draft-ietf-dprive-dns-over-tls-06.txt   draft-ietf-dprive-dns-over-tls-07.txt 
Network Working Group Z. Hu Network Working Group Z. Hu
Internet-Draft L. Zhu Internet-Draft L. Zhu
Intended status: Standards Track J. Heidemann Intended status: Standards Track J. Heidemann
Expires: August 25, 2016 USC/Information Sciences Expires: September 2, 2016 USC/Information Sciences
Institute Institute
A. Mankin A. Mankin
D. Wessels D. Wessels
Verisign Labs Verisign Labs
P. Hoffman P. Hoffman
ICANN ICANN
February 22, 2016 March 1, 2016
Specification for DNS over TLS Specification for DNS over TLS
draft-ietf-dprive-dns-over-tls-06 draft-ietf-dprive-dns-over-tls-07
Abstract Abstract
This document describes the use of TLS to provide privacy for DNS. This document describes the use of TLS to provide privacy for DNS.
Encryption provided by TLS eliminates opportunities for eavesdropping Encryption provided by TLS eliminates opportunities for eavesdropping
and on-path tampering with DNS queries in the network, such as and on-path tampering with DNS queries in the network, such as
discussed in [RFC7258]. In addition, this document specifies two discussed in [RFC7258]. In addition, this document specifies two
usage profiles for DNS-over-TLS and provides advice on performance usage profiles for DNS-over-TLS and provides advice on performance
considerations to minimize overhead from using TCP and TLS with DNS. considerations to minimize overhead from using TCP and TLS with DNS.
skipping to change at page 2, line 7 skipping to change at page 2, line 8
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/. Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on August 25, 2016. This Internet-Draft will expire on September 2, 2016.
Copyright Notice Copyright Notice
Copyright (c) 2016 IETF Trust and the persons identified as the Copyright (c) 2016 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of (http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
skipping to change at page 14, line 23 skipping to change at page 14, line 23
The below individuals contributed significantly to the draft. The The below individuals contributed significantly to the draft. The
RFC Editor prefers a maximum of 5 names on the front page, and so we RFC Editor prefers a maximum of 5 names on the front page, and so we
have listed additional authors in this section. have listed additional authors in this section.
Sara Dickinson Sara Dickinson
Sinodun Internet Technologies Sinodun Internet Technologies
Magdalen Centre Magdalen Centre
Oxford Science Park Oxford Science Park
Oxford OX4 4GA Oxford OX4 4GA
UK United Kingdom
Email: sara@sinodun.com Email: sara@sinodun.com
URI: http://sinodun.com URI: http://sinodun.com
Daniel Kahn Gillmor Daniel Kahn Gillmor
ACLU ACLU
125 Broad Street, 18th Floor 125 Broad Street, 18th Floor
New York, NY 10004 New York, NY 10004
USA United States
11. Acknowledgments 11. Acknowledgments
The authors would like to thank Stephane Bortzmeyer, John Dickinson, The authors would like to thank Stephane Bortzmeyer, John Dickinson,
Brian Haberman, Christian Huitema, Shumon Huque, Kim-Minh Kaplan, Brian Haberman, Christian Huitema, Shumon Huque, Kim-Minh Kaplan,
Simon Joseffson, Simon Kelley, Warren Kumari, John Levine, Ilari Simon Joseffson, Simon Kelley, Warren Kumari, John Levine, Ilari
Liusvaara, Bill Manning, George Michaelson, Eric Osterweil, Jinmei Liusvaara, Bill Manning, George Michaelson, Eric Osterweil, Jinmei
Tatuya, Tim Wicinski, and Glen Wiley for reviewing this Internet- Tatuya, Tim Wicinski, and Glen Wiley for reviewing this Internet-
draft. They also thank Nikita Somaiya for early work on this idea. draft. They also thank Nikita Somaiya for early work on this idea.
skipping to change at page 19, line 27 skipping to change at page 19, line 27
If none of the SPKIs in the cryptographically-valid chain of certs If none of the SPKIs in the cryptographically-valid chain of certs
match any pin in the pinset, the client closes the connection with an match any pin in the pinset, the client closes the connection with an
error, and marks the IP address as failed. error, and marks the IP address as failed.
Authors' Addresses Authors' Addresses
Zi Hu Zi Hu
USC/Information Sciences Institute USC/Information Sciences Institute
4676 Admiralty Way, Suite 1133 4676 Admiralty Way, Suite 1133
Marina del Rey, CA 90292 Marina del Rey, CA 90292
USA United States
Phone: +1 213 587-1057 Phone: +1 213 587 1057
Email: zihu@usc.edu Email: zihu@usc.edu
Liang Zhu Liang Zhu
USC/Information Sciences Institute USC/Information Sciences Institute
4676 Admiralty Way, Suite 1133 4676 Admiralty Way, Suite 1133
Marina del Rey, CA 90292 Marina del Rey, CA 90292
USA United States
Phone: +1 310 448-8323 Phone: +1 310 448 8323
Email: liangzhu@usc.edu Email: liangzhu@usc.edu
John Heidemann John Heidemann
USC/Information Sciences Institute USC/Information Sciences Institute
4676 Admiralty Way, Suite 1001 4676 Admiralty Way, Suite 1001
Marina del Rey, CA 90292 Marina del Rey, CA 90292
USA United States
Phone: +1 310 822-1511 Phone: +1 310 822 1511
Email: johnh@isi.edu Email: johnh@isi.edu
Allison Mankin Allison Mankin
Verisign Labs
12061 Bluemont Way
Reston, VA 20190
Phone: +1 703 948-3200 Phone: +1 301 728 7198
Email: amankin@verisign.com Email: Allison.mankin@gmail.com
Duane Wessels Duane Wessels
Verisign Labs Verisign Labs
12061 Bluemont Way 12061 Bluemont Way
Reston, VA 20190 Reston, VA 20190
United States
Phone: +1 703 948-3200 Phone: +1 703 948 3200
Email: dwessels@verisign.com Email: dwessels@verisign.com
Paul Hoffman Paul Hoffman
ICANN ICANN
Email: paul.hoffman@icann.org Email: paul.hoffman@icann.org
 End of changes. 17 change blocks. 
18 lines changed or deleted 17 lines changed or added

This html diff was produced by rfcdiff 1.42. The latest version is available from http://tools.ietf.org/tools/rfcdiff/