- From: Patrick McManus <pmcmanus@mozilla.com>
- Date: Mon, 9 Jul 2018 23:06:26 -0400
- To: Ted Lemon <mellon@fugue.com>
- Cc: Patrick McManus <pmcmanus@mozilla.com>, Ben Schwartz <bemasc@google.com>, Daniel Kahn Gillmor <dkg@aclu.org>, DoH WG <doh@ietf.org>, HTTP Working Group <ietf-http-wg@w3.org>, dnsop <dnsop@ietf.org>, driu@ietf.org
- Message-ID: <CAOdDvNrh-NyhgS_emW_JWeJznJ6NkGCSrKNF5NyaAJaMULBfeQ@mail.gmail.com>
this is essentially a bar bof - though lacking in a bar and I'm fond of more professional terms so I call it a side meeting. It has no standing. If you're interested then please come, if you're not or are conflicted then you're missing anything process wise. Someday it might graduate to becoming a bof - but I would never put a bof forward that didn't have a proposal I was comfortable with. This is indeed a side meeting for anyone interested to see if there is a shared vision for what such a proposal might look like. Its not in scope for any wg as there isn't a proposal. Its quite possible that it might have multiple outcomes which are in scope for multiple application groups; I've tried to cc the likely suspects here. But that is presupposing outcomes. -P On Mon, Jul 9, 2018 at 10:55 PM, Ted Lemon <mellon@fugue.com> wrote: > This sounds an awful lot like an unapproved bof. The reason we don’t do > those is that they tend to make it hard for people to participate. Why > isn’t this in scope for dnsop? > > On Mon, Jul 9, 2018 at 10:49 PM Patrick McManus <pmcmanus@mozilla.com> > wrote: > >> Hi All, >> >> I am organizing an ad-hoc Side Meeting regarding 'Resolverless DNS' in >> Montreal. >> >> We have often talked about the benefits and concerns of DNS information >> obtained from sources that are, shall we say, less globally trusted than a >> recursive a resolver. The central use case is DoH when pushed from an >> endpoint that isn't a recursive resolver but there have been other >> proposals. >> >> For example www.example.com pushes you a AAAA record for img1.example.com. >> Should you use it? What if it is for img1.img-example.com ? Do the >> relationship between these domains matter? What kind of relationship (i.e. >> it could be a domain relationship, or in the context of a browser it might >> be a first-party tab like relationship, etc..)? What are the implications >> of poison? Trackers? Privacy of requests never made? Speed? Competitive >> shenanigans or DoS attacks? >> >> This was out of scope for DoH. >> >> *We'll do the meeting over 1 hour in the Dorchester room from 16:30 to >> 17:30 on Monday July 16th.* >> >> This is a meeting of interested folks looking to see if we can agree on >> next steps - we're not going to work out the details (nor should a side >> meeting try and do so). so we'll have a tight agenda that I suggest >> organizaing as follows: >> >> 1] What forms of transport could be in scope? HTTP/2 push is one such >> vector, but I've heard others. Spray paint for example. >> >> 2] What needs to be considered when using such data? (signatures? scope? >> etc?) >> >> 3] Who are the stakeholders for 1 + 2? >> >> 4] Is there enough interest to explore further? Next steps as output >> >> I hope you can come! >> >> -Patrick >> >> _______________________________________________ >> DRIU mailing list >> DRIU@ietf.org >> https://www.ietf.org/mailman/listinfo/driu >> >
Received on Tuesday, 10 July 2018 03:06:57 UTC