This is a discussion on RE: dns & confidentiality? - DNS ; --On 04 June 2004 20:32 -0400 Danny Mayer wrote: >> I wonder how many of those that _do_ expect confidentiality actually need >> it. Or if anyone really MUST have confidentiality for IP address >> lookup. I guess there could ...
--On 04 June 2004 20:32 -0400 Danny Mayer
>> I wonder how many of those that _do_ expect confidentiality actually need
>> it. Or if anyone really MUST have confidentiality for IP address
>> lookup. I guess there could be some scenarios where it is desired, but
>> that also depends on what a user wants to keep confidential.
> The people who want confidentiality need to define EXACTLY what they mean
> by that, otherwise the working group will end up working towards yet
> goal that doesn't satisfy their perceived needs.
Indeed. Confidentiality is a nebulous word. That might include anything
up to an including:
* Ensuring noone with access to the wire between server and resolver
can infer anything about either the names resolved, or the results of
* Ditto with respect to those with the ability to snoop caching
* Requirements for clients themselves to authenticate before being
given confidential data
I think Paul dropped the confidentiality suggestion in as a possibility.
I don't think anyone has yet argued for it, and if they do, I think
it's a mostly orthogonal requirement to the enumerability problem
(certainly the above type of requirements are not something Nominet is
looking for to my knowledge).
to unsubscribe send a message to email@example.com with
the word 'unsubscribe' in a single line as the message text body.