[dns-operations] A dns-proxy for DNS over HTTP(s)

Mark Delany x2t at foxtrot.emu.st
Thu Aug 27 03:46:14 UTC 2015


On 26Aug15, Paul Vixie allegedly wrote:

> i am specifically not advocating DNS-over-HTTP as anything other
> than a DNS VPN meant to get clean DNS signal inside hotel rooms and
> coffee shops who tamper with UDP/53.

Gotcha. Our goals differ then.

My point is that DNS-over-TCP/HTTP is viable at Internet scale with
network latency characteristics similar to UDP with security
characteristics of TCP.

The cost is of course server state, but my earlier post is trying to
suggest that managing large amounts of TCP server state is tractable
for the traffic profile of a large auth server.


Mark.



More information about the dns-operations mailing list