---- LE BIKLAB - SOCIAL FABLAB& INTERNET GOVERNANCE ALS EURALO/LACRALO -AT-LARGE STRUCTURE .gp FELLOW ICANN61 - ICANN65 -GNSO IRT EPDP MEMBER CPWG AT LARGE POLICY [ ARIN FELLOW 2019 |  |
 |  |
À: "Olawale Bakare" <wales.baky@gmail.com>, "Hadia Abdelsalam Mokhtar EL miniawi" <Hadia@tra.gov.eg>, "Joan katambi" <joanhopek@gmail.com>
Cc: "Discussion for At-Large Europe" <euro-discuss@atlarge-lists.icann.org>, alac-sc-outreach@atlarge-lists.icann.org
Envoyé: Dimanche 27 Septembre 2020 03:55:23
Objet: Re: [EURO-Discuss] [Alac-sc-outreach] Report IETF 108 meeting
Dear Wale, Hadia and Joan, Thank you for your reply ;-)!
Classic DNS is processed unencrypted via port 53, end devices are assigned an IP address of a DNS resolver via DHCP, which is then used centrally by the entire operating system. However, such a process has not yet been standardized for protocols such as DoH. In addition, with DoH, applications can now use other DNS resolvers simply and in a standardized manner than the classic resolver defined in the system e.g. via browser.
The current situation means that manufacturers have been going different ways to still be able to assign DoH resolvers. Google tries to upgrade an existing DNS resolver on DoH servers in Chrome and maintains a corresponding list. Microsoft also wants to proceed in a similar way for Windows. Mozilla uses a standard DoH server in Firefox for the US.
With a standard, however, the assignment and use could be standardized and the DNS assignment could then also be automated relatively easily. Various ideas have now been discussed during the meeting. One suggestion provides for a separate protocol for finding appropriate resolvers (https://tools.ietf.org/html/draft-mglt-add-rdp-02). For this purpose, a list of these could be kept and queried, similar to how this already works with classic DNS.
Another one is to use the DNS records directly and to store the resolver addresses there. For this purpose, so-called designated DNS resolvers are to be used, which are only responsible for certain domains (https://tools.ietf.org/html/draft-pauly-add-resolver-discovery-01).
Another one is that every website simply specifies its preferred server in an HTTP header, which should then be used by clients proposed by Google and Cloudflare(https://tools.ietf.org/html/draft-schinazi-httpbis-doh-preference-hints-02).
Finally, another one is based on Enrollment over Secure Transport (https://tools.ietf.org/html/rfc7030) to roll out your own certificates to clients in the network (https://tools.ietf.org/html/draft-reddy-add-iot-byod-bootstrap-00).
Have a great day!
Best,
Matthias
_________________________
Ing. Mag. Matthias M. Hudobnik
Von: Olawale Bakare [mailto:wales.baky@gmail.com]
Gesendet: Donnerstag, 24. September 2020 14:17
An: Hadia Abdelsalam Mokhtar EL miniawi
Cc: Matthias M. Hudobnik; euro-discuss@atlarge-lists.icann.org; alac-sc-outreach@atlarge-lists.icann.org
Betreff: Re: [EURO-Discuss] [Alac-sc-outreach] Report IETF 108 meeting
There are a number of factors to consider for DoH and DoT, bearing in mind the two different ports they operate. One major factor the IETF's Adaptive DNS Discovery WG may watch out for, as it evolves is the CDN (Content Delivery Network). It has gained so much attention because the majority of web traffic is served through CDNs.
Regards,
Wale
On Thu, Sep 24, 2020 at 12:06 PM Hadia Abdelsalam Mokhtar EL miniawi <Hadia@tra.gov.eg> wrote:
Interesting to know what they reached with regard to encrypted DoH and DoT
Hadia
-----Original Message-----
From: Hadia Abdelsalam Mokhtar EL miniawi
Sent: Wednesday, September 23, 2020 3:28 PM
To: 'Matthias M. Hudobnik'; euro-discuss@atlarge-lists.icann.org; alac-sc-outreach@atlarge-lists.icann.org
Subject: RE: [Alac-sc-outreach] Report IETF 108 meeting
Thanks Mathias
Hadia
-----Original Message-----
From: Alac-sc-outreach [mailto:alac-sc-outreach-bounces@atlarge-lists.icann.org] On Behalf Of Matthias M. Hudobnik
Sent: Tuesday, September 22, 2020 10:43 PM
To: euro-discuss@atlarge-lists.icann.org; alac-sc-outreach@atlarge-lists.icann.org
Subject: [Alac-sc-outreach] Report IETF 108 meeting
Dear all,
Enclosed a very brief report about my experience in the IETF 108 meeting if anyone is interested to read it?
I can highly recommend to check out this forum even if it is very technical - it helps to get the bigger picture of the Internet ecosystem ;-)!
Have a nice evening!
Kindest regards,
Matthias
_________________________
Ing. Mag. Matthias M. Hudobnik
matthias@hudobnik.at
http://www.hudobnik.at
_______________________________________________
EURO-Discuss mailing list
EURO-Discuss@atlarge-lists.icann.org
https://atlarge-lists.icann.org/mailman/listinfo/euro-discuss
Homepage for the region: http://www.euralo.org
_______________________________________________
By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and the website Terms of Service (https://www.icann.org/privacy/tos). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.
_______________________________________________
EURO-Discuss mailing list
EURO-Discuss@atlarge-lists.icann.org
https://atlarge-lists.icann.org/mailman/listinfo/euro-discuss
Homepage for the region: http://www.euralo.org
_______________________________________________
By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and the website Terms of Service (https://www.icann.org/privacy/tos). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.