%% You should probably cite draft-ietf-dprive-unilateral-probing instead of this I-D.
@techreport{dkgjsal-dprive-unilateral-probing-00,
    number =    {draft-dkgjsal-dprive-unilateral-probing-00},
    type =      {Internet-Draft},
    institution =   {Internet Engineering Task Force},
    publisher = {Internet Engineering Task Force},
    note =      {Work in Progress},
    url =       {https://datatracker.ietf.org/doc/draft-dkgjsal-dprive-unilateral-probing/00/},
    author =    {Daniel Kahn Gillmor and Joey Salazar},
    title =     {{Unilateral Opportunistic Deployment of Encrypted Recursive-to-Authoritative DNS}},
    pagetotal = 20,
    year =      2021,
    month =     nov,
    day =       18,
    abstract =  {This draft sets out steps that DNS servers (recursive resolvers and authoritative servers) can take unilaterally (without any coordination with other peers) to defend DNS query privacy against a passive network monitor. The steps in this draft can be defeated by an active attacker, but should be simpler and less risky to deploy than more powerful defenses. The draft also introduces (but does not try to specify) the semantics of signalling that would permit defense against an active attacker. The goal of this draft is to simplify and speed deployment of opportunistic encrypted transport in the recursive-to-authoritative hop of the DNS ecosystem. With wider easy deployment of the underlying transport on an opportunistic basis, we hope to facilitate the future specification of stronger cryptographic protections against more powerful attacks.},
}