Re: [DNSOP] my dnse vision
Tony Finch <dot@dotat.at> Wed, 05 March 2014 11:43 UTC
Return-Path: <fanf2@hermes.cam.ac.uk>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6E5F51A0462 for <dnsop@ietfa.amsl.com>; Wed, 5 Mar 2014 03:43:21 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.447
X-Spam-Level:
X-Spam-Status: No, score=-2.447 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RP_MATCHES_RCVD=-0.547] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id A9MndA1JI0ds for <dnsop@ietfa.amsl.com>; Wed, 5 Mar 2014 03:43:19 -0800 (PST)
Received: from ppsw-41.csi.cam.ac.uk (ppsw-41-v6.csi.cam.ac.uk [IPv6:2001:630:212:8::e:f41]) by ietfa.amsl.com (Postfix) with ESMTP id 0F33D1A0484 for <dnsop@ietf.org>; Wed, 5 Mar 2014 03:43:18 -0800 (PST)
X-Cam-AntiVirus: no malware found
X-Cam-ScannerInfo: http://www.cam.ac.uk/cs/email/scanner/
Received: from [31.76.20.219] (port=56235) by ppsw-41.csi.cam.ac.uk (smtp.hermes.cam.ac.uk [131.111.8.157]:587) with esmtpsa (PLAIN:fanf2) (TLSv1:AES128-SHA:128) id 1WLAE3-0007zf-Ry (Exim 4.82_3-c0e5623) (return-path <fanf2@hermes.cam.ac.uk>); Wed, 05 Mar 2014 11:43:11 +0000
References: <201403051107.s25B7ext069332@givry.fdupont.fr> <00de01cf3864$ec8f67e0$c5ae37a0$@rozanak.com>
Mime-Version: 1.0 (1.0)
In-Reply-To: <00de01cf3864$ec8f67e0$c5ae37a0$@rozanak.com>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Message-Id: <92ED94BD-5D64-430E-9F92-24AAC0BA47E1@dotat.at>
X-Mailer: iPhone Mail (11B651)
From: Tony Finch <dot@dotat.at>
Date: Wed, 05 Mar 2014 11:42:56 +0000
To: Hosnieh Rafiee <ietf@rozanak.com>
Sender: Tony Finch <fanf2@hermes.cam.ac.uk>
Archived-At: http://mailarchive.ietf.org/arch/msg/dnsop/irDg4eMrDFAFG-QG5KMlb7OSTOA
Cc: "<dnsop@ietf.org>" <dnsop@ietf.org>
Subject: Re: [DNSOP] my dnse vision
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 05 Mar 2014 11:43:21 -0000
> On 5 Mar 2014, at 11:20, "Hosnieh Rafiee" <ietf@rozanak.com> wrote: > > Why don't we need confidentiality with open resolvers like google? > One might not like that anybody on his/her network knows what he is > browsing. This is a part of privacy. Right. Encrypting to distant resolvers has to be at least as important as local ones. The usual argument against encryption does not apply since there will be eavesdroppers who cannot also see the user's non-DNS traffic. I think dnse is important because it removes an obstacle to putting interesting data in the DNS. At the moment your DNS traffic might reveal that you are doing email but not who with. If your MUA starts looking up PGP or S/MIME keys then privacy becomes a lot more important. Email is just an example; I am sure there are other really interesting uses for a more secure DNS. Tony. -- f.anthony.n.finch <dot@dotat.at> http://dotat.at/
- Re: [DNSOP] my dnse vision Tim Wicinski
- Re: [DNSOP] my dnse vision Hosnieh Rafiee
- Re: [DNSOP] my dnse vision Miek Gieben
- Re: [DNSOP] my dnse vision Francis Dupont
- Re: [DNSOP] my dnse vision Tony Finch
- Re: [DNSOP] my dnse vision Dan York
- Re: [DNSOP] my dnse vision Tony Finch
- Re: [DNSOP] my dnse vision Olafur Gudmundsson
- Re: [DNSOP] my dnse vision Tim Wicinski
- Re: [DNSOP] my dnse vision Francis Dupont
- [DNSOP] my dnse vision Francis Dupont
- [DNSOP] QUIC for DNS confidentiality (Was: my dns… Stephane Bortzmeyer
- Re: [DNSOP] my dnse vision Stephane Bortzmeyer
- Re: [DNSOP] my dnse vision Stephane Bortzmeyer
- Re: [DNSOP] my dnse vision Stephane Bortzmeyer
- Re: [DNSOP] my dnse vision Francis Dupont
- Re: [DNSOP] my dnse vision Stephane Bortzmeyer
- Re: [DNSOP] my dnse vision Stephane Bortzmeyer
- Re: [DNSOP] my dnse vision Jelte Jansen
- Re: [DNSOP] my dnse vision Olafur Gudmundsson
- Re: [DNSOP] my dnse vision Wessels, Duane
- Re: [DNSOP] my dnse vision Tony Finch
- Re: [DNSOP] QUIC for DNS confidentiality (Was: my… Tim Wicinski
- Re: [DNSOP] my dnse vision Stephane Bortzmeyer
- Re: [DNSOP] my dnse vision Stephane Bortzmeyer
- Re: [DNSOP] my dnse vision Stephane Bortzmeyer
- Re: [DNSOP] my dnse vision Jelte Jansen
- Re: [DNSOP] deploying security Francis Dupont
- Re: [DNSOP] my dnse vision Evan Hunt
- Re: [DNSOP] my dnse vision Hosnieh Rafiee
- Re: [DNSOP] my dnse vision Stephane Bortzmeyer
- Re: [DNSOP] my dnse vision Evan Hunt
- Re: [DNSOP] my dnse vision Tony Finch
- Re: [DNSOP] my dnse vision Phillip Hallam-Baker
- Re: [DNSOP] my dnse vision Tony Finch
- Re: [DNSOP] my dnse vision Phillip Hallam-Baker
- Re: [DNSOP] my dnse vision Tony Finch
- Re: [DNSOP] my dnse vision Mark Andrews