On Tue, Jan 7, 2020 at 8:28 PM Rob Sayre <sayrer@xxxxxxxxx> wrote:
On Tue, Jan 7, 2020 at 8:15 PM Martin Thomson <mt@xxxxxxxxxxxxxx> wrote:But it is true that HTTP has grown a number (many) of similar features. You could - as this document strong implies - suggest that multitude of options makes it a risky proposition to use HTTP because of the surprising ways in which linkability manifests. Or, you could recognize that you need a framework from within which to simplify the analysis.Huh, is there actually a privacy bug in the DoH spec wrt privacy here?Couldn't servers give out unique URI templates?
DoH doesn't specify how the clients get the templates. At least for a Firefox-style TRR program, what you describe can't happen because there is a single fixed template.
-Ekr
_______________________________________________thanks,Rob
dns-privacy mailing list
dns-privacy@xxxxxxxx
https://www.ietf.org/mailman/listinfo/dns-privacy
-- last-call mailing list last-call@xxxxxxxx https://www.ietf.org/mailman/listinfo/last-call
