tirumal reddy <[email protected]> wrote: > +1. The problem is not just with public resolvers but also with > designated resolvers. The IoT device supporting MUD must use the > encrypted DNS server discovered in the attached network.
Yes-ish. I don't think that we have to mandate use of encrypted DNS servers, as long as it's the ones on the attached network. My take is that it is better to use Do53 across the local LAN than public DoH server. If the IoT device can be convinced to use the local DoT server, great. But, your documents in ADD are clearly trying to get there, but we aren't there yet. I've been looking for a YANG module that would allow for explicit management of "/etc/resolv.conf" on a device. If there is one, I don't know where it would be. -- Michael Richardson <[email protected]> . o O ( IPv6 IøT consulting ) Sandelman Software Works Inc, Ottawa and Worldwide
signature.asc
Description: PGP signature
_______________________________________________ OPSAWG mailing list [email protected] https://www.ietf.org/mailman/listinfo/opsawg
