> On Nov 21, 2018, at 15:17, Christian Huitema <[email protected]> wrote: > > You make it sound like some aggressive attack, but it is a trade-off. > The IETF is working to enhance the privacy of DNS users, and the > authenticity of DNS responses. Doing so inevitably affects the > operations that relied on the lack of privacy or lack of security of DNS > operations.
The irony is that this work is operationally destabilizing to the Internet and Telecom. We’re moving to an environment where the strength of a resilient ASN recovering communications in a disaster will be tested over and over again. How will an ASN keep critical services on-line when they are disconnected from the “cloud,” disconnected from their upstream, and now “disconnected from the DNS resolution path? Exasperated customer calling after a hurricane, “ISP customer service, I need to get to emergency services, but my app will not work.” The ISP responds with “sorry, that app will not work in a situation where we’re struggling with emergency services.” The “trade off” to move the DNS architecture away from residents to privacy is going to get people killed. For those who think I’m being harsh, please go volunteer some time during a communications recovery operation. Go see what happens during/after a hurricane, flood, or one of the many other increasing chaotic environmental consequences. _______________________________________________ dns-privacy mailing list [email protected] https://www.ietf.org/mailman/listinfo/dns-privacy
