Speaker
Mr
Stéphane Bortzmeyer
(AFNIC)
Description
At the IETF 88 meeting in Vancouver, the first one which took into account the Snowden revelations, there was a lot of enthusiasm on action to improve the privacy on the Internet http://www.ietf.org/blog/2013/11/strengthening-the-internet/. This was summarized in a press release http://www.ietf.org/media/2013-11-07-internet-privacy-and-security.html claiming that "all of the working groups that considered the topic have started planning to address the threat using IETF tools that can mitigate aspects of the problem". Now, what is actually done in the DNS field?
Summary
There are several actions already under way:
-
work on a future RFC on "DNS privacy problem statement". Two Internet-Drafts cover this. The work started in the perpass working group and will soon formally move to dnsop.
-
work on "QNAME minimization", a simple and deployable technique to minimize the amount of data sent to authoritative name servers.
-
work on encryption of DNS traffic. There are existing solutions (IPsec, DNScrypt) and possible new techniques (an Internet-Draft suggests a new method).
This talk will describe these actions, their current state after IETF 89 in London and the discussions they trigger.
Primary author
Mr
Stéphane Bortzmeyer
(AFNIC)
