8FA@rfc1035.com> <DF40D081-1EA8-4E92-BB67-2966E32688DE@nohats.ca> <2E5B5290-CBBE-4F20-AD89-0BDCE3B2AA7F@pch.net> <DB196A4D-2720-4C9E-8A66-C314AB16BA0E@rfc1035.com> <A45C3DAA-C910-427A-9359-E38570D274D3@pch.net> <C6C1D17A-CE7B-4189-BC63-69FD2C5E9FD8@rfc1035.com> <CABcZeBMHXHY28y3KD=b7+KVkKhZ=A=du-2fJiG2=5oEYgm1ZRQ@mail.gmail.com>
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Message-ID: <80e40639-56ae-49a9-8207-83d7080593f0@cs.tcd.ie>
Date: Sat, 27 Mar 2021 02:02:14 +0000
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.7.1
MIME-Version: 1.0
In-Reply-To: <CABcZeBMHXHY28y3KD=b7+KVkKhZ=A=du-2fJiG2=5oEYgm1ZRQ@mail.gmail.com>
Content-Type: multipart/signed; micalg="pgp-sha256"; protocol="application/pgp-signature"; boundary="CLxBoTNMGO8LjpLwhyzVfwncUQBVEGAyv"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dns-privacy/rzBSR-ZMGp1Y044SHMjLP4cO_7I>
Subject: Re: [dns-privacy] [Ext] next steps for draft-opportunistic-adotq
X-BeenThere: dns-privacy@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <dns-privacy.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dns-privacy/>
List-Post: <mailto:dns-privacy@ietf.org>
List-Help: <mailto:dns-privacy-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 27 Mar 2021 02:02:27 -0000
Hiya, Not asking anyone in particular but... On 27/03/2021 00:24, Eric Rescorla wrote: > WRT the operational risk (slide 3), it's likely true that it's > somewhat harder to run a DoX server than a Do53 server. However, > given that we have plenty of worked examples of TLS servers of > comparable if not greater scale being operated with high reliability > (e.g., Google, Fastly, Cloudflare, etc.), I think there's pretty > strong evidence that this is an operational issue that can be > addressed. That's been said a number of times, and I think has a fairly clear ring of truth to it, but yet it somehow doesn't seem to sway those who operate larger scale Do53 services today. Can anyone help me understand that? I could understand if the justifications were down to stability or cost, either of which could be valid engineering reasons why someone might prefer the status-quo, but I don't think I've seen the argument made explicit in either of those ways. I don't have first-hand knowledge of this, so it'd help me at least if it the reasons why DoH or DoT are hard for (especially the likes of .com/.net) could be further clarified. Thanks, S.
- [dns-privacy] next steps for draft-opportunistic-… Peter van Dijk
- Re: [dns-privacy] next steps for draft-opportunis… Stephen Farrell
- Re: [dns-privacy] [Ext] next steps for draft-oppo… Paul Hoffman
- Re: [dns-privacy] [Ext] next steps for draft-oppo… Brian Haberman
- Re: [dns-privacy] [Ext] next steps for draft-oppo… Jim Reid
- Re: [dns-privacy] [Ext] next steps for draft-oppo… Bill Woodcock
- Re: [dns-privacy] [Ext] next steps for draft-oppo… Paul Wouters
- Re: [dns-privacy] [Ext] next steps for draft-oppo… Paul Hoffman
- Re: [dns-privacy] [Ext] next steps for draft-oppo… Jim Reid
- Re: [dns-privacy] [Ext] next steps for draft-oppo… Jim Reid
- Re: [dns-privacy] [Ext] next steps for draft-oppo… Ben Schwartz
- Re: [dns-privacy] [Ext] next steps for draft-oppo… Ben Schwartz
- Re: [dns-privacy] [Ext] next steps for draft-oppo… Jim Reid
- Re: [dns-privacy] [Ext] next steps for draft-oppo… Paul Hoffman
- Re: [dns-privacy] [Ext] next steps for draft-oppo… Rob Sayre
- Re: [dns-privacy] [Ext] next steps for draft-oppo… Paul Wouters
- Re: [dns-privacy] [Ext] next steps for draft-oppo… Jim Reid
- Re: [dns-privacy] [Ext] next steps for draft-oppo… Rob Sayre
- Re: [dns-privacy] [Ext] next steps for draft-oppo… Paul Wouters
- Re: [dns-privacy] [Ext] next steps for draft-oppo… Ilari Liusvaara
- Re: [dns-privacy] [Ext] next steps for draft-oppo… Bill Woodcock
- Re: [dns-privacy] [Ext] next steps for draft-oppo… Jim Reid
- Re: [dns-privacy] [Ext] next steps for draft-oppo… Bill Woodcock
- Re: [dns-privacy] [Ext] next steps for draft-oppo… Jim Reid
- Re: [dns-privacy] [Ext] next steps for draft-oppo… Bill Woodcock
- Re: [dns-privacy] [Ext] next steps for draft-oppo… Eric Rescorla
- Re: [dns-privacy] [Ext] next steps for draft-oppo… Stephen Farrell
- Re: [dns-privacy] [Ext] next steps for draft-oppo… Rob Sayre
- Re: [dns-privacy] [Ext] next steps for draft-oppo… Hollenbeck, Scott