On Tue, Oct 13, 2020 at 5:12 PM Salz, Rich <rsalz=40akamai.com@xxxxxxxxxxxxxx> wrote:
Historically, the people who put in the work "win" (bad word).
Historically, the people who have the right connections win.
I proposed encrypting the client-resolver connection in DNS on multiple occasions for four years before the DPRIV BOF. Each time I was told, 'not interested, there is no need'.
Then suddenly people decided there was a need. A need so urgent that there had to be a solution in 12 months. So PHB's proposal which was designed to directly layer on UDP using a direct key exchange would take too long to complete. The solution (obviously) was to run the DNS protocol over TLS using the new TCP fast start to overcome the resulting latency issues. And of course this proposal was very popular with people who had worked on fast start because that would bring them rapid deployment because everyone wants DNS privacy.
Only they didn't. And now six years after the Honolulu BOF, I still can't actually use DPRIV to secure any of my systems because none of the platform or browsers providers support it or plan to do so.
And I am not the only person who keeps having this sort of thing happen. I am just the person who makes a point of continually reminding people of the failure in the hope the process might be different next time round. No it won't be. In fact it's happening again right now.
People here were mighty upset when we started W3C and then the W3C folk got upset when some of us turned OASIS into what it is now. I don't like the business model of those organizations but they did get the work done.
