Authoritative DNS-over-TLS Operational Considerations
draft-hal-adot-operational-considerations-02
| Document | Type | Expired Internet-Draft (candidate for dprive WG) | |
|---|---|---|---|
| Authors | Karl Henderson , Tim April , Jason Livingood | ||
| Last updated | 2020-02-14 (latest revision 2019-08-13) | ||
| Stream | IETF | ||
| Intended RFC status | (None) | ||
| Formats |
Expired & archived
pdf
htmlized (tools)
htmlized
bibtex
|
||
| Stream | WG state | Call For Adoption By WG Issued | |
| Document shepherd | No shepherd assigned | ||
| IESG | IESG state | Expired | |
| Consensus Boilerplate | Unknown | ||
| Telechat date | |||
| Responsible AD | (None) | ||
| Send notices to | (None) | ||
https://www.ietf.org/archive/id/draft-hal-adot-operational-considerations-02.txt
Abstract
DNS over TLS (DoT) has been gaining attention, primarily as a means of communication between stub resolvers and recursive resolvers. There have also been discussions and experiments involving the use of DoT to communicate with authoritative nameservers (Authoritative DNS over TLS or "ADoT"), including communication between recursive and authoritative resolvers. However, we have identified a number of operational concerns with ADoT that have arisen as DNS operators have begun to experiment with and prepare for deploying DoT. These operational concerns need to be addressed prior to ADoT's deployment at scale by DNS operators in order to maintain the stability and resilience of the global DNS. The document also provides some suggested next steps to advance the operator community's understanding of ADoT's operational impact.
Authors
Karl Henderson
(khenderson@verisign.com)
Tim April
(ietf@tapril.net)
Jason Livingood
(Jason_Livingood@comcast.com)
(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)