Re: [Doh] WGLC #2

Patrick McManus <pmcmanus@mozilla.com> Wed, 23 May 2018 21:57 UTC

Return-Path: <pmcmanus@mozilla.com>
X-Original-To: doh@ietfa.amsl.com
Delivered-To: doh@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 762DA12E8C5 for <doh@ietfa.amsl.com>; Wed, 23 May 2018 14:57:18 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.234
X-Spam-Level:
X-Spam-Status: No, score=-1.234 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, SPF_SOFTFAIL=0.665] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jds1CxaiK9Da for <doh@ietfa.amsl.com>; Wed, 23 May 2018 14:57:17 -0700 (PDT)
Received: from linode64.ducksong.com (www.ducksong.com [192.155.95.102]) by ietfa.amsl.com (Postfix) with ESMTP id E0B7E12E8C6 for <doh@ietf.org>; Wed, 23 May 2018 14:57:16 -0700 (PDT)
Received: from mail-ot0-f177.google.com (mail-ot0-f177.google.com [74.125.82.177]) by linode64.ducksong.com (Postfix) with ESMTPSA id 8FA2A3A043 for <doh@ietf.org>; Wed, 23 May 2018 17:57:16 -0400 (EDT)
Received: by mail-ot0-f177.google.com with SMTP id l22-v6so27059333otj.0 for <doh@ietf.org>; Wed, 23 May 2018 14:57:16 -0700 (PDT)
X-Gm-Message-State: ALKqPwc0uOvKlS3Y9ClEsdmHpiS0CpycRKozaGMDBP+ecSPqenZYkz7K wtCEPpLyYAJKmUY/dptaneWlA0LdKGHPuwINtmY=
X-Google-Smtp-Source: AB8JxZpDv78dTOkh9+IIqhhBPWwSGXxve8fJIa2JDOopNq0LOJtIcgr1SJycKRyJMSrbJobkYP2my//eEVjmjMJiAbk=
X-Received: by 2002:a9d:5014:: with SMTP id a20-v6mr2760097oth.205.1527112636346; Wed, 23 May 2018 14:57:16 -0700 (PDT)
MIME-Version: 1.0
Received: by 2002:a4a:8a24:0:0:0:0:0 with HTTP; Wed, 23 May 2018 14:57:15 -0700 (PDT)
In-Reply-To: <64EB3BCA-64D2-47DB-8F0E-D323451F0025@bangj.com>
References: <CAHbrMsCxkogJ-fzubf7cPgvbeGAhWUFKV3crrmn4ee6=fDnqwQ@mail.gmail.com> <382ba525100a4561b086fe8b8b6527be@ustx2ex-dag1mb3.msg.corp.akamai.com> <603D7553-D1A9-4DCC-9E74-199059C56A9F@sinodun.com> <CAOdDvNrW0qGn1V1s+fWhtn+LV-YiNEu66wp030_Jv-7EW2WhgA@mail.gmail.com> <64EB3BCA-64D2-47DB-8F0E-D323451F0025@bangj.com>
From: Patrick McManus <pmcmanus@mozilla.com>
Date: Wed, 23 May 2018 17:57:15 -0400
X-Gmail-Original-Message-ID: <CAOdDvNoT=dF9V+jT-Rg_3SPTCiE7uF7QCrA6eGbSN2kXYiRPqA@mail.gmail.com>
Message-ID: <CAOdDvNoT=dF9V+jT-Rg_3SPTCiE7uF7QCrA6eGbSN2kXYiRPqA@mail.gmail.com>
To: Tom Pusateri <pusateri@bangj.com>
Cc: Patrick McManus <pmcmanus@mozilla.com>, Sara Dickinson <sara@sinodun.com>, DoH WG <doh@ietf.org>, "Hewitt, Rory" <rhewitt=40akamai.com@dmarc.ietf.org>
Content-Type: multipart/alternative; boundary="00000000000038bbe9056ce69e40"
Archived-At: <https://mailarchive.ietf.org/arch/msg/doh/QVPnfF13WVO0-wsqJfZxUPgANw4>
Subject: Re: [Doh] WGLC #2
X-BeenThere: doh@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: DNS Over HTTPS <doh.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/doh>, <mailto:doh-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/doh/>
List-Post: <mailto:doh@ietf.org>
List-Help: <mailto:doh-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/doh>, <mailto:doh-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 23 May 2018 21:57:28 -0000

On Wed, May 23, 2018 at 5:53 PM, Tom Pusateri <pusateri@bangj.com> wrote:

>
>  -DNS API client MUST only use a DNS API server that is configured as
> trustworthy.
>
>
> How do you define trustworthy? This seems like it would vary for different
> clients and servers in different environments.
>


that paragraph says you do it through the configuration. That's not being
changed here.

The addition describes, briefly, that verification of the identity of the
trusted service is something HTTPS does.