[getdns-api] STARTTLS in GetDNS
jad at sinodun.com
Tue Jul 1 06:48:33 MST 2014
We chatted about this briefly at ICANN and you asked me to remind you with an email.
draft-hzhwm-start-tls-for-dns-00 defines a starttls encryption method for DNS. I consider it to be hop by hop opportunistic encryption. According to my brief reading of draft-hoffman-uta-opportunistic-tls-00 opportunistic means "An application supports opportunistic encryption using TLS if the application attempts to perform TLS negotiation without the user who is running the application knowing whether or not TLS is in use.”
So if I were to add STARTTLS to GetDNS should it be done in the context or in an extension?
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 841 bytes
Desc: Message signed with OpenPGP using GPGMail
More information about the getdns-api