Re: [DNSOP] [Ext] Breaking the logjam that is draft-ietf-dnsop-svcb-https

Moving the ECH/ESNI bits from draft-ietf-dnsop-svcb-https to draft-ietf-tls-esni seems to be the simplest option by far here. I strongly support that. David On Thu, Feb 23, 2023 at 10:38 AM Paul Hoffman wrote: > On Feb 23, 2023, at 10:14 AM, Benjamin Schwartz wrote: > > > > I'm OK with this, al

Re: [DNSOP] DNS Grease?

I think this draft is a great idea and I'd love to see it progress. GREASE did well in TLS and worked wonders in QUIC - it helped us catch multiple real production issues early on. That said, I do worry about the idea of using random unallocated values. Not all software gets updated, and no softwa

Re: [DNSOP] DNS Grease?

t; potentially avoid using it as grease, or to log something to the effect of > "FOO is now in the wild, maybe you need to update this resolver's > software?". > > This would allow for random grease rather than reserved grease, I think, > and would be more appropriate fo

Re: [DNSOP] DNS Grease?

the fact that it only takes work from one popular implementation to create herd immunity, even if all other implementers are lazy. I don't think it would have been viable otherwise. David On Wed, Apr 24, 2024 at 2:59 PM Brian Dickson wrote: > > > On Wed, Apr 24, 2024 at 2:28 PM

Re: [DNSOP] DNS HTTPS/SVCB record type support in iOS 14

Hi Tommy, Thanks for the announcement! It's really exciting to see this deployed in the wild. Clarification question: your email mentioned support for the HTTPS DNS query, but it didn't mention when iOS makes those queries. For example, do you query this record every single time you perform A/

Re: [DNSOP] [dnssd] Adoption call for draft-sekar-dns-ul-03 into DNSSD

[ DNSOP to BCC to limit cross-posting ] Speaking as an individual contributor, I have read the draft and support adoption in DNSSD. David On Wed, Aug 18, 2021 at 9:31 AM Chris Box wrote: > WG members, > > This email starts a call to adopt > https://datatracker.ietf.org/doc/html/draft-sekar-dns

Re: [DNSOP] [dnssd] Working Group Last Call - draft-ietf-dnsop-session-signal

Hi, (chair hat off) I've reviewed draft-ietf-dnsop-session-signal-04 and -05 and think -05 is ready to move forward. Draft -05 addresses the points I raised on -04 and in my opinion makes the document clearer. Thanks, David Schinazi > On Feb 1, 2018, at 11:14, tjw ietf wrote: >

Re: [DNSOP] [v6ops] [IANA #989438] ipv4only.arpa's delegation should be insecure.

Hi everyone, Stuart and I have a draft that attempts to address these issues, please let us know if you think it does or doesn't. https://tools.ietf.org/html/draft-cheshire-sudn-ipv4only-dot-arpa <https://tools.ietf.org/html/draft-cheshire-sudn-ipv4only-dot-arpa> Thanks, David Schi

Re: [DNSOP] [v6ops] [IANA #989438] ipv4only.arpa's delegation should be insecure.

Hi, responses inline. > On Tue, Jun 12, 2018 at 11:16 PM Mark Andrews > wrote: > > This does not meet my requirements. There is zero need for any part of the > normal DNS resolution > process to know the IPV4ONLY.ARPA is special if IANA stopped signing the zone. Could you

[DNSOP] Re: New draft regarding RFC7050

Hi, I read through this draft. It seems reasonable to me, thanks for writing it. I support this work moving forward. David On Mon, Sep 9, 2024 at 3:53 PM Nick Buraglio wrote: > dnsop folks, > > Based on some conversations and discussions at the end of the second > session at 120, several of us