[dns-operations] Call for Papers: NDSS Workshop on DNS Privacy 2018
paul at redbarn.org
Tue Oct 10 13:35:33 UTC 2017
> How would you handle the case of DNS hajacking and poisoning? even worse
> if it happens at national level.
hijacking/poisoning could mean nxdomain substitution, name insertion,
rrset amendment/replacement, or policy based response modification for
defense purposes. the first three fall under the dnssec umbrella, so the
ietf probably does not intend to re-litigate, re-analyze, or re-solve
those matters in dprive-wg.
the fourth (policy based response for defense purposes) is in-scope, as
far as i'm concerned, since two knobs ("is it opt-in?" and "does it pass
dnssec-signed responses through unmodified?") are both bulwarks of basic
internet privacy, and should be discussed in the dprive-wg context.
More information about the dns-operations