IETF Logo Mail Archive

Re: [Resolverless-dns] 103 Unofficial Side-meeting Notes

Dave Lawrence <tale@dd.org> Wed, 07 November 2018 13:51 UTC

Return-Path: <tale@dd.org>
X-Original-To: resolverless-dns@ietfa.amsl.com
Delivered-To: resolverless-dns@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4612E1274D0 for <resolverless-dns@ietfa.amsl.com>; Wed, 7 Nov 2018 05:51:37 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id n8Z9z2pNTi_A for <resolverless-dns@ietfa.amsl.com>; Wed, 7 Nov 2018 05:51:36 -0800 (PST)
Received: from gro.dd.org (gro.dd.org [207.136.192.136]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DD88112F18C for <resolverless-dns@ietf.org>; Wed, 7 Nov 2018 05:51:35 -0800 (PST)
Received: by gro.dd.org (Postfix, from userid 102) id 0BF61323FA; Wed, 7 Nov 2018 08:51:34 -0500 (EST)
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Message-ID: <23522.60902.31643.819149@gro.dd.org>
Date: Wed, 07 Nov 2018 08:51:34 -0500
From: Dave Lawrence <tale@dd.org>
To: resolverless-dns@ietf.org
In-Reply-To: <CAHbrMsCqcivVNwz_sR6tenibttjcfFJ32_0-TRTvz7f+UvTZBA@mail.gmail.com>
References: <CAN-AkJvigoBO=CsPfiM8GGnbgxAZ8bbJ20R9UWRENyRTTAuJ4Q@mail.gmail.com> <CAHbrMsCqcivVNwz_sR6tenibttjcfFJ32_0-TRTvz7f+UvTZBA@mail.gmail.com>
Archived-At: <https://mailarchive.ietf.org/arch/msg/resolverless-dns/ZSFOxn1A47r1NFxS-Ob_1VI5wMk>
Subject: Re: [Resolverless-dns] 103 Unofficial Side-meeting Notes
X-BeenThere: resolverless-dns@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Resolverless DNS <resolverless-dns.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/resolverless-dns>, <mailto:resolverless-dns-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/resolverless-dns/>
List-Post: <mailto:resolverless-dns@ietf.org>
List-Help: <mailto:resolverless-dns-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/resolverless-dns>, <mailto:resolverless-dns-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 07 Nov 2018 13:51:37 -0000

Ben Schwartz writes:
> This still seems like the most promising option to me, particularly
> because it preserves the DNS defense against stolen key attacks.

It also keeps things well within our existing model of understanding
delegation of authority for Internet resources without relying on
third parties.  As a side benefit, maybe this is also another kick in
the pants for DNSSEC adoption.

> > Supercookies
> 
> Everybody should check out https://dnscookie.com/ for a demo of
> this.

ERR_CONNECTION_REFUSED

v2.23.0 | Report a Bug | By Email