On Mon, Mar 11, 2019 at 11:06 AM Paul Vixie <p...@redbarn.org> wrote:
> > DoH will moot that approach. > Any system that actually checks the credentials presented by the responding server will also moot that approach. Given how easy it is to pin credential characteristics in applications distributed as binaries, this seems to mean that your method will either continue to permit applications other than browsers to use their own resolution systems or it will hard fail all such applications it can identify. No pass through will work, as far as I can tell, in that scenario. Perhaps, though, I am missing something about your intent. Ted Hardie -- > P Vixie > >
_______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
