DNS Server Selection: DNS Server Information with Assertion Token
draft-reddy-add-server-policy-selection-09
Document | Type |
Expired Internet-Draft
(individual)
Expired & archived
|
|
---|---|---|---|
Authors | Tirumaleswar Reddy.K , Dan Wing , Michael Richardson , Mohamed Boucadair | ||
Last updated | 2022-04-10 (Latest revision 2021-10-07) | ||
Replaces | draft-reddy-dprive-dprive-privacy-policy | ||
RFC stream | (None) | ||
Intended RFC status | (None) | ||
Formats | |||
Stream | Stream state | (No stream defined) | |
Consensus boilerplate | Unknown | ||
RFC Editor Note | (None) | ||
IESG | IESG state | Expired | |
Telechat date | (None) | ||
Responsible AD | (None) | ||
Send notices to | (None) |
This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:
Abstract
The document defines a mechanism that is meant to communicate DNS resolver information to DNS clients for use as a criteria for server selection decisions. Such an information that is cryptographically signed to attest its authenticity is used for the selection of DNS resolvers. Typically, evaluating the resolver information and the signatory, DNS clients with minimal or no human intervention can select the DNS servers for resolving domain names. This assertion is useful for encrypted DNS (e.g., DNS-over-TLS, DNS- over-HTTPS, or DNS-over-QUIC) servers that are either public resolvers or discovered in a local network.
Authors
Tirumaleswar Reddy.K
Dan Wing
Michael Richardson
Mohamed Boucadair
(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)