With Resolverless DNS, and before that DNS over HTTPS, and soon HTTP/3 (QUIC), the web industry is making a very strong attempt to completely control the DNS metadata required for web browsers to reach web services. While there are some political aspects to this redrawing of the DNS resolution path, there are also security implications for operators of managed private networks which are not public, are not regulated, and have no "customers". These operators have reasons they consider important for keeping DNS resolution out of the hands of device, browser, and other app makers. In this presentation, Dr. Vixie will enumerate the DNS-related risks posed to operators of managed private networks by the increasing dominance of DNS-related web industry ambitions. Some proposals will be described as to the costs and benefits of absolute insistence upon local network control over DNS resolution.
Why and how to keep RDNS service local in a world with Resolverless DNS, DNS over HTTPS, and QUIC in it.
|Talk Duration||No longer available: 30 Minutes|