Re: [dns-privacy] Root Server Operators Statement on DNS Encryption

Brian Haberman <brian@innovationslab.net> Thu, 01 April 2021 12:08 UTC

Return-Path: <brian@innovationslab.net>
X-Original-To: dns-privacy@ietfa.amsl.com
Delivered-To: dns-privacy@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 799403A0CDF for <dns-privacy@ietfa.amsl.com>; Thu, 1 Apr 2021 05:08:23 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.898
X-Spam-Level:
X-Spam-Status: No, score=-1.898 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, NICE_REPLY_A=-0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=innovationslab-net.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8l-afbxHKNCW for <dns-privacy@ietfa.amsl.com>; Thu, 1 Apr 2021 05:08:19 -0700 (PDT)
Received: from mail-qt1-x82e.google.com (mail-qt1-x82e.google.com [IPv6:2607:f8b0:4864:20::82e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DA93B3A0CDD for <dns-privacy@ietf.org>; Thu, 1 Apr 2021 05:08:18 -0700 (PDT)
Received: by mail-qt1-x82e.google.com with SMTP id f12so1258267qtq.4 for <dns-privacy@ietf.org>; Thu, 01 Apr 2021 05:08:18 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=innovationslab-net.20150623.gappssmtp.com; s=20150623; h=subject:to:references:from:message-id:date:user-agent:mime-version :in-reply-to; bh=eL9R9SUWcbjTj6VXY+umWiCPVy5bYfiEUSefGef0NhE=; b=a7YkzY6njwEGDTsqItIbkBybKbt9/xWs6EQcuKp9/ZbYSPpjlLyrqJGH/o93GpJ9HA gl2vPhZC+H6D+O7vqYNMewlpCKhqe8KOa6eY0mqQsAKPxE8O7CF233CRbvGdUztyfWh9 Cnop4CphXBEQJRnNfD1AdlqOvjsCYvm4sFrxJ4Z4rD4/SjGMbifHYymVur79kJHjKQ5k 91zf2wgk/7eskuDrkpTxcLn7lFM0EgeNEAz8V2q2irYuIidyV5cVN7kuFqx6giZNCsYb z3GhJUn8lcJ/dfoTVNc0u+gpuCWp3+gn8+ajzDynxekovR0hpzL16f72aicCMyQE6A+8 P61Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:references:from:message-id:date :user-agent:mime-version:in-reply-to; bh=eL9R9SUWcbjTj6VXY+umWiCPVy5bYfiEUSefGef0NhE=; b=TCtohfDVjvG4e6n38hj2LTp+cVZx6RT08nwjOrc5SFSW3TPI1akjA3xS29Q2lDs9SA hjAFYwgcbWsvl2WaYZ2PMsg+NrInp55dOxsNokTYQ+Lv9v5HNT4AAiZNo50fdb3SLpeT ETlpVnx9hWhf+yTrdtCU5NelCg4/FJY1AJ9WilPn6S46k9qv+QUpEy5EeTm7i3CcdILM 5zR5ZWbjCDU0ogAvjTQLBrsYfFAQkc0XVaHUOQ21cz5hbGpYeB+BWNwquMn3z0UQ0ard prxOfTB+Opgj3K1pzvkIPW0EBng/GncYnIHngfKLYxGozKhx7YcoRO7Bll489TvaaT8H yfRA==
X-Gm-Message-State: AOAM531iZqQpoAjTBlkdakI/XF2XOukM2nthOXP3hFdTkGw/xvlPWTnU F81J6B3mbJ0VCgcj856uJvitQL/Frl4mzNO9
X-Google-Smtp-Source: ABdhPJyf+upR445ATbxzF4bVhULQj5OS+Zn7lIJCwBvKfdfzA3TagzuqxZaXn7dQqJrbjN4kqGHL4g==
X-Received: by 2002:ac8:777c:: with SMTP id h28mr6514571qtu.63.1617278896565; Thu, 01 Apr 2021 05:08:16 -0700 (PDT)
Received: from clemson.local ([2601:5ce:300:84e:fd6a:d664:b700:96d5]) by smtp.gmail.com with ESMTPSA id j6sm3874497qkl.84.2021.04.01.05.08.15 for <dns-privacy@ietf.org> (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Thu, 01 Apr 2021 05:08:15 -0700 (PDT)
To: dns-privacy@ietf.org
References: <c925da9089fa4b1e991ec74fc9c11e7f@verisign.com> <CAChr6Sxwao=FAcoeHMuOf0L=JCZ+wvhsr9BNZW_dbt+1=HWQwg@mail.gmail.com> <20210331091238.GA10597@nic.fr> <CAChr6SxPNVAZMYfZqF+K6Xf8FPGa9ZgHkL-uUvtKMEiJSPmp8Q@mail.gmail.com> <2607D274-936F-4A31-9E4D-EEBCF45BE838@pch.net> <CAChr6Szg+EbFqSpFPco8Gyb9pzNNnrSoQJcXTDVeg40_EXiPDg@mail.gmail.com> <4B1CCB51-C777-4434-B28E-76C22C12E4DA@pch.net> <CAChr6Sym=tm-vj-3FB-GbOG6U=U4CFsRE6yyWJk14waZQLbRiQ@mail.gmail.com> <ABD711DE-80CE-4B15-9153-82DA25E4F000@pch.net> <CAChr6Swfnc_s_-3TS6NuCzuqWduA-E6270x4uSLNGnTF+sLnmQ@mail.gmail.com> <981FF900-A7ED-46DF-9DDB-056E76822017@pch.net> <13460b9e-a7d4-1bad-b48c-64941fb4739f@cs.tcd.ie> <97657AD3-B264-4D96-AA0F-73294FBD8277@pch.net>
From: Brian Haberman <brian@innovationslab.net>
Message-ID: <3b44bbe2-2d60-f6d3-70e4-a836411dbc32@innovationslab.net>
Date: Thu, 1 Apr 2021 08:08:14 -0400
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:78.0) Gecko/20100101 Thunderbird/78.9.0
MIME-Version: 1.0
In-Reply-To: <97657AD3-B264-4D96-AA0F-73294FBD8277@pch.net>
Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="fdJY7yqJIUECcHUtZZ7oXsa4rB1YgcDJj"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dns-privacy/uD84rLII6EG6cJovx_DJdgfapA8>
Subject: Re: [dns-privacy] Root Server Operators Statement on DNS Encryption
X-BeenThere: dns-privacy@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <dns-privacy.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dns-privacy/>
List-Post: <mailto:dns-privacy@ietf.org>
List-Help: <mailto:dns-privacy-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 01 Apr 2021 12:08:24 -0000


On 3/31/21 5:51 PM, Bill Woodcock wrote:
> 
> 
>> On Mar 31, 2021, at 11:49 PM, Stephen Farrell <stephen.farrell@cs.tcd.ie> wrote:
>> The real issue IMO is not querying the root servers but
>> the TLDs. There are still performance issues to consider
>> of course but the business model and the value to the
>> person somewhere behind the recursive are quite different.
>>
>> I really wish we could stop all mixing up the roots with
>> the TLDs in this discussion.
> 
> Yep, exactly.
> 

The WG seems to fluctuate between wanting to treat all authoritatives
the same and thinking of the root as being different from TLDs. If you
recall during our interim meeting last year, we tried to keep them
separate and some folks complained.

I (with no hats on) would take the Root Server Operators statement as a
strong indication that they believe the root does need to be considered
separately from the TLDs.

Regards,
Brian