Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edns-client-ip-00.txt
Ted Hardie <ted.ietf@gmail.com> Tue, 02 February 2010 00:48 UTC
Return-Path: <owner-namedroppers@ops.ietf.org>
X-Original-To: ietfarch-dnsext-archive@core3.amsl.com
Delivered-To: ietfarch-dnsext-archive@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id D54C03A687A; Mon, 1 Feb 2010 16:48:22 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -106.049
X-Spam-Level:
X-Spam-Status: No, score=-106.049 tagged_above=-999 required=5 tests=[AWL=0.550, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id uk5FsWZX1oy3; Mon, 1 Feb 2010 16:48:21 -0800 (PST)
Received: from psg.com (psg.com [147.28.0.62]) by core3.amsl.com (Postfix) with ESMTP id 8F4343A67F2; Mon, 1 Feb 2010 16:48:21 -0800 (PST)
Received: from majordom by psg.com with local (Exim 4.71 (FreeBSD)) (envelope-from <owner-namedroppers@ops.ietf.org>) id 1Nc6oX-000Kn1-FM for namedroppers-data0@psg.com; Tue, 02 Feb 2010 00:40:21 +0000
Received: from [209.85.222.189] (helo=mail-pz0-f189.google.com) by psg.com with esmtp (Exim 4.71 (FreeBSD)) (envelope-from <ted.ietf@gmail.com>) id 1Nc6oU-000KmR-Q7 for namedroppers@ops.ietf.org; Tue, 02 Feb 2010 00:40:19 +0000
Received: by pzk27 with SMTP id 27so5487309pzk.33 for <namedroppers@ops.ietf.org>; Mon, 01 Feb 2010 16:40:18 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:in-reply-to:references :date:message-id:subject:from:to:cc:content-type :content-transfer-encoding; bh=Xa3EwuK6Sek06YLzCJ6FP2GNsAUszD3F2RsttC4Azcc=; b=AEvcRNScAgm0a1uHw4SYEnOu7b5+zM7MYUh/g/vvAljbtLi/Ls+4aaPWitTlemDBX8 JvX/vIr8ztJy5HU5TgF0tMAX7/j/MKW6lE/wFBnnvhRtdXGSsMBzvDAqIMsDCLRUZirQ yBn+HPkYXdOhDKJT4NWtvYWNoiKSnPviuhG90=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type:content-transfer-encoding; b=tGi6nCj2+SR4fCRjfDyoa+iwbdIexL0fUp9gYDmTrJeFKnF993LzME56uFbcbVQrbW Vz+YYFTT1aoMsGbQWmqzGedTt6EUQdTKnpvhCc39EO06SrbEa0dgZsaEXdJKpskP+40y lbpIPsxpj1KwJx9Y+hXpugcGMjFyjpwhM1crk=
MIME-Version: 1.0
Received: by 10.143.20.21 with SMTP id x21mr74028wfi.236.1265071218128; Mon, 01 Feb 2010 16:40:18 -0800 (PST)
In-Reply-To: <D8848FB8-3523-4580-A93F-764494531788@ICSI.Berkeley.EDU>
References: <7c31c8cc1001271556w4918093er6e94e07cb92c4dc4@mail.gmail.com> <OF675CC47F.6FE1B342-ON802576BA.00453090-C12576BA.0047E04C@nominet.org.uk> <74DFF61A-A8BB-4B46-A873-F2407C34C412@sackheads.org> <139D0D6A-5A31-4EE8-88B9-3CACE933187B@icsi.berkeley.edu> <6e04e83a1002010944q7abfabc6h892ce4cbb1bddcbf@mail.gmail.com> <973B1F15-E822-491E-89BF-F09FC7E67509@ICSI.Berkeley.EDU> <6e04e83a1002011109u1cd55c99k8b584648184cdc73@mail.gmail.com> <162E0DB1-EC86-4206-AB36-6FEFA786B24C@ICSI.Berkeley.EDU> <6e04e83a1002011402u395f599g74180d28fdbe5707@mail.gmail.com> <D8848FB8-3523-4580-A93F-764494531788@ICSI.Berkeley.EDU>
Date: Mon, 01 Feb 2010 16:40:17 -0800
Message-ID: <6e04e83a1002011640t1b637e30gd7d0150eeb0fae8d@mail.gmail.com>
Subject: Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edns-client-ip-00.txt
From: Ted Hardie <ted.ietf@gmail.com>
To: Nicholas Weaver <nweaver@icsi.berkeley.edu>
Cc: John Payne <john@sackheads.org>, Roy Arends <roy@nominet.org.uk>, Wilmer van der Gaast <wilmer@google.com>, namedroppers@ops.ietf.org
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: quoted-printable
Sender: owner-namedroppers@ops.ietf.org
Precedence: bulk
List-ID: <namedroppers.ops.ietf.org>
List-Unsubscribe: To unsubscribe send a message to namedroppers-request@ops.ietf.org with
List-Unsubscribe: the word 'unsubscribe' in a single line as the message text body.
List-Archive: <http://ops.ietf.org/lists/namedroppers/>
In-line. Probably also worth splitting discussion onto other threads in any case, as others have done. On Mon, Feb 1, 2010 at 3:30 PM, Nicholas Weaver <nweaver@icsi.berkeley.edu> wrote: > > On Feb 1, 2010, at 2:02 PM, Ted Hardie wrote: >> >>> >>> And thus the only systems which would need changing are third party resolvers and authorities which desire the ability to act on this information. No other changes are needed. >>> >> >> This presumes that the clients do not have to opt-in to this and so no >> changes are needed from them. > > You could consider an automatic opt-in from all clients using third party DNS servers, since they opted in to THAT in the first place. > Except that it wasn't in place when they configured them. So that's a post-facto opt-in, which doesn't seem much like an opt-in at all. > But if you want to require manual opt-in, you're saying "Kill this proposal" just in kinder language. > Notice that I'm not saying "Don't work on this problem", though. If the client included a bit that said "feel free to pass my details on" (what GEOPRIV used to call "setting the ravish-me bit") then I would have no privacy concern. > And here's why a national ISP wouldn't bother with this: You are going to do a separate DNS zone for each regional zone, as having everybody go to a central cache, even heirarchically, is going to hurt performance. If you want the net to "feel snappy" to customers, you don't add 100ms to DNS lookups by having all DNS eventually go to one place, rather you distribute caching recursive resolvers throughout the country > I'm aware of large scale enterprises that do bubble up to a single cluster per region, where region is at a continental scale. If use my local DNS infrastructure, for example, the queries will come from New Jersey. I am three time zones away. But fixing that by having the enterprise understand the issue and re-deploy requires no protocol changes and saves latency in other ways besides. > Looking at their resolver list, eg, it appears Comcast, for example, uses 12 such clusters. And for localizing comcast customers for low latency, good bandwidth, etc, knowing "he's a comcast customer, his DNS resolver is X" is good enough. > > Whats needed is to get third party resolvers on the same footing. > >>> ANd I chose IMAP rather than SMTP and IMAP is more important for this than SMTP for DNS games: its a user-interactive application (unlike SMTP which is bulk delivery so latency doesn't matter so much), thats not HTTP and does not support HTTP style redirects, showing how these DNS tricks are >>> >>> a) Used across more applications than just web traffic >>> >>> b) Used in ways where web-style redirects can't work >>> >> >> The point is, though, that there are applications which don't need this; >> if you default to leaving it on for all applications, you're passing bits >> that are at best not needed and at worst a privacy concern. > > But even your example of apps that DON'T need it (bulk SMTP) turn out to use it > > This is "near universal" functionality at this point for those deploying internet-scale stuff. > No. If a recursive resolver turns this on globally, it will offer the option to every authoritative server (see section 4.1 of the draft) and it will pass the FAMILY and ADDRESS fields. That information will get passed to every authoritative server, whether that server is localizing or not. That's the wasted bits/data leakage issue I mentioned. <snipped a lot of discussion where there seems to be no basis for discussion, since we've both stated positions> > > > Actually, my figure is far less, because 3% is just one of the conditions: use a proxy for HTTP thorugh the browser. Its actually only 1% when you exclude those sessions who's non-browser traffic goes through the proxy. > > > So of the 1% we see, the ones who would be affected are: > > a: Those who's proxies are significantly different than their non HTTP traffic in terms of network location. > > b: Who use a third party DNS service > > c: Where they don't route the DNS requests through the proxy > Not all proxy deployments permit the DNS request to be routed through the proxy. > d: Somehow care about privacy despite using a 3rd party DNS service which they explicitly opted-into using in the first place! > > We can tell A and B, we can't tell C, or D > > For B: Use a proxy that is in their web browser setting (rather than forced by the network) + use OpenDNS: .77%. Yes, shockingly high, but OpenDNS really is overrepresented in our dataset. > > A will take a fair bit more work to answer, I need to start thinking on this. > You still seem to be missing the mobile IP case, where there is a long-lived tunnel to a home network but a portion of the traffic is originated from a local IP. > > >> You may think privacy is a delusion, but you haven't convinced me that >> it is worth >> leaving it out of the design constraints here. Geolocation and other >> constraints >> would be worse, I grant you, but this one is not trivial in my mind. > > The problem is, for those who care about DNS privacy, there exist GOOD opt-in solutions independent of this approach: route your DNS through the same proxy you use for your traffic. > > Rather those who this would affect are those who have implicitly stated they do NOT CARE about DNS privacy, because they are taking the privacy destroying action of using a third party resolver infrastructure. Once you give Google the details of all the DNS requests you make, why should you care if Verisign sees your subnet on the rare requests where there is no cache for the nameserver entries? > You are equating the terms of use for a service provider with the protocol mechanics; someone could deploy a 3rd party service with an explicit statement that the query logs were kept in /dev/null. Presumably such a service would never use this option, but there might well be other solutions which met the authoritative servers need and they would be willing to use. Anything in which the server was willing to provide the mapping information of networks to responders (along with a TTL) would have no privacy implication for the individual and would additionally pre-populate the cache of exactly the data this would provide. Of course that has the downside of information leaking the other way, as well as a need to specify what query delivers the goods, but it is obviously possible to divorce the optimization from the privacy issue. Someone once called protocol development as an exercise at deciding whose ox gets gored. Goring the privacy of someone who doesn't get to be a party to the protocol exchange in which the data is distributed doesn't strike me as a good idea. Since you've already called me delusional on this point, I doubt my own ideas convince you. But I point you to the work of GEOPRIV as an existence proof that the IETF as a whole at least once cared about a similar issue (and given the services which correlate IP to location, one which is a lot closer than the proposal on the table admits). regards, Ted Hardie
- [dnsext] Re: I-D ACTION:draft-vandergaast-edns-cl… Wilmer van der Gaast
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Colm MacCárthaigh
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Paul Vixie
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Tony Finch
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Paul Vixie
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Carlo Contavalli
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Sean Leach
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Paul Hoffman
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Nicholas Weaver
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Nicholas Weaver
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Paul Vixie
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Alex Bligh
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Paul Vixie
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Colm MacCárthaigh
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Colm MacCárthaigh
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Nicholas Weaver
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Ted Hardie
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Nicholas Weaver
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Wilmer van der Gaast
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Paul Vixie
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Ted Hardie
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Alex Bligh
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Nicholas Weaver
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Nicholas Weaver
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Nicholas Weaver
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Nicholas Weaver
- [dnsext] Re: I-D ACTION:draft-vandergaast-edns-cl… Stephane Bortzmeyer
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Alex Bligh
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Colm MacCárthaigh
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Nicholas Weaver
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Alex Bligh
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Paul Vixie
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Olafur Gudmundsson
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Paul Vixie
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Alex Bligh
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Joe Abley
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Mark Andrews
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Olafur Gudmundsson
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Alex Bligh
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… George Barwood
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Martin Barry
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Colm MacCárthaigh
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Jim Reid
- [dnsext] stupid dns tricks and transport paths Jim Reid
- Re: [dnsext] stupid dns tricks and transport paths Martin Barry
- [dnsext] Re: I-D ACTION:draft-vandergaast-edns-cl… Stephane Bortzmeyer
- [dnsext] Privacy in IP address indication (Was: I… Stephane Bortzmeyer
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Florian Weimer
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Marco Davids
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Roy Arends
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Federico Lucifredi
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Paul Hoffman
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… sthaug
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Carlo Contavalli
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Carlo Contavalli
- [dnsext] Re: I-D ACTION:draft-vandergaast-edns-cl… Wilmer van der Gaast
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Nicholas Weaver
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Joe Abley
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Tony Finch
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Nicholas Weaver
- Re: [dnsext] Privacy in IP address indication (Wa… bmanning
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… bmanning
- Re: [dnsext] Privacy in IP address indication (Wa… Eric Brunner-Williams
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Ondřej Surý
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Ondřej Surý
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Martin Barry
- [dnsext] Re: I-D ACTION:draft-vandergaast-edns-cl… Stephane Bortzmeyer
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Carlo Contavalli
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Nicholas Weaver
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Paul Hoffman
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… John Payne
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Nicholas Weaver
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Ted Hardie
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Nicholas Weaver
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Ted Hardie
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Nicholas Weaver
- [dnsext] Incoherency for the greater good, etc., … Edward Lewis
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Martin Barry
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Ted Hardie
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Nicholas Weaver
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Ted Hardie
- [dnsext] Privacy vs EDNS Client IP... Nicholas Weaver
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Brian Dickson
- Re: [dnsext] Privacy vs EDNS Client IP... Jim Reid
- [dnsext] EDNS client IP should be opt-in (Was: I-… Stephane Bortzmeyer
- [dnsext] Re: EDNS client IP should be opt-in (Was… Carlo Contavalli
- [dnsext] Re: EDNS client IP should be opt-in (Was… Ondřej Surý
- [dnsext] Re: EDNS client IP should be opt-in (Was… Stephane Bortzmeyer
- [dnsext] opt-in and draft-vandergaast-edns-client… Jim Reid
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… John Payne
- [dnsext] Re: I-D ACTION:draft-vandergaast-edns-cl… Stephane Bortzmeyer
- Re: [dnsext] draft-vandergaast-edns-client-ip-00.… Jim Reid
- Re: [dnsext] opt-in and draft-vandergaast-edns-cl… Matthew Dempsky
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Nicholas Weaver
- Re: [dnsext] draft-vandergaast-edns-client-ip-00.… Matthew Dempsky
- Re: [dnsext] draft-vandergaast-edns-client-ip-00.… Nicholas Weaver
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Eric Brunner-Williams
- Re: [dnsext] draft-vandergaast-edns-client-ip-00.… Jim Reid
- Re: [dnsext] draft-vandergaast-edns-client-ip-00.… Tony Finch
- Re: [dnsext] draft-vandergaast-edns-client-ip-00.… Wilmer van der Gaast
- Re: [dnsext] draft-vandergaast-edns-client-ip-00.… Nicholas Weaver
- Re: [dnsext] draft-vandergaast-edns-client-ip-00.… Matthew Dempsky
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Ondřej Surý
- [dnsext] something for RFC2671-bis Jim Reid
- Re: [dnsext] draft-vandergaast-edns-client-ip-00.… Nicholas Weaver
- [dnsext] EDNS behaviour and draft-vandergaast-edn… Jim Reid
- Re: [dnsext] draft-vandergaast-edns-client-ip-00.… Wilmer van der Gaast
- Re: [dnsext] EDNS behaviour and draft-vandergaast… Nicholas Weaver
- Re: [dnsext] something for RFC2671-bis Michael Graff
- Re: [dnsext] draft-vandergaast-edns-client-ip-00.… Michael Graff
- Re: [dnsext] draft-vandergaast-edns-client-ip-00.… Michael Graff
- Re: [dnsext] draft-vandergaast-edns-client-ip-00.… Matthew Dempsky
- [dnsext] Re: Privacy vs EDNS Client IP... Ted Hardie
- Re: [dnsext] draft-vandergaast-edns-client-ip-00.… Michael Graff
- Re: [dnsext] Re: Privacy vs EDNS Client IP... bmanning
- [dnsext] Re: Privacy vs EDNS Client IP... Nicholas Weaver
- Re: [dnsext] Re: EDNS client IP should be opt-in … Paul Vixie
- Re: [dnsext] Re: EDNS client IP should be opt-in … Wilmer van der Gaast
- Re: [dnsext] Re: EDNS client IP should be opt-in … Michael Graff
- Re: [dnsext] Re: EDNS client IP should be opt-in … Wilmer van der Gaast
- Re: [dnsext] Re: EDNS client IP should be opt-in … Michael Graff
- Re: [dnsext] Re: EDNS client IP should be opt-in … Nicholas Weaver
- Re: [dnsext] draft-vandergaast-edns-client-ip-00.… Mark Andrews
- [dnsext] Re: Privacy vs EDNS Client IP... Ted Hardie
- [dnsext] Re: Privacy vs EDNS Client IP... Nicholas Weaver
- Re: [dnsext] Re: Privacy vs EDNS Client IP... Wilmer van der Gaast
- Re: [dnsext] Re: Privacy vs EDNS Client IP... Paul Vixie
- Re: [dnsext] Re: Privacy vs EDNS Client IP... Matthew Dempsky
- Re: [dnsext] Re: Privacy vs EDNS Client IP... Nicholas Weaver
- Re: [dnsext] Re: Privacy vs EDNS Client IP... Nicholas Weaver
- Re: [dnsext] Re: Privacy vs EDNS Client IP... Nicholas Weaver
- Re: [dnsext] Re: I-D ACTION:draft-vandergaast-edn… Wilmer van der Gaast
- Re: [dnsext] Re: Privacy vs EDNS Client IP... William Allen Simpson
- Re: [dnsext] Re: Privacy vs EDNS Client IP... Jacco Tunnissen
- RE: [dnsext] something for RFC2671-bis Greg Daley
- Re: [dnsext] Re: Privacy vs EDNS Client IP... Paul Vixie
- Re: [dnsext] draft-vandergaast-edns-client-ip-00.… John Payne
- Re: [dnsext] Re: Privacy vs EDNS Client IP... Nicholas Weaver
- Re: [dnsext] something for RFC2671-bis Jim Reid
- RE: [dnsext] something for RFC2671-bis Greg Daley
- Re: [dnsext] Re: Privacy vs EDNS Client IP... bmanning
- Re: [dnsext] Re: Privacy vs EDNS Client IP... Matthew Dempsky
- Re: [dnsext] Re: Privacy vs EDNS Client IP... Matthew Dempsky
- Re: [dnsext] Re: Privacy vs EDNS Client IP... bmanning
- Re: [dnsext] Re: Privacy vs EDNS Client IP... bmanning
- Re: [dnsext] Re: Privacy vs EDNS Client IP... Alex Bligh