Re: [Doh] WG Review: DNS Over HTTPS (doh)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: Warren Kumari <warren@xxxxxxxxxx>, Tony Finch <dot@xxxxxxxx>
Subject: Re: [Doh] WG Review: DNS Over HTTPS (doh)
From: Eliot Lear <lear@xxxxxxxxx>
Date: Fri, 22 Sep 2017 19:23:27 +0200
Cc: Ted Hardie <ted.ietf@xxxxxxxxx>, doh@xxxxxxxx, IETF <ietf@xxxxxxxx>
In-reply-to: <CAHw9_i+0AKRQnnUkagB1XqoiiNVvcYu5psaHPrqzCetbudEu0w@mail.gmail.com>
References: <150549029332.2975.12341647131707994474.idtracker@ietfa.amsl.com> <20170920151458.GA22670@faui40p.informatik.uni-erlangen.de> <eaadc24d-6150-2396-64b6-708266de1c69@nostrum.com> <c06bfd5a-743a-aa9f-68b4-4a60badc8bed@cisco.com> <a34c98e2-7129-1d1a-947b-20cafa236119@nostrum.com> <5e9cb711-d798-c6b9-d6c3-c7619bcbadd7@cisco.com> <2E3B3E8E-7C8D-4662-B5C8-D11C390EE5ED@mnot.net> <CA+9kkMBD3qntDXGa3tWpcGRUWN4g4ivbMWMZrWRP-BBeJFOWVQ@mail.gmail.com> <alpine.DEB.2.11.1709221301470.2486@grey.csi.cam.ac.uk> <CAHw9_i+0AKRQnnUkagB1XqoiiNVvcYu5psaHPrqzCetbudEu0w@mail.gmail.com>
User-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:52.0) Gecko/20100101 Thunderbird/52.3.0

Hi Warren,

Just a point of information:

On 9/22/17 6:24 PM, Warren Kumari wrote:
> Unfortunately you cannot separate case 1 from case 2 -- if you make it
> something that enterprise folk can detect / block (on BYOD devices)
> then you have provided that facility to everyone.

Good guys generally have an existing security association with the
device (if a bad guy has a security association with the box, we call it
0wn3d).

Eliot

Attachment: signature.asc
Description: OpenPGP digital signature

Follow-Ups:
- Re: [Doh] WG Review: DNS Over HTTPS (doh)
  - From: Warren Kumari

References:
- Re: WG Review: DNS Over HTTPS (doh)
  - From: Toerless Eckert
- Re: WG Review: DNS Over HTTPS (doh)
  - From: Adam Roach
- Re: WG Review: DNS Over HTTPS (doh)
  - From: Eliot Lear
- Re: [Doh] WG Review: DNS Over HTTPS (doh)
  - From: Adam Roach
- Re: [Doh] WG Review: DNS Over HTTPS (doh)
  - From: Eliot Lear
- Re: [Doh] WG Review: DNS Over HTTPS (doh)
  - From: Mark Nottingham
- Re: [Doh] WG Review: DNS Over HTTPS (doh)
  - From: Ted Hardie
- Re: [Doh] WG Review: DNS Over HTTPS (doh)
  - From: Tony Finch
- Re: [Doh] WG Review: DNS Over HTTPS (doh)
  - From: Warren Kumari

Prev by Date: Re: RFC Series publishes first RFC with non-ASCII characters
Next by Date: Re: SECDIR review of draft-ietf-sfc-nsh-18
Previous by thread: Re: [Doh] WG Review: DNS Over HTTPS (doh)
Next by thread: Re: [Doh] WG Review: DNS Over HTTPS (doh)
Index(es):
- Date
- Thread

[Index of Archives] [IETF Annoucements] [IETF] [IP Storage] [Yosemite News] [Linux SCTP] [Linux Newbies] [Fedora Users]