Reply to post: I'm confused

IETF plants privacy test inside DNS

Warm Braw Silver badge

I'm confused

Even after looking through the slides from the IETF talk.

DNS is just a directory service, designed (largely) to look up network addresses. Even if you completely secure the directory lookup, you reveal the network address (and hence the domain name you looked up) immediately you initiate any traffic based on the lookup. Admittedly, you reveal this initially only to your ISP, but your ISP is likely to be the principal culprit in pervasive monitoring.

Now, you may be able to reduce the amount of information that's leaked to intermediate and authoritative nameservers by concealing the origin of the lookup, but you can't do that if you use TLS end-to-end and in any case, that's probably the least of your problems.

What bit did I miss?

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2022