Hi Paul, > On 11 Mar 2019, at 19:12, Paul Vixie <p...@redbarn.org> wrote: > > > > nalini elkins wrote on 2019-03-11 10:26: >> Tiru, >> Thanks for your comments. >> > Enterprise networks are already able to block DoH services, > i wonder if everyone here knows that TLS 1.3 and encrypted headers is going > to push a SOCKS agenda onto enterprises that had not previously needed one, > and that simply blocking every external endpoint known or tested to support > DoH will be the cheaper alternative, even if that makes millions of other > endpoints at google, cloudflare, cisco, and ibm unreachable as a side effect?
That or it will require a bit more management at the MDM level. I’m hoping the latter. And I hope that one output of all of these documents will be a recommendation regarding MDM interfaces. Eliot
signature.asc
Description: Message signed with OpenPGP
_______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
