On Sun, Oct 6, 2024 at 9:09 AM Paul Wouters <[email protected]> wrote:
> [kind of off-topic here, and also speaking as just an individual] > > On Fri, Oct 4, 2024 at 3:28 PM Erik Nygren <[email protected]> wrote: > >> >> On Fri, Oct 4, 2024 at 3:20 PM Stephen Farrell <[email protected]> >> wrote: >> >>> >>> On 10/4/24 19:30, Paul Wouters wrote: >>> > Which makes me wonder if it makes sense to advise long TTLs on these >>> > records so that they move along on your phone/laptop even if you enter >>> > these kind of networks. >>> >>> There's a tension between that and getting better forward-secrecy >>> by rotating ECH keys regularly. I don't think we're yet at a point >>> where we'd have something that useful to recommend in terms of >>> resolving that tension. (And that's ignoring the tension between >>> wanting, and disliking, ECH;-) >>> >> >> This is explicitly prohibited rfc9460 as it would provide linkability. >> See rfc9460 section 12: "Clients MUST ensure that their DNS cache is >> partitioned for each local network, or flushed on network changes, to >> prevent a local adversary in one network from implanting a forged DNS >> record that allows them to track users or hinder their connections after >> they leave that network." >> > > Not if the ECH record is DNSSEC signed. > Except that no browser client does DNSSEC validation and there is no realistic prospect of that changing. -Ekr
_______________________________________________ DNSOP mailing list -- [email protected] To unsubscribe send an email to [email protected]
