Re: [DNSOP] extension of DoH to authoritative servers

"Henderson, Karl" <KHenderson@verisign.com> Thu, 14 February 2019 23:17 UTC

Return-Path: <KHenderson@verisign.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 98A3612F1A5 for <dnsop@ietfa.amsl.com>; Thu, 14 Feb 2019 15:17:27 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=verisign.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0rdsj7ohIx03 for <dnsop@ietfa.amsl.com>; Thu, 14 Feb 2019 15:17:25 -0800 (PST)
Received: from mail6.verisign.com (mail6.verisign.com [69.58.187.32]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E2E811289FA for <dnsop@ietf.org>; Thu, 14 Feb 2019 15:17:24 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=verisign.com; l=3239; q=dns/txt; s=VRSN; t=1550186245; h=from:to:subject:date:message-id:mime-version; bh=kARUqN8ufnQmY1zgr11s4FKItZxEL299YNyCGdefmCg=; b=h3s6GoanNotTtuvKtTFo3MU/xzk6lixh0YMXsA/TVu/itgY+ra+oZ7YP CKN7NPDhp8N/VUwdS6y2ktZ2KoCqV+TPu2QX0goYVpFQJV2npXFzlAYIF ox/pUcOvUjlZDtuFE/bDLq0eNWwyC611tNNzwXfZvgWOtnS2Oipg+zC0/ HF295yDN5vli/89ooY0CwY/9p8YIcksJa5LrzL00mX24jK95R4oBbS+yf DEPYod2ihON4uWTRlt3UdidkMmUOQOU70foKklxThQoXwHfVYNoLfH2b2 SDv4Z5EWL04DsNHw7qVdmoyJkCzbcBhXZ3k8Ffei/3x1rlNfBZc3fgTt3 Q==;
X-IronPort-AV: E=Sophos;i="5.58,370,1544504400"; d="scan'208,217";a="6965798"
IronPort-PHdr: =?us-ascii?q?9a23=3AH1RJ7B1kcq2TYZ99smDT+DRfVm0co7zxezQtwd?= =?us-ascii?q?8ZseIVLfad9pjvdHbS+e9qxAeQG9mDu7Qc06L/iOPJYSQ4+5GPsXQPItRndi?= =?us-ascii?q?QuroEopTEmG9OPEkbhLfTnPGQQFcVGU0J5rTngaRAGUMnxaEfPrXKs8DUcBg?= =?us-ascii?q?vwNRZvJuTyB4Xek9m72/q99pHPYAhEniaxba9vJxiqsAvdsdUbj5F/Iagr0B?= =?us-ascii?q?vJpXVIe+VSxWx2IF+Yggjx6MSt8pN96ipco/0u+dJOXqX8ZKQ4UKdXDC86PG?= =?us-ascii?q?Av5c3krgfMQA2S7XYBSGoWkx5IAw/Y7BHmW5r6ryX3uvZh1CScIMb7S60/Vz?= =?us-ascii?q?a/4KdxUBLmiDkJOSMl8G/ZicJ/gqNbrw6uqBFk2YHYfISVOeBicq7Hf94XQ3?= =?us-ascii?q?dKUMZLVyxGB4Oxd4UDAegfMuZesobyuUEOrQC5BQmqHO/k1zpGiWXs3a0+3e?= =?us-ascii?q?gqDAbL0gkiEd0QtnTbscv6NL0JUeCyyqnF1ivDYO1M2Tf884jIcx8hofeWUb?= =?us-ascii?q?1sdsrRzFAiGgXYhVuTsYzoJy6Z2vgXv2SG7edtW/ijh3Mnpgx/uDSiycMhhp?= =?us-ascii?q?HUio4J0FzI6Cd0zJovKdGlR0N2YsSoHIZTui2COYt5XMAvT31ttSs/yLAJpY?= =?us-ascii?q?K3czIPxZg62xHQd/mKfoiV7R39WuacJDN1i294d72hgRu57FKuxffmVsau1V?= =?us-ascii?q?ZHti9Fkt7RuX8TzxHT8c2HSudl/kemxDaPyxjf6uFaLkAwkqrWM4MszKIomJ?= =?us-ascii?q?YOsUvNBiD4l0TqgKOIbEkk5PSn6+P9YrX+vJOTLZJ7hhvgMqQ0gcy/B/40PR?= =?us-ascii?q?QJX2ie4ei81bvj8lPlQLhSk/E6jrPVvI3YKMkVvKK1Hg9Y34g55xuwCzqqyN?= =?us-ascii?q?EYkmMGLFJBdhKHlY/pO1TWLf79D/mwnVKsnyp1yPDcJb3hBZPNI2PdkLj/Z7?= =?us-ascii?q?Z96lVcyAs8zdBZ/Z5bFrYBIPfrVk/rqNPYFgM5MxCzw+v/Fdp90JgeWWWXAq?= =?us-ascii?q?KCMaPdr0OI5uw1L+mLfo8Vt2W1F/9wrfLolnghsV4QYafv2oEYIjjsEvJ9JF?= =?us-ascii?q?2xYHfwjJEGC2hc7SQkS+m/wn2PVzJefW21WeZ0xTghDMjuWaTjS4ahjaaa2y?= =?us-ascii?q?GTAJBMZ3tHBVbKGnDtIdbXE8wQYT6fd5cy2gcPUqKsHtcs?=
X-IPAS-Result: =?us-ascii?q?A2FSBQBG9mVc/zGZrQpkHgEGBwaBZYEOgUsRgTSDfJVyg?= =?us-ascii?q?3+WNAwBE4Ryg284EgEDAQEBAQEBAgEBAoEGC4I6IoJwBiNoAQgEPgIEMCcEg?= =?us-ascii?q?zMBgQ6sBIEvhUSEcYl8hCA+gTgME4JMiAoxgiYCkCOTCwMGApJrknOKOpFxA?= =?us-ascii?q?gQCBAUCFIFdgXhwegGCQpBckDmBHwEB?=
Received: from BRN1WNEX02.vcorp.ad.vrsn.com (10.173.153.49) by BRN1WNEX02.vcorp.ad.vrsn.com (10.173.153.49) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.1713.5; Thu, 14 Feb 2019 18:17:23 -0500
Received: from BRN1WNEX02.vcorp.ad.vrsn.com ([fe80::7c0a:1cc:5def:9dde]) by BRN1WNEX02.vcorp.ad.vrsn.com ([fe80::7c0a:1cc:5def:9dde%4]) with mapi id 15.01.1713.004; Thu, 14 Feb 2019 18:17:23 -0500
From: "Henderson, Karl" <KHenderson@verisign.com>
To: "dnsop@ietf.org" <dnsop@ietf.org>
Thread-Topic: [DNSOP] extension of DoH to authoritative servers
Thread-Index: AQHUxLtwylFtk43zWkmFVUKhRJ+EWw==
Date: Thu, 14 Feb 2019 23:17:23 +0000
Message-ID: <682B531B-11CE-450B-8404-DF575B0E6D66@verisign.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/10.10.6.190114
x-originating-ip: [10.170.148.18]
Content-Type: multipart/alternative; boundary="_000_682B531B11CE450B8404DF575B0E6D66verisigncom_"
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/7hUq82aAHhw9b9bfjcbCpq0MqlE>
Subject: Re: [DNSOP] extension of DoH to authoritative servers
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 14 Feb 2019 23:17:27 -0000

As we discussed during the interim dprive meeting held last December, we need more empirical studies looking at performance as well as attack vectors. I’m aware of Sinodun’s efforts in this area but are there others that address performance and attack vectors specifically for both DoT and DoH at the authoritative?