On Thu, 2020-12-10 at 15:48 -0800, Brian Dickson wrote:
> >
> > Compared to DiS, registrar complexity is identical (because the
> > complexity is also hidden in the signer here); signer complexity is
> > potentially lower. The only real complexity change vs. DiS is in the
> > auths, that now need
"John Levine" writes:
> They think DoH is swell, but not when it bypasses security controls
> and leaks info to random outside people
At least 15% of network operators seem to agree.
https://www.isi.edu/~hardaker/news/20191120-canary-domain-measuring.html
--
Wes Hardaker
USC/ISI
On Thu, Jan 21, 2021 at 03:36:41PM -0800, Wes Hardaker wrote:
> "John Levine" writes:
>
> > They think DoH is swell, but not when it bypasses security controls
> > and leaks info to random outside people
>
> At least 15% of network operators seem to agree.
>
> https://www.isi.edu/~hardaker/news
> On Jan 21, 2021, at 8:59 PM, Paul Vixie wrote:
>
> On Thu, Jan 21, 2021 at 03:36:41PM -0800, Wes Hardaker wrote:
>> "John Levine" writes:
>>
>>> They think DoH is swell, but not when it bypasses security controls
>>> and leaks info to random outside people
>>
>> At least 15% of network op
On Thu, Jan 21, 2021 at 3:45 AM Peter van Dijk
wrote:
> On Thu, 2020-12-10 at 15:48 -0800, Brian Dickson wrote:
> > >
> > > Compared to DiS, registrar complexity is identical (because the
> > > complexity is also hidden in the signer here); signer complexity is
> > > potentially lower. The only r
On Thu, Jan 21, 2021 at 09:10:25PM -0500, Tom Pusateri wrote:
>
> > On Jan 21, 2021, at 8:59 PM, Paul Vixie wrote:
> >
> > (new behaviour should require new signalling. let networks who want to
> > permit DNS bypass either by "use 8.8.8.8" or "use DoH" or otherwise,
> > signal this by adding a n
