On Tue, 24 Mar 2015, Jan Včelák wrote:
The contents of zones quickly becomes visible, what with passive DNS,
DITL, people who connect in place X, and then reopen their laptop in
place Y, etc.
I know and I completely agree.
On the other hand, there are efforts (DPRIVE) to make this data
collection more difficult.
Not quite. DPRIVE is about anonymity of the querier, not anonymity of
the zone data. As per Charter:
The primary focus of this Working Group is to develop mechanisms that
provide confidentiality between DNS Clients and Iterative Resolvers,
but it may also later consider mechanisms that provide confidentiality
between Iterative Resolvers and Authoritative Servers, or provide
end-to-end confidentiality of DNS transactions.
Paul
_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop
