[dns-operations] DNS-over-TLS in public resolvers

Ralf Weber dns at fl1ger.de
Tue Mar 7 13:02:34 UTC 2017


On 6 Mar 2017, at 16:16, Paul Hoffman wrote:
> They were not "brushed aside": there was a second document that used 
> DTLS that is now RFC 8094. If you feel that it is superior for 
> large-scale use, it would be valuable to show evidence of that so that 
> implementors will know about it.
Isn't that still session based and thus requires more state then plain 
DNS over UDP? My concern, though not maybe voiced properly in my earlier 
email was on keeping state for users/clients, which is not easy for a 
couple of hundred thousands users, which is the current number of users 
served by one physical DNS recursive resolver easily.

So long

More information about the dns-operations mailing list