This DNS over HTTP thing
Matt Palmer
mpalmer at hezmatt.org
Wed Oct 2 10:39:22 UTC 2019
On Wed, Oct 02, 2019 at 05:45:57AM -0400, Valdis Klētnieks wrote:
> On Wed, 02 Oct 2019 01:55:13 -0600, "Keith Medcalf" said:
> > It is a common fallacy that TLS connections are authenticated. The vast
> > majority of them are not authenticated in any meaningful fashion and all that
> > can be said about TLS is that it provides an encrypted connection between the
> > two communicating applications. This is perhaps why it is call *transport*
> > layer security ...
>
> Another major disconnect is that TLS validates the hostname that the browser
> decided to connect to, not the host you thought you were connecting to..
Sadly, the W3C is stonewalling on the WebMindReading API.
- Matt
More information about the NANOG
mailing list