|
Mark, I'll stop after this message. Please see below: On 9/21/17 1:41 PM, Mark Nottingham
wrote:
On 21 Sep 2017, at 7:28 pm, Eliot Lear <lear@xxxxxxxxx> wrote:You still don't have a reasonable answer for discovery.Discovery isn't necessary for the primary use case -- user-driven configuration of their browser. Earlier you wrote: The use case that I believe most have in mind is "as a user, I want to configure my [browser, OS] to use *this* DOH service for DNS resolution" -- where that configuration is manual; e.g., a configuration textbox or dropdown in the browser, or a file in /etc.
Please get your story straight. Bypassing enterprise DNS entails
all the risks I previously mentioned. No one here as mentioned a
means to mitigate those risks. The only way I can think of is by
tying this function into the OS and using the existing discovery
mechanisms. But if all you've got as a browser, everything looks
like _javascript_, I suppose. Eliot |
Attachment:
signature.asc
Description: OpenPGP digital signature