> -----Original Message----- > From: Paul Vixie [mailto:p...@redbarn.org] > Sent: Thursday, April 24, 2014 12:11 AM > To: Dan Wing > Cc: dnsop@ietf.org; dns-priv...@ietf.org; Prashanth Patil (praspati); > Tirumaleswar Reddy (tireddy) > Subject: Re: [DNSOP] DNS over DTLS (DNSoD) > > for reasons well-spoken up-thread, if we're going to add a dns transport, i'd > like > it to be RFC 6013 style TCP (in which session context can be compressed and > retained after FIN for full-window-size restart, and which permits the query > to > be bundled into the SYN packet), or at a minimum, SCTP.
SCTP has problems with Firewall and NAT traversal, hence WebRTC is using SCTP over DTLS over DNS (http://tools.ietf.org/html/draft-ietf-rtcweb-data-channel-08). DNSoD does not require server-side DTLS state, this is achieved by the server sending ticket to the DTLS client using the mechanism explained in RFC 5077. -Tiru > > DTLS does not solve any of the problems described at > <https://queue.acm.org/detail.cfm?id=2578510>. > > vixie _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
