On Jan 9, 2020, at 10:22 AM, Vladimír Čunát <vladimir.cunat+i...@nic.cz> wrote: > I see a bigger problem that some of desired assertions are in principle > unverifiable, e.g. "no logging". Of course, we could (optionally) extend the > string by a signature, but I suspect that'd increase the length a lot without > sufficient gain in exchange.
The signature could be retrieved and validated separately from the stamp itself. For example, after getting the DNS stamp, retrieve a well-known DNS object (TXT, new RR, whatever) which is signed by the external entity. That would keep the signature short and keep the problem away from the signature. With that, DoH could obtain the signature from the TLS certificate itself, if we wanted, rather than by retrieving a (DNS) object -d _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
