Re: [dns-privacy] Please review documents...
"Paul Hoffman" <paul.hoffman@vpnc.org> Wed, 30 September 2015 18:57 UTC
Return-Path: <paul.hoffman@vpnc.org>
X-Original-To: dns-privacy@ietfa.amsl.com
Delivered-To: dns-privacy@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 974911A890E for <dns-privacy@ietfa.amsl.com>; Wed, 30 Sep 2015 11:57:15 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.347
X-Spam-Level:
X-Spam-Status: No, score=-1.347 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HELO_MISMATCH_COM=0.553] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id O-icZwIPjZWV for <dns-privacy@ietfa.amsl.com>; Wed, 30 Sep 2015 11:57:15 -0700 (PDT)
Received: from hoffman.proper.com (Opus1.Proper.COM [207.182.41.91]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E5EC91A890D for <dns-privacy@ietf.org>; Wed, 30 Sep 2015 11:57:14 -0700 (PDT)
Received: from [10.32.60.140] (142-254-17-123.dsl.dynamic.fusionbroadband.com [142.254.17.123]) (authenticated bits=0) by hoffman.proper.com (8.15.1/8.14.9) with ESMTPSA id t8UIvCIS046290 (version=TLSv1 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Wed, 30 Sep 2015 11:57:12 -0700 (MST) (envelope-from paul.hoffman@vpnc.org)
X-Authentication-Warning: hoffman.proper.com: Host 142-254-17-123.dsl.dynamic.fusionbroadband.com [142.254.17.123] claimed to be [10.32.60.140]
From: Paul Hoffman <paul.hoffman@vpnc.org>
To: Ted Hardie <ted.ietf@gmail.com>
Date: Wed, 30 Sep 2015 11:57:11 -0700
Message-ID: <DF622B6B-C666-48AE-9D41-C33B4E04D057@vpnc.org>
In-Reply-To: <CA+9kkMBOuNtG1hFFVuEfTOGRjd8pfQrGXNETE1uW1S=qxeHxEg@mail.gmail.com>
References: <CAHw9_iKDOa8MtJERWqd+0z1eJj8Sx7ybpA_cNuZ+cRFqUovYJQ@mail.gmail.com> <CAHw9_iLXpZRUDuEAK23bTx6qn3+NF8bjYvbtt+VAA63KEpOk1w@mail.gmail.com> <CA+9kkMBOuNtG1hFFVuEfTOGRjd8pfQrGXNETE1uW1S=qxeHxEg@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; format="flowed"
X-Mailer: MailMate (1.9.2r5141)
Archived-At: <http://mailarchive.ietf.org/arch/msg/dns-privacy/zq_ZGyhSMJt37VXe4rqKtzLHHSI>
Cc: "dns-privacy@ietf.org" <dns-privacy@ietf.org>
Subject: Re: [dns-privacy] Please review documents...
X-BeenThere: dns-privacy@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: <dns-privacy.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dns-privacy/>
List-Post: <mailto:dns-privacy@ietf.org>
List-Help: <mailto:dns-privacy-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 30 Sep 2015 18:57:15 -0000
On 30 Sep 2015, at 11:53, Ted Hardie wrote: > Howdy, > > A quick question about draft-ietf-dprive-dns-over-tls-0: > > Some previous drafts used ALPN (RFC 7301) tokens to negotiate the use > of > DNS as an application layer protocol user of TLS. This draft seems to > assume that because it is using a well-known port, it does not need to > specify an ALPN token to indicate that the protocol being negotiated > is > DNS. > > It strike me as utterly harmless to include such a token and possibly > beneficial (since you might eventually use different tokens for EDNS > level, > for example). Is there a strong objection to using both that I'm > missing? Your proposal would restrict initial deployment to clients and servers whose TLS stack has ALPN. Instead of doing this, we could gate the next version on ALPN instead, causing more early deployment. --Paul Hoffman
- [dns-privacy] Please review documents... Warren Kumari
- Re: [dns-privacy] Please review documents... Warren Kumari
- Re: [dns-privacy] Please review documents... Ted Hardie
- Re: [dns-privacy] Please review documents... Paul Hoffman
- Re: [dns-privacy] Please review documents... Ted Hardie
- Re: [dns-privacy] Please review documents... Ilari Liusvaara
- Re: [dns-privacy] Please review documents... Stephane Bortzmeyer
- Re: [dns-privacy] Please review documents... Wessels, Duane
- Re: [dns-privacy] Please review documents... Christian Huitema
- Re: [dns-privacy] Please review documents... Watson Ladd
- Re: [dns-privacy] review of draft-ietf-dprive-dns… John Levine
- Re: [dns-privacy] Please review documents... 神明達哉
- Re: [dns-privacy] review of draft-ietf-dprive-dns… Stephane Bortzmeyer
- Re: [dns-privacy] review of draft-ietf-dprive-dns… John R Levine
- Re: [dns-privacy] Please review documents... Wessels, Duane
- Re: [dns-privacy] Please review documents... Wessels, Duane
- Re: [dns-privacy] review of draft-ietf-dprive-dns… Wessels, Duane
- Re: [dns-privacy] review of draft-ietf-dprive-dns… John R Levine
- Re: [dns-privacy] review of draft-ietf-dprive-dns… Wessels, Duane
- Re: [dns-privacy] review of draft-ietf-dprive-dns… John R Levine
- Re: [dns-privacy] review of draft-ietf-dprive-dns… Wessels, Duane
- Re: [dns-privacy] review of draft-ietf-dprive-dns… John R Levine