On Sun, Oct 6, 2024 at 9:09 AM Paul Wouters <paul.wout...@aiven.io> wrote:
> [kind of off-topic here, and also speaking as just an individual] > > On Fri, Oct 4, 2024 at 3:28 PM Erik Nygren <erik+i...@nygren.org> wrote: > >> >> On Fri, Oct 4, 2024 at 3:20 PM Stephen Farrell <stephen.farr...@cs.tcd.ie> >> wrote: >> >>> >>> On 10/4/24 19:30, Paul Wouters wrote: >>> > Which makes me wonder if it makes sense to advise long TTLs on these >>> > records so that they move along on your phone/laptop even if you enter >>> > these kind of networks. >>> >>> There's a tension between that and getting better forward-secrecy >>> by rotating ECH keys regularly. I don't think we're yet at a point >>> where we'd have something that useful to recommend in terms of >>> resolving that tension. (And that's ignoring the tension between >>> wanting, and disliking, ECH;-) >>> >> >> This is explicitly prohibited rfc9460 as it would provide linkability. >> See rfc9460 section 12: "Clients MUST ensure that their DNS cache is >> partitioned for each local network, or flushed on network changes, to >> prevent a local adversary in one network from implanting a forged DNS >> record that allows them to track users or hinder their connections after >> they leave that network." >> > > Not if the ECH record is DNSSEC signed. > Except that no browser client does DNSSEC validation and there is no realistic prospect of that changing. -Ekr
_______________________________________________ DNSOP mailing list -- dnsop@ietf.org To unsubscribe send an email to dnsop-le...@ietf.org
