[dns-privacy] Fwd: New Version Notification for draft-hzpa-dprive-xfr-over-tls-01.txt
Sara Dickinson <sara@sinodun.com> Mon, 11 March 2019 18:07 UTC
Return-Path: <sara@sinodun.com>
X-Original-To: dns-privacy@ietfa.amsl.com
Delivered-To: dns-privacy@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5A63A1311A4 for <dns-privacy@ietfa.amsl.com>; Mon, 11 Mar 2019 11:07:29 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.299
X-Spam-Level:
X-Spam-Status: No, score=-4.299 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=sinodun.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RsX4M7uhUlh2 for <dns-privacy@ietfa.amsl.com>; Mon, 11 Mar 2019 11:07:26 -0700 (PDT)
Received: from balrog.mythic-beasts.com (balrog.mythic-beasts.com [IPv6:2a00:1098:0:82:1000:0:2:1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7773C13117E for <dns-privacy@ietf.org>; Mon, 11 Mar 2019 11:07:26 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sinodun.com ; s=balrog-2018; h=Date:To:Subject:From; bh=3atauG4mJiKGLTPxSqNUEmemB9jV6lT2yU2a+ipgz7g=; b=ElBk1dY5YczQXg48VEt5G1GPvo sd3zw/LsblglJfjKRvct6Cv/EbDED+8UmcPXvMTNxiAiKgfltg/EcUK+UrHJgdCQdIbmW9xCqlHwk +7mhUJPOOiIWrGtbKPnHVvjXPWK3kkHLR9BgXYiZJdPz4epP/ci+qGTC4ozhXWGodhqBhcaL9Tfdn R32dbH+4xh3KsxJ5LHoOHuZrBDVsDYKPacbyl5x5gGFYL49a3tK9GbCdRp2Hx+/7ACucoL6kFDfvY 5qjR74HPp4YAIXcabFB2pRBIcYNK2tx5Z/Dv8AiW7BugZNQXhByA4K3eRKUogWT/WJQxCGz98dCoC nEuAxUZA==;
Received: from [2a02:8010:6126:0:307a:c3dd:2103:68cd] (port=61832) by balrog.mythic-beasts.com with esmtpsa (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from <sara@sinodun.com>) id 1h3PKa-0002fS-RN for dns-privacy@ietf.org; Mon, 11 Mar 2019 18:07:25 +0000
From: Sara Dickinson <sara@sinodun.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_D4C36FA2-72DC-482A-8301-BE251291EADA"
Mime-Version: 1.0 (Mac OS X Mail 12.2 \(3445.102.3\))
Message-Id: <E0444CA6-950E-415F-AC18-A84D4EED3F7F@sinodun.com>
References: <155232711132.23203.9091918574406750404.idtracker@ietfa.amsl.com>
To: dns-privacy@ietf.org
Date: Mon, 11 Mar 2019 18:07:18 +0000
X-Mailer: Apple Mail (2.3445.102.3)
X-BlackCat-Spam-Score: 14
Archived-At: <https://mailarchive.ietf.org/arch/msg/dns-privacy/vd8pPT6o91GQBaUtUN8Z1iT-gCM>
Subject: [dns-privacy] Fwd: New Version Notification for draft-hzpa-dprive-xfr-over-tls-01.txt
X-BeenThere: dns-privacy@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <dns-privacy.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dns-privacy/>
List-Post: <mailto:dns-privacy@ietf.org>
List-Help: <mailto:dns-privacy-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 11 Mar 2019 18:07:36 -0000
Hi All, A new draft has been submitted outlining using DNS-over-TLS for zone transfers. The draft is quite basic at this stage but we are planning to work on this topic at the Hackathon to try to answer the open questions and move this forward. Regards Sara. > Begin forwarded message: > > From: internet-drafts@ietf.org > Subject: New Version Notification for draft-hzpa-dprive-xfr-over-tls-01.txt > Date: 11 March 2019 at 17:58:31 GMT > To: "Sara Dickinson" <sara@sinodun.com>, "Han Zhang" <hzhang@salesforce.com>, "Willem Toorop" <willem@nlnetlabs.nl>, "Allison Mankin" <allison.mankin@gmail.com>, "Pallavi Aras" <paras@salesforce.com> > > > A new version of I-D, draft-hzpa-dprive-xfr-over-tls-01.txt > has been successfully submitted by Sara Dickinson and posted to the > IETF repository. > > Name: draft-hzpa-dprive-xfr-over-tls > Revision: 01 > Title: DNS Zone Transfer over TLS > Document date: 2019-03-11 > Group: Individual Submission > Pages: 8 > URL: https://www.ietf.org/internet-drafts/draft-hzpa-dprive-xfr-over-tls-01.txt > Status: https://datatracker.ietf.org/doc/draft-hzpa-dprive-xfr-over-tls/ > Htmlized: https://tools.ietf.org/html/draft-hzpa-dprive-xfr-over-tls-01 > Htmlized: https://datatracker.ietf.org/doc/html/draft-hzpa-dprive-xfr-over-tls > Diff: https://www.ietf.org/rfcdiff?url2=draft-hzpa-dprive-xfr-over-tls-01 > > Abstract: > DNS zone transfers are transmitted in clear text, which gives > attackers the opportunity to collect the content of a zone by > eavesdropping on network connections. The DNS Transaction Signature > (TSIG) mechanism is specified to restrict direct zone transfer to > authorized clients only, but it does not add confidentiality. This > document specifies use of DNS-over-TLS to prevent zone contents > collection via passive monitoring of zone transfers. > > > > > Please note that it may take a couple of minutes from the time of submission > until the htmlized version and diff are available at tools.ietf.org. > > The IETF Secretariat >
- Re: [dns-privacy] Fwd: New Version Notification f… Wessels, Duane
- [dns-privacy] Fwd: New Version Notification for d… Sara Dickinson
- Re: [dns-privacy] Fwd: New Version Notification f… Tony Finch