Thanks. This addresses my comment. Joe
From: mohamed.boucadair@xxxxxxxxxx <mohamed.boucadair@xxxxxxxxxx> Re-, I’m not that comfortable with adding a reco for clients, but let’s try the following: If a client learns both encrypted and unencrypted DNS resolvers from the same network, and absent explicit configuration otherwise, it is RECOMMENDED that the client uses the encrypted DNS resolvers for that network. Cheers, Med De : Joe Clarke (jclarke) <jclarke@xxxxxxxxx>
Hey, Med. See below.
[JC] I get how this can be left up to the server and/or client. Still, with an operator hat on, it might be nice to see a RECOMMENDED blurb that when presented with both encrypted and unencrypted DNS options, a client SHOULD choose the encrypted DNS.
[JC] It was this that prompted me to suggest the strong text. But I’m okay with not having it in both places.
Joe _________________________________________________________________________________________________________________________
Ce message et ses pieces jointes peuvent contenir des informations confidentielles ou privilegiees et ne doivent donc
pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce message par erreur, veuillez le signaler
a l'expediteur et le detruire ainsi que les pieces jointes. Les messages electroniques etant susceptibles d'alteration,
Orange decline toute responsabilite si ce message a ete altere, deforme ou falsifie. Merci.
This message and its attachments may contain confidential or privileged information that may be protected by law;
they should not be distributed, used or copied without authorisation.
If you have received this email in error, please notify the sender and delete this message and its attachments.
As emails may be altered, Orange is not liable for messages that have been modified, changed or falsified.
Thank you.
|
-- last-call mailing list last-call@xxxxxxxx https://www.ietf.org/mailman/listinfo/last-call