On Sat, Aug 11, 2018 at 11:40:54AM -0400, John R Levine wrote: > On Sat, 11 Aug 2018, Benjamin Kaduk wrote: > >> Is there a reason that the security threats of DOH over TCP would be > >> any diferent from existing DNS over TCP? > > > > Well, HTTPS pulls in the TLS crypto and its potential increased resource > > consumption, but in general TLS tries to avoid DoS opportunites where a > > client can make the server do lots of work without having first provided > > some indication that the client is "real". > > Well, OK. The obvious next question is whether DoH is different from any > other https client request. Having not read the draft recently, "I don't think so". -Ben
