Re: [DNSOP] [Doh] [dns-privacy] New: draft-bertola-bcp-doh-clients
"Konda, Tirumaleswar Reddy" <TirumaleswarReddy_Konda@McAfee.com> Tue, 12 March 2019 15:51 UTC
Return-Path: <TirumaleswarReddy_Konda@mcafee.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 42C0C130E77; Tue, 12 Mar 2019 08:51:35 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.299
X-Spam-Level:
X-Spam-Status: No, score=-4.299 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, NORMAL_HTTP_TO_IP=0.001, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=mcafee.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id BSZF3xS_v6eB; Tue, 12 Mar 2019 08:51:31 -0700 (PDT)
Received: from DNVWSMAILOUT1.mcafee.com (dnvwsmailout1.mcafee.com [161.69.31.173]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 25C51130E46; Tue, 12 Mar 2019 08:51:31 -0700 (PDT)
X-NAI-Header: Modified by McAfee Email Gateway (5500)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mcafee.com; s=s_mcafee; t=1552405685; h=From: To:CC:Subject:Thread-Topic:Thread-Index:Date: Message-ID:References:In-Reply-To:Accept-Language: Content-Language:X-MS-Has-Attach:X-MS-TNEF-Correlator: dlp-product:dlp-version:dlp-reaction:authentication-results: x-originating-ip:x-ms-publictraffictype:x-ms-office365-filtering-correlation-id: x-microsoft-antispam:x-ms-traffictypediagnostic: x-ms-exchange-purlcount:x-microsoft-exchange-diagnostics: x-microsoft-antispam-prvs:x-forefront-prvs: x-forefront-antispam-report:received-spf:x-ms-exchange-senderadcheck: x-microsoft-antispam-message-info:Content-Type: MIME-Version:X-MS-Exchange-CrossTenant-Network-Message-Id: X-MS-Exchange-CrossTenant-originalarrivaltime: X-MS-Exchange-CrossTenant-fromentityheader: X-MS-Exchange-CrossTenant-id:X-MS-Exchange-CrossTenant-mailboxtype: X-MS-Exchange-Transport-CrossTenantHeadersStamped: X-OriginatorOrg:X-NAI-Spam-Flag:X-NAI-Spam-Threshold: X-NAI-Spam-Score:X-NAI-Spam-Version; bh=5 9AiTEiS4+9MT3ZAI2wccHo//QZqzSgpDVxQCAJSxE w=; b=T85NLJlkt/opAmwNP58D4Fnhy78pzIoA+CUBdJET/Sx4 yRpunRTOj+802Jmqi5Qo9CLrEcjnM/aXtfSox7xHzAmwpRuqD/ DnI78i9E82g0FD3NLjfizinDhwOW41kwMO3OFv20FezT0Mxtot 8S1rmLztpaixxE6z9Z0UCpNj/84=
Received: from DNVEXAPP1N05.corpzone.internalzone.com (unknown [10.44.48.89]) by DNVWSMAILOUT1.mcafee.com with smtp (TLS: TLSv1/SSLv3,256bits,ECDHE-RSA-AES256-SHA384) id 071f_ae20_24fbe854_7a6d_48c0_b88c_71918a126796; Tue, 12 Mar 2019 09:48:04 -0600
Received: from DNVEXAPP1N05.corpzone.internalzone.com (10.44.48.89) by DNVEXAPP1N05.corpzone.internalzone.com (10.44.48.89) with Microsoft SMTP Server (TLS) id 15.0.1395.4; Tue, 12 Mar 2019 09:50:42 -0600
Received: from DNVO365EDGE1.corpzone.internalzone.com (10.44.176.66) by DNVEXAPP1N05.corpzone.internalzone.com (10.44.48.89) with Microsoft SMTP Server (TLS) id 15.0.1395.4 via Frontend Transport; Tue, 12 Mar 2019 09:50:42 -0600
Received: from NAM02-CY1-obe.outbound.protection.outlook.com (10.44.176.240) by edge.mcafee.com (10.44.176.66) with Microsoft SMTP Server (TLS) id 15.0.1395.4; Tue, 12 Mar 2019 09:50:39 -0600
Received: from BYAPR16MB2790.namprd16.prod.outlook.com (20.178.233.91) by BYAPR16MB2454.namprd16.prod.outlook.com (20.177.226.217) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1686.19; Tue, 12 Mar 2019 15:50:39 +0000
Received: from BYAPR16MB2790.namprd16.prod.outlook.com ([fe80::9c48:452b:e39c:ef39]) by BYAPR16MB2790.namprd16.prod.outlook.com ([fe80::9c48:452b:e39c:ef39%2]) with mapi id 15.20.1709.011; Tue, 12 Mar 2019 15:50:39 +0000
From: "Konda, Tirumaleswar Reddy" <TirumaleswarReddy_Konda@McAfee.com>
To: Eric Rescorla <ekr@rtfm.com>
CC: "doh@ietf.org" <doh@ietf.org>, "dnsop@ietf.org" <dnsop@ietf.org>, "dns-privacy@ietf.org" <dns-privacy@ietf.org>, Vittorio Bertola <vittorio.bertola=40open-xchange.com@dmarc.ietf.org>, Stephen Farrell <stephen.farrell@cs.tcd.ie>
Thread-Topic: [Doh] [dns-privacy] [DNSOP] New: draft-bertola-bcp-doh-clients
Thread-Index: AQHU2C+f7jidn2WHF0WeuF/A93J/OKYGu6uAgAA7DwCAASpAQA==
Date: Tue, 12 Mar 2019 15:50:39 +0000
Message-ID: <BYAPR16MB2790E12D58E5ED2F58355CCDEA490@BYAPR16MB2790.namprd16.prod.outlook.com>
References: <1700920918.12557.1552229700654@appsuite.open-xchange.com> <7667c4d7-2e78-0a27-84af-cf1c00fd4897@cs.tcd.ie> <1991054337.12802.1552259263075@appsuite.open-xchange.com> <eea64b30-aad0-a030-5360-1b1484f1d0e3@huitema.net> <CAPsNn2WhjHSEHJUEL8GB6X0d24fkajgPnY4YgkOQbXjyxb5q8Q@mail.gmail.com> <e62efaf3-4a35-4a52-5ed4-dee2e7fafe72@huitema.net> <69f989ba-0939-b917-b586-9e3af3fb8b74@redbarn.org> <CAPsNn2XNCzgAdfJtxBVboAe+d6sbCiV2fZv9185wm+HN+3zRdg@mail.gmail.com> <BYAPR16MB279065EE519680E7FC9A637CEA480@BYAPR16MB2790.namprd16.prod.outlook.com> <CAPsNn2Up1AtJJCdmu_9NC4jfzc-8dtE+QjUzRxMBUwaN44gvOg@mail.gmail.com> <76386691-c1aa-c48a-9b0d-67eb36a08a4f@redbarn.org> <CABcZeBOWM0Ps-j3V-CK6VPy0LAqeo7-t7odUZy+dk9d-oCSDsg@mail.gmail.com>
In-Reply-To: <CABcZeBOWM0Ps-j3V-CK6VPy0LAqeo7-t7odUZy+dk9d-oCSDsg@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
dlp-product: dlpe-windows
dlp-version: 11.2.0.6
dlp-reaction: no-action
authentication-results: spf=none (sender IP is ) smtp.mailfrom=TirumaleswarReddy_Konda@McAfee.com;
x-originating-ip: [49.37.203.5]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: b568b25b-9e1c-4579-4e6f-08d6a7027a17
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600127)(711020)(4605104)(2017052603328)(7153060)(7193020); SRVR:BYAPR16MB2454;
x-ms-traffictypediagnostic: BYAPR16MB2454:
x-ms-exchange-purlcount: 3
x-microsoft-exchange-diagnostics: 1;BYAPR16MB2454;23:0ljHHhHmXtsrXOGCSI7/GINRxGPUFBGolo7XddxG4ukWsp7hoc7HiSXIX9ytiRaOlJ6/Yt7xMVMhTrbO2YLo5gONYfaDyhlNwalC5Ngw4fDXgydU9AZVVDNuxI2she/CByjUS2NDLpKRfykzZAaQmrSKLvycn5hDWdK1OcXBcBjOMoJvQQgdxRX+Zxavd75H7vcGJc1N6E/XVdMQibZUhGeAqXJlee6ddmQOJ7zj/EXMpU2WtUug9Eyv6xIQbo376hs2na1Aj6WZveDwH1ih91Im9qf5Fmfr5WYc9IZEfHphNPQAnQbGAB0ayLNXI1o3bwJmCQEDIGhPu3qZnCcPIH/QSp+UwF+QJNGX+hx2m3STLjhuKPglDaNuXr7AOLlMjNduRv7j8YOkRztCNd5ikO1HoL5wCazqHFwabGrF3MWB2/rptKf1clyQtBQ/4/KVEFZvKdwya/xZlcJ8ErD1K/IVGY5C5fhW1122TuNtRxQZscgr7docILq/eioenx9zVH+J1DQn4qyZtoMuuqCKeW6mMQkuWi2nL+2TrGZVdBEARjGHxQEAwh4gtXW6g1Lopsh0Eah6McaN6e/4DYisZbRM5X+G89PAi/CtJ/WI64XWbRynXSuQwxhvE9KDk1G3qSxhVR3iRlu4ary0bsrlxKovk0gAi2/WIQwr7YkILkXkWnarESEFpBqmHk3jdliz4hUmKwnx+cMok1ftXsSjcqX1SaftHfQpK6dr5YeXoQZZxG/Y+VxFd6dYLOeHt0YVW0VDNgPUQBORZIW9pnIaEqwrlFyOj47G07vw/lxEcb3IyjAaJcSX07YlpfGpYhOXjbo2+Dd9nw4+oc3Csni4PsY+buZeGW6WFIXYgJAozu6Xy9uVFeBDZ5WdzUA12xFiGZqX0r9k8APB/hVZ96bij/pBp65hXKLBue9eM9nERgNUJewYKBntXKb2WNUf3tVdBGjca3tZS+epzBBwLQ/VZ4AW5E03EiS8Q1NIOY5ozh1nz3+Kf2WJqEtntCZn+/pz7wOD+XfgxBjs6x3edUoWpad9L2wqxk+4tx8AxxVSjXUbx+5u4pWpWYe516FaTJqKw3FNqInA+kzZayZR/i95+sVXwf9tp0zKA0Vr2Px4AnNRjzdrnlh2r1J9KQx3sDSxhGdAILc+EFHr7gOnLCxe+9TdQfcU/zOQPwtYrqCr2Jlx5Dtwaho3K2bB+KpB9AyR5XmBWw6tyWIGYMn9ULEGlYgfpHoZ/X+C3KtS1EaWZpyE1n6eMqrxkl4BjSMNeFeAucu2vh7qIf/r5Xfwo0v8APgpLDgsrZO2rE7UtBxzU5v6ERSfmDiyR02Z2R+ZNeqbXbbNwsKum636so5+BqRRayFGYZ65okquVLtSeKiTyS2Cq0L+v1MWUKvFbPWnBWLj1re0pUPSuXp4ZRs0mjQ9UELs8/QliiFAfLasdnbaZ+Gm4J4TE6MJtIVltRvRmiOnr55ejXM8HumjSy5voJuDPsWfA4cBNIY0PK3FKDRIXqO1op5d4eqfP+1TNPZHmzWvUwIrzxKe69D8ryYCyCTHZLx6ORc+sJok4zzrAVCp9wo2CBi8FLp7EYQOWpPRqp7UajTFcUWQPpeiVFsvu75DzA==
x-microsoft-antispam-prvs: <BYAPR16MB2454E4442993AB8BC2F4B8B8EA490@BYAPR16MB2454.namprd16.prod.outlook.com>
x-forefront-prvs: 09749A275C
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(6019001)(39860400002)(376002)(346002)(396003)(366004)(136003)(269900001)(189003)(199004)(54094003)(32952001)(99286004)(3846002)(966005)(476003)(66066001)(5024004)(9686003)(26005)(7696005)(68736007)(14444005)(6916009)(33656002)(6116002)(7736002)(106356001)(76176011)(186003)(5660300002)(105586002)(80792005)(6506007)(72206003)(53546011)(102836004)(790700001)(74316002)(229853002)(6246003)(316002)(6306002)(55016002)(54896002)(4326008)(53936002)(93886005)(6436002)(2906002)(8936002)(446003)(236005)(54906003)(14454004)(71200400001)(71190400001)(86362001)(8676002)(478600001)(9326002)(486006)(81156014)(52536013)(81166006)(97736004)(606006)(11346002)(25786009)(256004)(85282002)(256605007)(16193025007); DIR:OUT; SFP:1101; SCL:1; SRVR:BYAPR16MB2454; H:BYAPR16MB2790.namprd16.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: McAfee.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: oVGywpr25VU3Vte4Gw08ZurrSEctCBrQnK1fxESMWq2ShZCvQ15Hky53vyqGBh0zkh7P89CDvIZKub+opEbD9h8oAkpgxj4HsZYXwYENlMIkSRQB/4FGD/gIlouEtFM25I/51ZkFlRs4kkvdJnAywAhpkP/aavzQLQEAP0T5HXqC2OgoRoDK+afQnPgOIpx9ZXXymfOlRBSxf9ITSd5xvOq6mjZGeNgxVFrzQe/IBdjPUFxljhSZ7NEiY/CsCpgTc8y0Qgz/FBrZk01KDYiqDXuj2aG1netvLJAC+m3ECSI9mtRi6p3TcHfbfnZt3qSiQ9cFgeBqqtg3Oas8azDRvXTVVkyC/vAAdMSZQLSyCA+B5dPVslK+IozjjKddyj7Ov4r9cd5EmzTpfn3TRNxf7in+dQyDw1jrArJ9z2VcMZw=
Content-Type: multipart/alternative; boundary="_000_BYAPR16MB2790E12D58E5ED2F58355CCDEA490BYAPR16MB2790namp_"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: b568b25b-9e1c-4579-4e6f-08d6a7027a17
X-MS-Exchange-CrossTenant-originalarrivaltime: 12 Mar 2019 15:50:39.7843 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 4943e38c-6dd4-428c-886d-24932bc2d5de
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BYAPR16MB2454
X-OriginatorOrg: mcafee.com
X-NAI-Spam-Flag: NO
X-NAI-Spam-Threshold: 15
X-NAI-Spam-Score: 0
X-NAI-Spam-Version: 2.3.0.9418 : core <6501> : inlines <7032> : streams <1815502> : uri <2811454>
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/mSdEIjTElDu2q21DO959l1O4f4o>
Subject: Re: [DNSOP] [Doh] [dns-privacy] New: draft-bertola-bcp-doh-clients
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 12 Mar 2019 15:51:36 -0000
Hi Eric, In TLS 1.2, it is possible for firewalls to inspect the TLS handshake, and white-list, black-list and grey-list TLS session based on the server identity. In other words, middleboxes are conditionally acting as TLS proxies to specific servers (categorized in the grey-list). With TLS 1.3 and encrypted SNI, the middle box now has to act as a TLS proxy for all the flows. -Tiru From: Eric Rescorla <ekr@rtfm.com> Sent: Tuesday, March 12, 2019 3:14 AM To: Paul Vixie <paul@redbarn.org> Cc: nalini elkins <nalini.elkins@e-dco.com>; Konda, Tirumaleswar Reddy <TirumaleswarReddy_Konda@McAfee.com>; doh@ietf.org; dnsop@ietf.org; Ackermann, Michael <mackermann@bcbsm.com>; Christian Huitema <huitema@huitema.net>; dns-privacy@ietf.org; Vittorio Bertola <vittorio.bertola=40open-xchange.com@dmarc.ietf.org>; Stephen Farrell <stephen.farrell@cs.tcd.ie> Subject: Re: [Doh] [dns-privacy] [DNSOP] New: draft-bertola-bcp-doh-clients CAUTION: External email. Do not click links or open attachments unless you recognize the sender and know the content is safe. ________________________________ On Mon, Mar 11, 2019 at 11:13 AM Paul Vixie <paul@redbarn.org<mailto:paul@redbarn.org>> wrote: nalini elkins wrote on 2019-03-11 10:26: > Tiru, > > Thanks for your comments. > > > Enterprise networks are already able to block DoH services, i wonder if everyone here knows that TLS 1.3 and encrypted headers is going to push a SOCKS agenda onto enterprises that had not previously needed one, I'm pretty familiar with TLS 1.3, but I don't know what this means. TLS 1.3 doesn't generally encrypt headers any more than TLS 1.2 did, except for the content type byte, which isn't that useful for inspection anyway. Are you perchance referring to encrypted SNI? Something else? -Ekr and that simply blocking every external endpoint known or tested to support DoH will be the cheaper alternative, even if that makes millions of other endpoints at google, cloudflare, cisco, and ibm unreachable as a side effect? CF has so far only supported DoH on 1.1.1.0/24<http://1.1.1.0/24> and 1.0.1.0/24<http://1.0.1.0/24>, which i blocked already (before DoH) so that's not a problem. but if google decides to support DoH on the same IP addresses and port numbers that are used for some API or web service i depend on, that web service is going to be either blocked, or forced to go through SOCKS. this will add considerable cost to my network policy. (by design.) -- P Vixie _______________________________________________ Doh mailing list Doh@ietf.org<mailto:Doh@ietf.org> https://www.ietf.org/mailman/listinfo/doh
- Re: [DNSOP] [dns-privacy] New: draft-bertola-bcp-… nalini elkins
- Re: [DNSOP] [dns-privacy] New: draft-bertola-bcp-… Christian Huitema
- Re: [DNSOP] [dns-privacy] New: draft-bertola-bcp-… nalini elkins
- Re: [DNSOP] [dns-privacy] New: draft-bertola-bcp-… Paul Vixie
- Re: [DNSOP] [dns-privacy] New: draft-bertola-bcp-… nalini elkins
- Re: [DNSOP] [dns-privacy] New: draft-bertola-bcp-… Christian Huitema
- Re: [DNSOP] [dns-privacy] New: draft-bertola-bcp-… Paul Vixie
- Re: [DNSOP] [dns-privacy] New: draft-bertola-bcp-… Konda, Tirumaleswar Reddy
- Re: [DNSOP] [dns-privacy] New: draft-bertola-bcp-… nalini elkins
- Re: [DNSOP] [dns-privacy] New: draft-bertola-bcp-… Paul Vixie
- Re: [DNSOP] [Doh] [dns-privacy] New: draft-bertol… Eliot Lear
- Re: [DNSOP] [dns-privacy] New: draft-bertola-bcp-… nalini elkins
- Re: [DNSOP] [Doh] [dns-privacy] New: draft-bertol… Daniel Stenberg
- Re: [DNSOP] [dns-privacy] New: draft-bertola-bcp-… Brian Dickson
- Re: [DNSOP] [Doh] [dns-privacy] New: draft-bertol… Eric Rescorla
- Re: [DNSOP] [Doh] [dns-privacy] New: draft-bertol… Paul Vixie
- Re: [DNSOP] [dns-privacy] New: draft-bertola-bcp-… Stephen Farrell
- Re: [DNSOP] [dns-privacy] New: draft-bertola-bcp-… nalini elkins
- Re: [DNSOP] [dns-privacy] New: draft-bertola-bcp-… Stephen Farrell
- Re: [DNSOP] [dns-privacy] New: draft-bertola-bcp-… Konda, Tirumaleswar Reddy
- Re: [DNSOP] [Doh] [dns-privacy] New: draft-bertol… Konda, Tirumaleswar Reddy
- Re: [DNSOP] [dns-privacy] New: draft-bertola-bcp-… Neil Cook
- Re: [DNSOP] [EXTERNAL] Re: [dns-privacy] [Doh] Ne… Winfield, Alister
- Re: [DNSOP] [EXTERNAL] [dns-privacy] [Doh] New: d… Eliot Lear
- Re: [DNSOP] [dns-privacy] New: draft-bertola-bcp-… Konda, Tirumaleswar Reddy
- Re: [DNSOP] [dns-privacy] [EXTERNAL] [Doh] New: d… Konda, Tirumaleswar Reddy
- Re: [DNSOP] [Doh] [dns-privacy] New: draft-bertol… Stephane Bortzmeyer
- Re: [DNSOP] [dns-privacy] New: draft-bertola-bcp-… Stephane Bortzmeyer
- Re: [DNSOP] [Doh] [dns-privacy] New: draft-bertol… Stephane Bortzmeyer
- Re: [DNSOP] [dns-privacy] New: draft-bertola-bcp-… Stephane Bortzmeyer
- Re: [DNSOP] [Doh] [dns-privacy] New: draft-bertol… Konda, Tirumaleswar Reddy
- Re: [DNSOP] [Doh] [dns-privacy] New: draft-bertol… Neil Cook
- Re: [DNSOP] [Doh] [dns-privacy] New: draft-bertol… Eric Rescorla
- Re: [DNSOP] [Doh] [dns-privacy] New: draft-bertol… Stephane Bortzmeyer
- Re: [DNSOP] [dns-privacy] New: draft-bertola-bcp-… Jim Reid
- Re: [DNSOP] [Doh] [dns-privacy] New: draft-bertol… Ralf Weber
- Re: [DNSOP] [Doh] [dns-privacy] New: draft-bertol… Neil Cook
- Re: [DNSOP] [Doh] [dns-privacy] New: draft-bertol… Jim Reid
- Re: [DNSOP] [dns-privacy] [EXTERNAL] [Doh] New: d… Eliot Lear
- Re: [DNSOP] [dns-privacy] New: draft-bertola-bcp-… Christian Huitema
- Re: [DNSOP] [Doh] [dns-privacy] New: draft-bertol… Paul Vixie
- Re: [DNSOP] [Doh] [dns-privacy] New: draft-bertol… Paul Vixie
- Re: [DNSOP] [Doh] [dns-privacy] New: draft-bertol… Paul Vixie
- Re: [DNSOP] [Doh] [dns-privacy] New: draft-bertol… Paul Vixie
- Re: [DNSOP] [Doh] [dns-privacy] New: draft-bertol… Christian Huitema
- Re: [DNSOP] [Doh] [dns-privacy] New: draft-bertol… Paul Vixie
- Re: [DNSOP] [Doh] [dns-privacy] New: draft-bertol… Yishai Beeri (yishaib)
- Re: [DNSOP] [Doh] [dns-privacy] New: draft-bertol… Michael Sinatra
- Re: [DNSOP] [Doh] [dns-privacy] New: draft-bertol… Yishai Beeri (yishaib)
- Re: [DNSOP] [Doh] [dns-privacy] New: draft-bertol… Christian Huitema
- Re: [DNSOP] [Doh] [dns-privacy] New: draft-bertol… Paul Vixie
- Re: [DNSOP] [Doh] [dns-privacy] New: draft-bertol… Stephen Farrell
- Re: [DNSOP] [Doh] [dns-privacy] New: draft-bertol… Stephen Farrell
- Re: [DNSOP] [Doh] [dns-privacy] New: draft-bertol… Paul Vixie
- Re: [DNSOP] [dns-privacy] [Doh] New: draft-bertol… Brian Dickson
- Re: [DNSOP] [Doh] [dns-privacy] New: draft-bertol… Stephen Farrell
- Re: [DNSOP] [dns-privacy] New: draft-bertola-bcp-… Mark Andrews
- Re: [DNSOP] [dns-privacy] [Doh] New: draft-bertol… Paul Wouters
- Re: [DNSOP] [dns-privacy] [Doh] New: draft-bertol… Paul Wouters
- Re: [DNSOP] [dns-privacy] [Doh] New: draft-bertol… Stephen Farrell
- Re: [DNSOP] [Doh] [dns-privacy] New: draft-bertol… Raymond Burkholder
- Re: [DNSOP] [dns-privacy] [Doh] New: draft-bertol… Vittorio Bertola
- Re: [DNSOP] [Doh] [dns-privacy] New: draft-bertol… nalini elkins
- Re: [DNSOP] [Doh] [dns-privacy] New: draft-bertol… Raymond Burkholder
- Re: [DNSOP] [Doh] [dns-privacy] New: draft-bertol… Vittorio Bertola
- Re: [DNSOP] [Doh] [dns-privacy] New: draft-bertol… Christian Huitema
- Re: [DNSOP] [Doh] [dns-privacy] New: draft-bertol… Raymond Burkholder
- Re: [DNSOP] [dns-privacy] [Doh] New: draft-bertol… Christian Huitema
- Re: [DNSOP] [Doh] [dns-privacy] New: draft-bertol… Vittorio Bertola
- Re: [DNSOP] [Doh] [dns-privacy] New: draft-bertol… Eliot Lear
- Re: [DNSOP] [Doh] [dns-privacy] New: draft-bertol… Konda, Tirumaleswar Reddy
- Re: [DNSOP] [dns-privacy] [Doh] New: draft-bertol… Christian Huitema
- Re: [DNSOP] [dns-privacy] [Doh] New: draft-bertol… Paul Vixie
- Re: [DNSOP] [Doh] [dns-privacy] New: draft-bertol… Paul Vixie
- Re: [DNSOP] [Doh] [dns-privacy] New: draft-bertol… Paul Vixie
- Re: [DNSOP] [dns-privacy] [Doh] New: draft-bertol… Brian Haberman
- Re: [DNSOP] [Doh] [dns-privacy] New: draft-bertol… Livingood, Jason
- Re: [DNSOP] [Doh] [dns-privacy] New: draft-bertol… Christian Huitema
- Re: [DNSOP] [Doh] [dns-privacy] New: draft-bertol… Brian Dickson
- Re: [DNSOP] [dns-privacy] [Doh] New: draft-bertol… Stephen Farrell
- Re: [DNSOP] [dns-privacy] [Doh] New: draft-bertol… Brian Dickson
- Re: [DNSOP] [Doh] [dns-privacy] New: draft-bertol… Stephen Farrell
- Re: [DNSOP] [dns-privacy] [Doh] New: draft-bertol… Michael Sinatra
- Re: [DNSOP] [dns-privacy] [Doh] New: draft-bertol… Stephen Farrell
- Re: [DNSOP] [Doh] [dns-privacy] New: draft-bertol… Adam Roach
- Re: [DNSOP] [dns-privacy] [Doh] New: draft-bertol… Michael Sinatra
- Re: [DNSOP] [dns-privacy] [Doh] New: draft-bertol… Paul Vixie
- Re: [DNSOP] [dns-privacy] [Doh] New: draft-bertol… Ted Lemon
- Re: [DNSOP] [dns-privacy] [Doh] New: draft-bertol… Bob Harold
- Re: [DNSOP] [dns-privacy] [Doh] New: draft-bertol… Paul Vixie
- Re: [DNSOP] [dns-privacy] New: draft-bertola-bcp-… william manning
- Re: [DNSOP] [dns-privacy] New: draft-bertola-bcp-… Watson Ladd
- Re: [DNSOP] [dns-privacy] New: draft-bertola-bcp-… Paul Vixie