Right, that's the second trust model. It's incompatible with the first trust model. Did you see the message earlier to day where I described these trust models?
On Sun, Aug 19, 2018 at 4:04 PM, Paul Ebersman <list-dn...@dragon.net> wrote: > mellon> Think about DHCP providing an SMTP server address. Does that > mellon> make sense? > > That doesn't. But DHCP already hands out DNS servers. You are already > trusting the DHCP server to give you default gateway and DNS server (or > you are choosing not to use DHCP). > > Take the use case of coffee house or wireless hotspot. I think that it > would be an improvement of privacy to not allow anyone there to sniff > DNS packets because the owner of the network uses DOH for their > recursive resolver. I'm already trusting the network for default gateway > and most users would trust the DNS servers handed via DHCP. So no huge > new leap of trust and improved privacy. Seems like a win. > > Why not allow network operators that option via a new DHCP option? You > don't have to use it but it would be a good choice for some. > >
_______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
