> On 01/04/2019 07:19, Alexander Mayrhofer wrote: > > I have some experience in creating drafts for "funny" EDNS0-options > > (RFC7830), so I'd volunteer :-P > Actually, that maybe raises a point. If use of DoT to secure recursive to > authoritative traffic also requires padding (and I can't see why that's > different from the stub-recursive situation), then presumably deployment of > this EDNS0-option is needed in any case, so does that imply that a new > option for signalling would actually be just as practical, in deployment > terms?
[AM] Hmm.. It's April 1st, so why not abuse the EDNS0 padding payload to convey certificate fingerprints? Oh, well, we excluded the use of Padding for unencrypted transport.. hmm. ;) Best, Alex _______________________________________________ dns-privacy mailing list [email protected] https://www.ietf.org/mailman/listinfo/dns-privacy
