tirumal reddy <[email protected]> wrote: >> Except in some very niche digital signage and kiosk use, I don't think >> a MUD file would be appropriate for a general-purpose browser. >>
> I quoted Firefox as an example, the proposed mechanism of using SUDN to
> discover the ISP encrypted DNS resolver is generic and not specific to
> browsers.
> If the endpoint cannot discover the local encrypted DNS
> server (hosted on the CPE) using DHCP/RA, the endpoint will fallback to
> using SUDN to discover the one hosted by the ISP.
Yeah, but, we really don't want this.
Way better, in my opinion, for privacy,security (MUD), and device ownership
if the IoT device sticks with Do53 on the LAN, rather than encrypted DNS to the
ISP.
--
Michael Richardson <[email protected]> . o O ( IPv6 IøT consulting )
Sandelman Software Works Inc, Ottawa and Worldwide
signature.asc
Description: PGP signature
_______________________________________________ OPSAWG mailing list [email protected] https://www.ietf.org/mailman/listinfo/opsawg
