Mr Carpenter and Mr Bryant, Firstly, Mr. Carpenter, having obtained the video, I was most pleased to re-listen to your informative history of how the IETF had failed a bit, but also engaged in the security problem. Of course, you quoted and summarised relevant IAB and IEFT work and publications. As for Mr. Bryant, he is free to opine as he wishes. I fail to see how asking for a video reference has anything to do with his assertions about encouraging or discouraging different persons on "security matters". I asked a polite, well referenced question for public information. Mr. Bryant has no idea what I think about security matters as I am using a pseudonym. I did participate in DPRIVE, a most important topic area. I remain somewhat unhappy about the DNS over HTTPS solution, as that impacts network administrators ability to secure their networks with products like RPZ, or they block port 443, which is a non-starter. Nonetheless, I can see validity in the DNS over HTTPS approach for some clients, particularly in adversarial networks. So, Mr. Byrant, if you'd like to engage in a discussion, here is my offer. What is your analysis of the DNS over HTTPS solution? I conclude by acknowledging Mr. Carpenter's wisdom in encouraging constructive dialogue. Regards, YesXorNo Sent with ProtonMail secure email. ------- Original Message ------- On Friday, April 8th, 2022 at 8:43 PM, Brian E Carpenter <brian.e.carpenter@xxxxxxxxx> wrote: > On 09-Apr-22 08:08, Stewart Bryant wrote: > > > > On 7 Apr 2022, at 17:16, yesxorno <yesxorno=40protonmail.ch@xxxxxxxxxxxxxx mailto:yesxorno=40protonmail.ch@xxxxxxxxxxxxxx> wrote: > > > > > > Others have asked who I am. This is not terribly relevant, > > > > Hm. As the world stands at the moment there are those that I, and I am sure many others, would actively help on network security matters and those that most would think should be actively obstructed. > > > Outside the IETF context, I agree. But I think the IETF process needs to be strictly neutral, which it seems to me is the position established by RFC7258 anyway (plus RFC1984 and RFC2804). That neutrality doesn't constrain any individual's actions. > > Brian
