IETF Logo Mail Archive

Re: [Mud] changes to draft-richardson-opsawg-mud-iot-dns-considerations-03.txt

tirumal reddy <kondtir@gmail.com> Mon, 28 September 2020 06:52 UTC

Return-Path: <kondtir@gmail.com>
X-Original-To: mud@ietfa.amsl.com
Delivered-To: mud@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 158AD3A0E99; Sun, 27 Sep 2020 23:52:51 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id R-Ymnhv_C5da; Sun, 27 Sep 2020 23:52:49 -0700 (PDT)
Received: from mail-io1-xd30.google.com (mail-io1-xd30.google.com [IPv6:2607:f8b0:4864:20::d30]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B44C73A0E83; Sun, 27 Sep 2020 23:52:49 -0700 (PDT)
Received: by mail-io1-xd30.google.com with SMTP id g7so3681iov.13; Sun, 27 Sep 2020 23:52:49 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=7wkEecOGBIx4MSTEg9IkfFASiIs9k/DtAoN1xO+4vUc=; b=WDjlKM4c9kA5heBq6TaSkZP5QV4sz+FvKvcp/6H2Kjt/5ocecbgIjpqtj98xgxYzp8 2r4Wzyk+Ch/GcDYHfW57Z5S03DzM9U0LtLXMwnyyZ2I5jEExEGL2KC8XTq0dY0JlU5tv dqYmKdQvVIfQGOud6bqlbgc1f6TJ6evjI7/trY4QTHcPaKlKfaoM9S+/c0yo7YLxuS8i 0/CHWLIsUj6x5vXYjMFxLrM8HtjxvTKif71J4gIoYkspUDsHn/wMpwlppTo6atH/B+Gv quGaqmeh8iTlgoQdsgP/e2c9g353uFkd0aXM/TMK3KRCMc4sifncxzUo+ixosXakvNHe 9t8g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=7wkEecOGBIx4MSTEg9IkfFASiIs9k/DtAoN1xO+4vUc=; b=TfQZDN0aMAJG27jte+Dzh4T1L9lOi7tODJYn2mZ9C6F9PVkJfV3pSfevx6iq9zOhsA itKQ3skaTw/55J8YyXEKFaf0BdK27NBtG4L0ZVkKnrMh4NtyRGm79iK1BtxNEscDpIrM NGz5jX51NoNZqRciq7dqZLkTDPc0LqQ5frrOnzfkxnwIOKK44spiuhu0tVJlvzvPz24K lYtcfP+Nh7KffbhSA3RB7VKytCNFhKG93ovsh2Pf5gdgeHeRUNWU60OYoLiTnCH1XEyT DrnbOzL2N73IPp/EBvDVs+gPTnmWn0Vk1AkpH7TJjtKPuZsRBQI/um3wJzo8eu4Fr7m8 fp0w==
X-Gm-Message-State: AOAM533L/IyPKOXauwLt4CpcnDHF+fQjY9tNxsneE1MnpJjRV47zVeVj EOpJloUxvVZFzhieCsyUzjrQ7nN8GfZI4XdaoNU=
X-Google-Smtp-Source: ABdhPJxBELWQeOtydOBuuaaAg4eKW7V/JsZsV8VgWQzoFpjf70ZRRcrBjqF96nYz7DL7XRfh45Ux6PBfrUwYgIzu39I=
X-Received: by 2002:a02:b199:: with SMTP id t25mr61127jah.124.1601275968884; Sun, 27 Sep 2020 23:52:48 -0700 (PDT)
MIME-Version: 1.0
References: <160082461431.2339.6222888407127336620@ietfa.amsl.com> <15779.1600960819@localhost> <BCB5CBD9-78C0-471A-8C32-88E4FD406136@cisco.com> <CAFpG3gdMxw2QGUFhWQELYT8oaMgVuvc5_hQf_Pfk3T3vwc2rmA@mail.gmail.com> <15491.1601055706@localhost> <CAFpG3gc-PoAdvCB5p201-uZrMsdi4Cr1hR_YM-z2bgD9tvZVUw@mail.gmail.com> <01E82C2E-1F3E-49AD-B900-45B3F834A127@cisco.com>
In-Reply-To: <01E82C2E-1F3E-49AD-B900-45B3F834A127@cisco.com>
From: tirumal reddy <kondtir@gmail.com>
Date: Mon, 28 Sep 2020 12:22:37 +0530
Message-ID: <CAFpG3gduUBhNDQOO3mR1_cmyuw5Lo26bYP_mgutKwUVeN1TMug@mail.gmail.com>
To: Eliot Lear <lear@cisco.com>
Cc: Michael Richardson <mcr+ietf@sandelman.ca>, opsawg <opsawg@ietf.org>, mud@ietf.org
Content-Type: multipart/alternative; boundary="00000000000050187605b05a1d30"
Archived-At: <https://mailarchive.ietf.org/arch/msg/mud/QDcXwHbEZ_7W4AfpTZJ_kH22lyY>
Subject: Re: [Mud] changes to draft-richardson-opsawg-mud-iot-dns-considerations-03.txt
X-BeenThere: mud@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Discussion of Manufacturer Ussage Descriptions <mud.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mud>, <mailto:mud-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/mud/>
List-Post: <mailto:mud@ietf.org>
List-Help: <mailto:mud-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mud>, <mailto:mud-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 28 Sep 2020 06:52:51 -0000

On Sat, 26 Sep 2020 at 14:39, Eliot Lear <lear@cisco.com> wrote:

> Hi Tiru
>
> On 26 Sep 2020, at 09:39, tirumal reddy <kondtir@gmail.com> wrote:
>
> In the home network use case, if the CPE does not support an encrypted DNS
> forwarder, endpoint will discover and use the ISP encrypted DNS recursive
> server. The CPE will no longer be able to enforce MUD rules. For instance,
> Firefox can discover and use Comcast Encrypted DNS recursive server, see
> https://tools.ietf.org/id/draft-rescorla-doh-cdisco-00.html.
>
>
>
> Not necessarily.  That is a matter of signaling between the CPE and the
> ISP.
>

No, the special use domain name (SUDN) does not require any update to the
CPE. The signaling from the endpoint is resolved by the ISP DNS recursive
server and, it is not between the CPE and the ISP.

-Tiru

>
> Eliot
>

v2.23.0 | Report a Bug | By Email