On Sun, Sep 29, 2024 at 7:34 PM Paul Wouters wrote:
> Hi,
>
> I have done my AD review of draft-ietf-tls-svcb-ech. Some history was well
> summarized by the Document
> Shepherd:
>
> Please note that the text in this I-D was initially developed in the DNSOP WG,
> went through IETF LC, and IESG rev
I've written up adjusted references based on Paul's recommendations [1]. (I
haven't deleted the reference to RFC 1034, as I believe it remains the
authoritative RFC on what DNS is all about.)
Regarding Section 3.1 of SVCB (RFC 9460) [2], we imagine the client uses DoT to
issue and SVCB qu
We could add a recommendation like "Clients using ECH SHOULD select a DNS
resolver that they trust to preserve the confidentiality of their queries and
return authentic answers, and communicate using an authenticated and
confidential transport", but this draft seems like an odd place for that te
Dear colleagues,
This message starts a Call for Adoption for "Greasing Protocol Extension Points
in the DNS" (see https://datatracker.ietf.org/doc/draft-huque-dnsop-grease/)
Meeting materials from discussion of this draft in our first meeting at IETF
119 (19 March 2024) are linked at
https://d
>An attacker who can prevent SVCB resolution can deny clients any
>associated security benefits. A hostile recursive resolver can
>always deny service to SVCB queries, but network intermediaries can
>often prevent resolution as well, even when the client and
>recursive resolver
Dear WG,
Call for Agenda Items – IETF 121, Dublin, Ireland
DNSOP has requested two sessions for IETF 121: one 1.5-hour session and
one 1-hour session. We anticipate having plenty of time to cover the
various drafts and topics. The schedule will be confirmed once the
preliminary IETF 121 age
Hiya,
On 9/30/24 19:47, Ben Schwartz wrote:
I support adoption. This is fine scaffolding on which to get
started.
I do think we're going to need some careful writing about which
greases can be applied in queries and responses, by stubs,
resolvers, auth servers, etc. We may also want to reser
> On 1 Oct 2024, at 04:36, Philip Homburg wrote:
>
>> This message starts a Call for Adoption for "Greasing Protocol
>> Extension Points in the DNS" (see
>> [1]https://datatracker.ietf.org/doc/draft-huque-dnsop-grease/)
>
> There is quite a bit I find confusing in this draft.
>
> For e
I would welcome adoption of this draft.
I think Grease should be a more widely applied concept. I don't personally
like how some fields are now marked ring-fenced as "always zero" and while
I have to be realistic we can't reverse course on this I think all
bitfields which are multivalued with rese
>This message starts a Call for Adoption for "Greasing Protocol
>Extension Points in the DNS" (see
>[1]https://datatracker.ietf.org/doc/draft-huque-dnsop-grease/)
There is quite a bit I find confusing in this draft.
For example, Table 1 shows that are 16 opcodes. But if I send a requ
I don't see any reason why an enterprise, family, or personal filter would
filter SVCB responses based on the "ech" SvcParam described in this draft. The
SNI data concealed by ECH is just the SVCB and QNAME. Any DNS-modifying
entity that could implement RDATA-based response policies could
> We could add a recommendation like "Clients using ECH SHOULD select a DNS
resolver that they trust to preserve the confidentiality of their queries
and return authentic answers, and communicate using an authenticated and
confidential transport", but this draft seems like an odd place for that
tex
I support adoption. This is fine scaffolding on which to get started.
I do think we're going to need some careful writing about which greases can be
applied in queries and responses, by stubs, resolvers, auth servers, etc. We
may also want to reserve a subdomain of .arpa for injecting entire g
> I do not, however, think that we should have a SHOULD for using DNSSEC
as it would be more in the nature of a RFC 6919 "MUST (BUT WE KNOW YOU
WON'T)".
I agree
On Mon, Sep 30, 2024 at 6:43 AM Eric Rescorla wrote:
>
>
>
> On Sun, Sep 29, 2024 at 7:34 PM Paul Wouters 40aiven...@dmarc.ietf.org>
I support WG adoption of this draft. After adoption, we can start filling in
some of the holes, but the idea that is covered and the structure of the draft
seem fine.
--Paul Hoffman
___
DNSOP mailing list -- dnsop@ietf.org
To unsubscribe send an email
OK, done: https://github.com/tlswg/draft-ietf-tls-svcb-ech/pull/16
From: Salz, Rich
Sent: Monday, September 30, 2024 1:29 PM
To: Ben Schwartz ; Eric Rescorla ; Paul Wouters
Cc: draft-ietf-tls-svcb-ech.auth...@ietf.org
; ;
dnsop@ietf.org WG
Subject: Re: [TLS]
Suzanne Woolf writes:
> This message starts a Call for Adoption for "Greasing Protocol
> Extension Points in the DNS" (see
> https://datatracker.ietf.org/doc/draft-huque-dnsop-grease/)
Please adopt the draft as a wg doc.
___
DNSOP mailing list -- dnsop
17 matches
Mail list logo
