This DNS over HTTP thing

• Previous message (by thread): This DNS over HTTP thing
• Next message (by thread): This DNS over HTTP thing
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

----- Original Message -----
> From: "Stephane Bortzmeyer" <bortzmeyer at nic.fr>

> On Mon, Sep 30, 2019 at 11:56:33PM -0400,
> Brandon Martin <lists.nanog at monmotha.net> wrote
> a message of 10 lines which said:
> 
>> It's use-application-dns.net.  NXDOMAIN it, and Mozilla (at least)
>> will go back to using your local DNS server list as per usual.
> 
> Unless, I hope, the user explicitely overrides this. (Because this
> canary domain contradicts DoH's goals, by allowing the very party you
> don't trust to remotely disable security.)

Security?

This is thought to be about security?

Didn't we already *fix* DNS SECurity?

No, I tend to buy the "Alphabet looking over your shoulder" argument
a lot more than 'security', here, so far.

Cheers,
-- jra
-- 
Jay R. Ashworth                  Baylink                       jra at baylink.com
Designer                     The Things I Think                       RFC 2100
Ashworth & Associates       http://www.bcp38.info          2000 Land Rover DII
St Petersburg FL USA      BCP38: Ask For It By Name!           +1 727 647 1274

• Previous message (by thread): This DNS over HTTP thing
• Next message (by thread): This DNS over HTTP thing
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]