IETF Logo Mail Archive

Re: [DNSOP] DNSng-ish (was Re: key lengths for DNSSEC)

Phillip Hallam-Baker <hallam@gmail.com> Thu, 03 April 2014 03:24 UTC

Return-Path: <hallam@gmail.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 132FF1A009E for <dnsop@ietfa.amsl.com>; Wed, 2 Apr 2014 20:24:48 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id QSWP7DpQ6NhR for <dnsop@ietfa.amsl.com>; Wed, 2 Apr 2014 20:24:43 -0700 (PDT)
Received: from mail-lb0-x232.google.com (mail-lb0-x232.google.com [IPv6:2a00:1450:4010:c04::232]) by ietfa.amsl.com (Postfix) with ESMTP id 5487C1A009A for <dnsop@ietf.org>; Wed, 2 Apr 2014 20:24:43 -0700 (PDT)
Received: by mail-lb0-f178.google.com with SMTP id s7so841645lbd.23 for <dnsop@ietf.org>; Wed, 02 Apr 2014 20:24:38 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=pAI+Fa5Hrt50L8hjjjNEkqMOSzyaj4FZmp4eYzdlvnw=; b=tgGyipSyMue+2K9dsqFZznk8sgkpXGac3JQTdSzd317TAgIbhh5gtLPSDTV9Sg2iKS 1kD394Cy+smaYYlsVc9BWrFvEG3nWhD9OkyRQoQOt6FpRdzwbg9EFQmIWS3O8OHN1iYC vmYQMKtmJXnU7CAo/JSJOovaimBnkpJT9sWdr86We3fyMEud7dn+gGraoRxxsw3nqHwG AvD2pYO5LZ5ziyvx178R12Gd3Tu1M3+5RcVjWY5ny+nEKEDPoXchSWZtwDjWt/MPvw36 oerp0maMiXMUFwwjou4cPGLWvI7CUld4mLq7kmeq+LzjAfaJn3g/jYXbkc6uzvVcsy9t 6Oag==
MIME-Version: 1.0
X-Received: by 10.152.184.66 with SMTP id es2mr2613919lac.22.1396495478647; Wed, 02 Apr 2014 20:24:38 -0700 (PDT)
Received: by 10.112.234.229 with HTTP; Wed, 2 Apr 2014 20:24:38 -0700 (PDT)
In-Reply-To: <20140403024828.GI56668@mx1.yitter.info>
References: <78F386B0-BC6B-4159-B9D4-4BFEB10252A6@rfc1035.com> <1D0A45EF-E5D3-468D-BA08-E45FEF4399DE@dnss.ec> <CAMm+LwgNoNhg7wSO+wqCGujBSfC4Fu3cwMPu2nTmkdvDwAD5Mw@mail.gmail.com> <20140402233105.GD56668@mx1.yitter.info> <CAMm+Lwh9G7VR1W4Qgi+qT4GCZKzC7qarHkaffVGETj1vfjheDg@mail.gmail.com> <20140403024828.GI56668@mx1.yitter.info>
Date: Wed, 02 Apr 2014 23:24:38 -0400
Message-ID: <CAMm+LwheDGtS=dmdkwscR5J=PT4GhqV-Kg6qLhy3=5bc3EpgvA@mail.gmail.com>
From: Phillip Hallam-Baker <hallam@gmail.com>
To: Andrew Sullivan <ajs@anvilwalrusden.com>
Content-Type: multipart/alternative; boundary="001a1135e20cef6fe804f61af0fe"
Archived-At: http://mailarchive.ietf.org/arch/msg/dnsop/Yk16QkhOpU7Od57_3W7Lz2mtw7M
Cc: "dnsop@ietf.org" <dnsop@ietf.org>
Subject: Re: [DNSOP] DNSng-ish (was Re: key lengths for DNSSEC)
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 03 Apr 2014 03:24:48 -0000

On Wed, Apr 2, 2014 at 10:48 PM, Andrew Sullivan <ajs@anvilwalrusden.com>wrote:

> On Wed, Apr 02, 2014 at 09:07:07PM -0400, Phillip Hallam-Baker wrote:
> > 1) Client -> Resolver
>
> > Changing 1 is the easiest and also the part that is most in need.
>
> >From where I sit, that project appears to reduce to roughly "upgrade
> all the computers on Earth."  It may be that we do not have a common
> meaning of "easiest".  Perhaps you could say more.
>

Nope, just the gateway devices and the main DNS servers.

Legacy DNS over raw UDP will be around for decades to come. But DNS over a
privacy protected transport is quite viable.

The privacy issues are most acute at the network gateway device, the
firewall or the WiFi router.


Privacy protection plus anti-censorship protection is in big demand right
now.

-- 
Website: http://hallambaker.com/

v2.23.0 | Report a Bug | By Email