Or, you have malware trying to bypass DNS checks. Craig Finseth
> On Aug 19, 2018, at 11:43, Doug Barton <do...@dougbarton.us> wrote: > >> On 08/18/2018 06:08 PM, Ted Lemon wrote: >> The thing is that most devices don't connect to just one network. So while >> your devices on your network can certainly trust port 853 on your network, >> when they roam to other networks, they have no reason to trust it. If you >> have devices that never roam to other networks, that's fine, but we have to >> design for the more general case. There's no way with DHCP for the device >> to tell that it's connected to a particular network, other than matching IP >> addresses, which isn't a great idea. > > Ted, > > I'd like to turn your question back to you. What threat model are you > protecting the user from by not allowing a DHCP option to use a DOH or DOT > server? > > It seems to me that in the overwhelming majority of cases (near 100%) the > user is going to get their local resolver from the DHCP server, whether they > are on a trusted network (like work or home), or roaming at Eve's Coffee Shop. > > So either you have a sophisticated user who has preconfigured their own > resolver and ignores the DHCP setting, or you have the typical user who > doesn't understand how any of this stuff works, and therefore has implicit > "trust" regarding the local network and the settings from the DHCP server. > > Given that (and feel free to tell me if I've missed something), what harm can > come to the user if the resolver that they are already trusting can also be > accessed over DOH or DOT? > > Doug > > _______________________________________________ > DNSOP mailing list > DNSOP@ietf.org > https://www.ietf.org/mailman/listinfo/dnsop _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
