This wording in RFC9250 was deliberate. It was discussed in details when
the RFC was written. The current text correctly reflects the result of
these discussions.
-- Christian Huitema
On 4/4/2024 6:38 PM, RFC Errata System wrote:
The following errata report has been submitted for RFC9250,
"DNS over Dedicated QUIC Connections".
--------------------------------------
You may review the report below and at:
https://www.rfc-editor.org/errata/eid7883
--------------------------------------
Type: Technical
Reported by: Lyra Naeseth <l...@omg.lol>
Section: 7.5
Original Text
-------------
Implementations SHOULD use the mechanisms defined in Section 5.4 to
mitigate this attack.
Corrected Text
--------------
Implementations MUST use the padding mechanisms defined in Section 5.4
to mitigate this attack.
Notes
-----
Section 5.4 states that "[i]mplementations MUST protect against the traffic analysis attacks described in Section
7.5", but Section 7.5 describes that obligation as a "SHOULD". "MUST" is correct, and the
inconsistent "SHOULD" in Section 7.5 is an error.
Instructions:
-------------
This erratum is currently posted as "Reported". (If it is spam, it
will be removed shortly by the RFC Production Center.) Please
use "Reply All" to discuss whether it should be verified or
rejected. When a decision is reached, the verifying party
will log in to change the status and edit the report, if necessary.
--------------------------------------
RFC9250 (draft-ietf-dprive-dnsoquic-12)
--------------------------------------
Title : DNS over Dedicated QUIC Connections
Publication Date : May 2022
Author(s) : C. Huitema, S. Dickinson, A. Mankin
Category : PROPOSED STANDARD
Source : DNS PRIVate Exchange
Stream : IETF
Verifying Party : IESG
_______________________________________________
dns-privacy mailing list
dns-privacy@ietf.org
https://www.ietf.org/mailman/listinfo/dns-privacy
