[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

This DNS over HTTP thing

Subject: This DNS over HTTP thing
From: jra at baylink.com (Jay R. Ashworth)
Date: Tue, 1 Oct 2019 19:18:29 +0000 (UTC)
In-reply-to: <[email protected]>
References: <[email protected]> <[email protected]> <[email protected]>

----- Original Message -----
> From: "Stephane Bortzmeyer" <bortzmeyer at nic.fr>

> On Mon, Sep 30, 2019 at 11:56:33PM -0400,
> Brandon Martin <lists.nanog at monmotha.net> wrote
> a message of 10 lines which said:
> 
>> It's use-application-dns.net.  NXDOMAIN it, and Mozilla (at least)
>> will go back to using your local DNS server list as per usual.
> 
> Unless, I hope, the user explicitely overrides this. (Because this
> canary domain contradicts DoH's goals, by allowing the very party you
> don't trust to remotely disable security.)

Security?

This is thought to be about security?

Didn't we already *fix* DNS SECurity?

No, I tend to buy the "Alphabet looking over your shoulder" argument
a lot more than 'security', here, so far.

Cheers,
-- jra
-- 
Jay R. Ashworth                  Baylink                       jra at baylink.com
Designer                     The Things I Think                       RFC 2100
Ashworth & Associates       http://www.bcp38.info          2000 Land Rover DII
St Petersburg FL USA      BCP38: Ask For It By Name!           +1 727 647 1274

Follow-Ups:
- This DNS over HTTP thing
  - From: mike at mtcc.com (Michael Thomas)
- This DNS over HTTP thing
  - From: drc at virtualized.org (David Conrad)

References:
- This DNS over HTTP thing
  - From: jra at baylink.com (Jay R. Ashworth)
- This DNS over HTTP thing
  - From: lists.nanog at monmotha.net (Brandon Martin)
- This DNS over HTTP thing
  - From: bortzmeyer at nic.fr (Stephane Bortzmeyer)

Prev by Date: This DNS over HTTP thing
Next by Date: Clueful netops/sysops persons at Canon
Previous by thread: This DNS over HTTP thing
Next by thread: This DNS over HTTP thing
Index(es):
- Date
- Thread