On Wed, 23 Apr 2014, Nicholas Weaver wrote:
b: DO NOT USE PORT 53 for this: There are far far too many networks (1%+) that reinterpret DNS requests or just outright block all DNS to non-approved servers, and more still which block non-DNS over DNS.
Yes, I fully agree with this. It was a major objection for me to CurveDNS as well No, I fully disagree with this. Port 53 TCP has a much better chance at working these days than a random other newly assigned port. I'll go get a comfort coffee now..... Paul ps. leaning towards "custom crypto that fits in DNS formats" _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
