nanog mailing list archives
Re: This DNS over HTTP thing
From: "Jay R. Ashworth" <jra () baylink com>
Date: Tue, 1 Oct 2019 19:18:29 +0000 (UTC)
----- Original Message -----
From: "Stephane Bortzmeyer" <bortzmeyer () nic fr>
On Mon, Sep 30, 2019 at 11:56:33PM -0400, Brandon Martin <lists.nanog () monmotha net> wrote a message of 10 lines which said:It's use-application-dns.net. NXDOMAIN it, and Mozilla (at least) will go back to using your local DNS server list as per usual.Unless, I hope, the user explicitely overrides this. (Because this canary domain contradicts DoH's goals, by allowing the very party you don't trust to remotely disable security.)
Security? This is thought to be about security? Didn't we already *fix* DNS SECurity? No, I tend to buy the "Alphabet looking over your shoulder" argument a lot more than 'security', here, so far. Cheers, -- jra -- Jay R. Ashworth Baylink jra () baylink com Designer The Things I Think RFC 2100 Ashworth & Associates http://www.bcp38.info 2000 Land Rover DII St Petersburg FL USA BCP38: Ask For It By Name! +1 727 647 1274
Current thread:
- Re: This DNS over HTTP thing, (continued)
- Re: This DNS over HTTP thing Matt Corallo (Oct 01)
- Re: This DNS over HTTP thing Jay R. Ashworth (Oct 01)
- Re: This DNS over HTTP thing Jeroen Massar (Oct 01)
- Re: This DNS over HTTP thing Damian Menscher via NANOG (Oct 01)
- Re: This DNS over HTTP thing Jeroen Massar (Oct 01)
- Re: This DNS over HTTP thing Damian Menscher via NANOG (Oct 01)
- Re: This DNS over HTTP thing Niels Bakker (Oct 02)
- Re: This DNS over HTTP thing Tom Ivar Helbekkmo via NANOG (Oct 02)
- RE: This DNS over HTTP thing Keith Medcalf (Oct 02)
- Re: This DNS over HTTP thing Michael Thomas (Oct 01)
- Re: This DNS over HTTP thing David Conrad (Oct 01)
- RE: This DNS over HTTP thing Keith Medcalf (Oct 02)
- Re: This DNS over HTTP thing Valdis Klētnieks (Oct 02)
- Re: This DNS over HTTP thing Matt Palmer (Oct 02)
- Re: This DNS over HTTP thing Jan Philippi (Oct 02)