Re: [dns-privacy] Root Server Operators Statement on DNS Encryption
Andrew Campling <andrew.campling@419.consulting> Wed, 31 March 2021 22:32 UTC
Return-Path: <andrew.campling@419.consulting>
X-Original-To: dns-privacy@ietfa.amsl.com
Delivered-To: dns-privacy@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BA0A33A39B6 for <dns-privacy@ietfa.amsl.com>; Wed, 31 Mar 2021 15:32:57 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=netorgft5189650.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id P80yJ9JxANiy for <dns-privacy@ietfa.amsl.com>; Wed, 31 Mar 2021 15:32:52 -0700 (PDT)
Received: from GBR01-LO2-obe.outbound.protection.outlook.com (mail-eopbgr100055.outbound.protection.outlook.com [40.107.10.55]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 364883A39B4 for <dprive@ietf.org>; Wed, 31 Mar 2021 15:32:51 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=am5tssDqATy1Lwlrn8p7nBCJfNWc7RoADoWIrgji2AFfz3WxZmeZk0w8mkioAcZaDkcRDmTO2cGBzMUckjSpmBymw0xep6mvKAaTFks7Wny3YSVWIFUnLNa7SHkI+IsMwwI8wCjIcTCn8RE2y4qXYcSxnJ/7w+QRqBQfR1hwfo+bL91S3aZ1af4E6aNGE2Y+z3hxmcq2VIrm/HPxVqvltah1VhLo9TBGaPQlMXkgv8EF9qanw/m/Vncfz9QVN1eTtJfM0K7mxgLx2c80ZhmTxJmAYsB0PEhER7+iYMz2cUL2f+m8ilM+h5VrnGVCuCjxpYQWsGDVbVkLGELd0vE/aQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=F5ZLKFhLgfw5ZgredD51k2WmnSXwocWylie4yBrhd6Y=; b=JT3OSEkZl5sJNl1Yq/4x+uGlbg1HSPiMPl5ugJq2yMPRKcusr75YF9hdbK7w7DGgnfHNVaK11StRDGepYSns7wCfR0b6p2agpE0qGjw5P0sJ19e6g/owm10Xc4v8TCcyf4J0Bs6+jxPQ0yCzyvXwOrh8kNI1AwIS4UEwwv3m5syydIW7E/PRye0EqEO+d9eZIOpIv97tRYiK+DBOsFUaeBYpTTlkUEq23ntWCS4bmKoeFtXq6zEl2WlbUyGnF9JLYrONzTrXbpnTwTc9hNKX5rUCY1CMh2xsytdy/wU27B5lPRVy0UREQyMqP1zCTfK79c7UPPTVXg8+HoPHL/hSMQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=419.consulting; dmarc=pass action=none header.from=419.consulting; dkim=pass header.d=419.consulting; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=NETORGFT5189650.onmicrosoft.com; s=selector1-NETORGFT5189650-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=F5ZLKFhLgfw5ZgredD51k2WmnSXwocWylie4yBrhd6Y=; b=jswz0lUlGG+j6QcHTg3VrctsV4Stnx0sFNu/xj9ZmXVEudJV9eQbXs1cwtee6COkm4yS1A+t/dhfPP9Jqufn2Af9baeoxC/UcQ8W9edy0ofCB7LeW4G9+BSfHEztARyfTod5D5UGwZkJoptf1cjAvDDZt/uqdc3c6CaXVzMdIro=
Received: from LO2P265MB0399.GBRP265.PROD.OUTLOOK.COM (2603:10a6:600:67::18) by LO2P265MB3248.GBRP265.PROD.OUTLOOK.COM (2603:10a6:600:156::8) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3977.31; Wed, 31 Mar 2021 22:32:48 +0000
Received: from LO2P265MB0399.GBRP265.PROD.OUTLOOK.COM ([fe80::1107:ec3d:f5b3:7520]) by LO2P265MB0399.GBRP265.PROD.OUTLOOK.COM ([fe80::1107:ec3d:f5b3:7520%5]) with mapi id 15.20.3977.033; Wed, 31 Mar 2021 22:32:48 +0000
From: Andrew Campling <andrew.campling@419.consulting>
To: Bill Woodcock <woody@pch.net>
CC: Stephen Farrell <stephen.farrell@cs.tcd.ie>, Rob Sayre <sayrer@gmail.com>, "dprive@ietf.org" <dprive@ietf.org>
Thread-Topic: [dns-privacy] Root Server Operators Statement on DNS Encryption
Thread-Index: AQHXJnfIIZuyXUL5zEe/osPw5oPuS6qepXTAgAAGjACAAAHyMA==
Date: Wed, 31 Mar 2021 22:32:48 +0000
Message-ID: <LO2P265MB0399D0CEECA22D0652191F6FC27C9@LO2P265MB0399.GBRP265.PROD.OUTLOOK.COM>
References: <c925da9089fa4b1e991ec74fc9c11e7f@verisign.com> <CAChr6Sxwao=FAcoeHMuOf0L=JCZ+wvhsr9BNZW_dbt+1=HWQwg@mail.gmail.com> <20210331091238.GA10597@nic.fr> <CAChr6SxPNVAZMYfZqF+K6Xf8FPGa9ZgHkL-uUvtKMEiJSPmp8Q@mail.gmail.com> <2607D274-936F-4A31-9E4D-EEBCF45BE838@pch.net> <CAChr6Szg+EbFqSpFPco8Gyb9pzNNnrSoQJcXTDVeg40_EXiPDg@mail.gmail.com> <4B1CCB51-C777-4434-B28E-76C22C12E4DA@pch.net> <CAChr6Sym=tm-vj-3FB-GbOG6U=U4CFsRE6yyWJk14waZQLbRiQ@mail.gmail.com> <ABD711DE-80CE-4B15-9153-82DA25E4F000@pch.net> <CAChr6Swfnc_s_-3TS6NuCzuqWduA-E6270x4uSLNGnTF+sLnmQ@mail.gmail.com> <981FF900-A7ED-46DF-9DDB-056E76822017@pch.net> <13460b9e-a7d4-1bad-b48c-64941fb4739f@cs.tcd.ie> <LO2P265MB039907E624A01148C9032A9AC27C9@LO2P265MB0399.GBRP265.PROD.OUTLOOK.COM> <C62F7B3B-322D-44B2-8BFD-77FBF4797345@pch.net>
In-Reply-To: <C62F7B3B-322D-44B2-8BFD-77FBF4797345@pch.net>
Accept-Language: en-GB, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: pch.net; dkim=none (message not signed) header.d=none;pch.net; dmarc=none action=none header.from=419.consulting;
x-originating-ip: [86.144.96.155]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 36ba3a14-1718-4006-c353-08d8f494e9d9
x-ms-traffictypediagnostic: LO2P265MB3248:
x-microsoft-antispam-prvs: <LO2P265MB3248CA02BE51F65C44E66EB9C27C9@LO2P265MB3248.GBRP265.PROD.OUTLOOK.COM>
x-ms-oob-tlc-oobclassifiers: OLM:7691;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: yLFMyiYpgWj7pfu4Osd9s+HtYAY8A0Z2J6KRT3M/2ViscsxBQTs+E5pHjLpxvCt7LDfG++ENF9R1teTsei6I5LRdBLSNp0cJt1rlPgHrgjLIFSdBKvuhtCzaI+/oer7p4eGN9Ab2yW+JkwUFbb+kKI02iBQYb64pZYyWwNoDLUodqAqVznxX3BavrAo5AhqwhcJP5JljLoN7Ojy1IRYiuT7kNvtJ3zdKn9XzS37/l7aOfNTDZbfWSn+RF8Wx68TyK6NS+T3ymUbLgoSvlL83vc5fMDN2Gy6Z1ZNhLuA/FIzWS6jj/RcBV/3b/loo8QyqJ2np5J7CsM+DkBMJOr3bt9iDsP7HssT+dib+EDdaMqXxgAyMDEFayusZbKs8q+Tq2MN8t+R0zwQHM1Gffqw201mgTmxT64/Cc93RZfmqyOXLZ/r0NqUPOzhg3zuu4v1+8vuT7ivNTl4+IBEuHHD+0FDkaw+zUQmJ0TffJUf1kNMel0d0If5ZcFJVZfupDif6hkpfU5yG3d4+3PRjqsWWtky+FARy2Qzw6lo2NoAg0YKtDzrFte0hIH5Vfv/YleWb/RZvNkDK6rUam6ePCmaTtsJekp1SkRHwDhOnjcWs7s2+U2n2NJ7t3EXXgQIVqhztTu0pDaCpi+bXYj50ad5AgZEcHyybbNJCU798Jojoi4G0EOCqBlW9tS0WyTqVLO+9
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:LO2P265MB0399.GBRP265.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFS:(39830400003)(396003)(366004)(376002)(136003)(346002)(186003)(9686003)(8676002)(5660300002)(66556008)(38100700001)(55016002)(8936002)(478600001)(66446008)(6916009)(86362001)(7696005)(66946007)(33656002)(44832011)(52536014)(71200400001)(66476007)(316002)(64756008)(53546011)(6506007)(4326008)(83380400001)(26005)(54906003)(2906002)(76116006)(46492009); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata: 11+8CNi+mGFoB39ATvOzs6aYkuC6x0w2/0yWUnBVC/SseiSnRzYMno5gmTkwVPKhmY8JqE5EJzcx3c3OMaclzoV1pSLcJ4zNxmkgaUHXAdVA3SSoSg//tZgeurBewcRMXx7NL2DOCvx+piWe0AwSJZXQnuKI2nv5qxGozE4UBmv2pYYpysKvKZ6IAoXSoS1+jGzSzd1GfYw22FHIwnrqZgO3NT1yGKDdAnfZM1abL6MlBXb/LhG8wFotpYTpUffFLwaaf2pkoqycMpW7hQxZc0t2XEiH7w2yPFeIOFN/zKVAao9tCo83/oDAk7PL4r43hL1VC6rp2tz5WN8c/FI2zCRi2ZvVMgst4KawsvIHMwrDFtiKF/lpsLhX/GjHe/N3cxuWIM+INPeWiWqGuoRPFWqLth+h3VVDUkyP8VlENGfgcYGtNKEAZrBZZzi62m9BGtDDGdqCenTJSUOZ4olLaDlRVocuB8Gzk7Fvs5VzpD3wU8rqWMJMowXWpDU00FCXPa8Vs/nz38BkwwgWp3AJ1WzW3blmwXmrNhQ7TNvpXqzN/P4g+G/xgxtDU5k/p0NjQglXlJa3vBuzeXI8k7QvftMBSum8uT207yXx/wiBuA4aAdBAMNTHE8uoxZfQRpCXnGBP9lLKJ9PKjdL/zaPRaIA4J7eNWodhTz8xWlxj56Klh/n0I5WoPpVcJr/Cjznw7eyTP9PyEEoxFuiMzEg4OoMy/U77QyjVv5LrP0MzOEGNCEAnoP3ibo5KLZDdmxtnoMNtmcu3llHnJeJsTV5PE80NWJrl1K2yVoBghORGbAkiWPf2GfKD8tEI0r5PvMeFPrn6PmwOJdKok8CesHSl1ioF6i/gNFaxd/zf/rNTKdATWnB9+OPs6ponfzaivdAJiXbn6nU8HYUD69aJu+sA/37IP+PlDLYLkFA1QUMMOBVwlCgDO/ebg0fstiRy7wEwcVrZGABslHnCUcaUpMdIB6ZFndp7XhaE/qstf9wmoEx3agawQeWqN1W9uWC+51t1PvUJMe9HL1LubVf4Z/D3jzeJibpMviUI/lolK+ZlcmO2uRj6XvVTSn8OTOFcqNbZ3W4gIYZ/2jxLgFI56zEcLmHQdFaHn1FQ9fhvJhuSyOAfwqhOjcyOlqljQpQz+GFGqgfWAcEYga7NiKpuTL5Zlh+o/j8nctu25R1l6t+Z9Bjv+8dHrHU2fMHlDVVSSukwfD0d++f5Y4RjJv8fol2IecfU9eMaYijPsAt5nHXExqdcacuDKXnQdozyHKpXaT6ys0iXrayH6VYoRhvdAM8Gb5TR5qHnZzHnitSD6xxf3sXSxCuSnJy/Dum9lehcAlUb
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: 419.consulting
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: LO2P265MB0399.GBRP265.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-Network-Message-Id: 36ba3a14-1718-4006-c353-08d8f494e9d9
X-MS-Exchange-CrossTenant-originalarrivaltime: 31 Mar 2021 22:32:48.7525 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 9c2ced3e-7522-4755-87dc-f983abc66ec3
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: YThL+4aB8I1UIFg0Ju5LQ4C1P3secJcDEIeqKlP9NZ5p+9N3CP3FiH3VylCUrDdSUM6C4LDHYnTQotYXTJZXpVKVNDhcqTLGGHQSjHfVFjw=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: LO2P265MB3248
Archived-At: <https://mailarchive.ietf.org/arch/msg/dns-privacy/xZgp6f72Pf1FFIrj6m1C7XFWHhg>
Subject: Re: [dns-privacy] Root Server Operators Statement on DNS Encryption
X-BeenThere: dns-privacy@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <dns-privacy.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dns-privacy/>
List-Post: <mailto:dns-privacy@ietf.org>
List-Help: <mailto:dns-privacy-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 31 Mar 2021 22:32:58 -0000
-----Original Message----- From: Bill Woodcock <woody@pch.net> Sent: 31 March 2021 23:23 To: Andrew Campling <andrew.campling@419.consulting> Cc: Stephen Farrell <stephen.farrell@cs.tcd.ie>; Rob Sayre <sayrer@gmail.com>; dprive@ietf.org Subject: Re: [dns-privacy] Root Server Operators Statement on DNS Encryption On 31 March, 2021, at 23:223, Bill Woodcock <woody@pch.net> wrote: > On Apr 1, 2021, at 12:12 AM, Andrew Campling <andrew.campling@419.consulting> wrote: >> It made me wonder whether there has been any dialogue with TLD operators to establish whether they are interested in adopting encryption? >> Some of the recent debate on the list seems to suggest that the position of TLD operators is unclear. > To my observation, the position of TLD operators is split. Some of those who directly face the costs of implementation would like to defer and minimize those costs, and are asking people to be very clear what benefit those increased costs would bring, and whether other less costly methods have already been thoroughly explored. Those who don’t directly face the costs of implementation are, generally, quite supportive of encryption. Any view on the proportion of TLD operators in each group? Andrew
- [dns-privacy] Root Server Operators Statement on … Hollenbeck, Scott
- Re: [dns-privacy] Root Server Operators Statement… Rob Sayre
- Re: [dns-privacy] Root Server Operators Statement… Erik Kline
- Re: [dns-privacy] Root Server Operators Statement… Rob Sayre
- Re: [dns-privacy] Root Server Operators Statement… Jim Reid
- Re: [dns-privacy] Root Server Operators Statement… Eric Rescorla
- Re: [dns-privacy] Root Server Operators Statement… Stephen Farrell
- Re: [dns-privacy] Root Server Operators Statement… Stephen Farrell
- Re: [dns-privacy] Root Server Operators Statement… Erik Kline
- Re: [dns-privacy] Root Server Operators Statement… Eric Rescorla
- Re: [dns-privacy] Root Server Operators Statement… Rob Sayre
- Re: [dns-privacy] Root Server Operators Statement… Stephen Farrell
- Re: [dns-privacy] Root Server Operators Statement… Vladimír Čunát
- Re: [dns-privacy] Root Server Operators Statement… Stephane Bortzmeyer
- Re: [dns-privacy] Root Server Operators Statement… Stephane Bortzmeyer
- Re: [dns-privacy] Root Server Operators Statement… Stephane Bortzmeyer
- Re: [dns-privacy] Root Server Operators Statement… Stephane Bortzmeyer
- Re: [dns-privacy] Root Server Operators Statement… Brian Haberman
- Re: [dns-privacy] Root Server Operators Statement… Frederico A C Neves
- Re: [dns-privacy] Root Server Operators Statement… Jim Reid
- Re: [dns-privacy] Root Server Operators Statement… Stephen Farrell
- Re: [dns-privacy] Root Server Operators Statement… Hollenbeck, Scott
- Re: [dns-privacy] Root Server Operators Statement… Stephane Bortzmeyer
- Re: [dns-privacy] Root Server Operators Statement… Jim Reid
- Re: [dns-privacy] Root Server Operators Statement… Vladimír Čunát
- Re: [dns-privacy] Root Server Operators Statement… Stephen Farrell
- Re: [dns-privacy] Root Server Operators Statement… Stephen Farrell
- Re: [dns-privacy] Root Server Operators Statement… Stephane Bortzmeyer
- Re: [dns-privacy] Root Server Operators Statement… Stephane Bortzmeyer
- Re: [dns-privacy] Root Server Operators Statement… Jim Reid
- Re: [dns-privacy] Root Server Operators Statement… Stephen Farrell
- Re: [dns-privacy] Root Server Operators Statement… Brian Haberman
- Re: [dns-privacy] Root Server Operators Statement… Brian Haberman
- Re: [dns-privacy] Root Server Operators Statement… Rob Sayre
- Re: [dns-privacy] Root Server Operators Statement… Bill Woodcock
- Re: [dns-privacy] Root Server Operators Statement… Rob Sayre
- Re: [dns-privacy] Root Server Operators Statement… Bill Woodcock
- Re: [dns-privacy] Root Server Operators Statement… Rob Sayre
- Re: [dns-privacy] Root Server Operators Statement… Bill Woodcock
- Re: [dns-privacy] Root Server Operators Statement… Rob Sayre
- Re: [dns-privacy] Root Server Operators Statement… Bill Woodcock
- Re: [dns-privacy] Root Server Operators Statement… Stephen Farrell
- Re: [dns-privacy] Root Server Operators Statement… Bill Woodcock
- Re: [dns-privacy] Root Server Operators Statement… Rob Sayre
- Re: [dns-privacy] Root Server Operators Statement… Bill Woodcock
- Re: [dns-privacy] Root Server Operators Statement… Andrew Campling
- Re: [dns-privacy] Root Server Operators Statement… Bill Woodcock
- Re: [dns-privacy] Root Server Operators Statement… Andrew Campling
- Re: [dns-privacy] Root Server Operators Statement… Bill Woodcock
- Re: [dns-privacy] Root Server Operators Statement… Christian Huitema
- Re: [dns-privacy] Root Server Operators Statement… Rob Sayre
- Re: [dns-privacy] Root Server Operators Statement… Tomas Krizek
- Re: [dns-privacy] Root Server Operators Statement… Petr Špaček
- Re: [dns-privacy] Root Server Operators Statement… Brian Haberman
- Re: [dns-privacy] Root Server Operators Statement… Bill Woodcock
- Re: [dns-privacy] Root Server Operators Statement… Vittorio Bertola
- Re: [dns-privacy] Root Server Operators Statement… Stephane Bortzmeyer
- Re: [dns-privacy] Root Server Operators Statement… Stephane Bortzmeyer
- Re: [dns-privacy] Root Server Operators Statement… Stephane Bortzmeyer
- [dns-privacy] DDoS resiliance & DNS-over-TCP (was… Shane Kerr
- Re: [dns-privacy] Root Server Operators Statement… Christian Huitema
- [dns-privacy] RFC7626 and risk/threat analysis Jim Reid
- Re: [dns-privacy] Root Server Operators Statement… John Heidemann
- Re: [dns-privacy] Root Server Operators Statement… Wes Hardaker
- Re: [dns-privacy] Root Server Operators Statement… Brian Haberman