[dns-operations] Call for Papers: NDSS Workshop on DNS Privacy 2018
Paul Vixie
paul at redbarn.org
Tue Oct 10 13:35:33 UTC 2017
风河 wrote:
> How would you handle the case of DNS hajacking and poisoning? even worse
> if it happens at national level.
hijacking/poisoning could mean nxdomain substitution, name insertion,
rrset amendment/replacement, or policy based response modification for
defense purposes. the first three fall under the dnssec umbrella, so the
ietf probably does not intend to re-litigate, re-analyze, or re-solve
those matters in dprive-wg.
the fourth (policy based response for defense purposes) is in-scope, as
far as i'm concerned, since two knobs ("is it opt-in?" and "does it pass
dnssec-signed responses through unmodified?") are both bulwarks of basic
internet privacy, and should be discussed in the dprive-wg context.
--
P Vixie
More information about the dns-operations
mailing list