We have no privacy expectations from DNS. We may have privacy expectations from DoH.
On Mon, Aug 20, 2018 at 10:36 PM, Paul Ebersman <ebersman@fafnir.local> wrote: > mellon> The rest of what you said is nice, but "we have to balance > mellon> theoretical risk versus sane and widespread deployment" is a > mellon> statement that sounds a lot better if we do the math. > > How is getting my DNS server that uses DOH worse than trusting the same > DHCP server to give DNS servers that use UDP? > > I'm still waiting for a decent answer on that. > > If it isn't worse, we're back to "why shouldn't this be done via DHCP"? > > I agree that a more secure DHCP would be better. But if we're not going > to be improving DHCP and most of the world still uses it, then it boils > down to that question "why is DOH via DHCP worse than just DNS via > DHCP"? >
_______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
