Upgrade to Pro — share decks privately, control downloads, hide ads and more …

A14_Future of DNS DoH / DoT_2

A14_Future of DNS DoH / DoT_2

54b2edd392fad51a4876ccf5b7dc65fe?s=128

JPAAWG_2nd_General_Meeting

November 15, 2019
Tweet

Transcript

  1. DoT/DoH from a security vendor perspective Matthew Stith (Spamhaus Technology)

  2. DoH Concerns from a Security Perspective • Potential centralization of

    DNS traffic • Potential massive decentralization of DNS traffic by application • Inability for companies that are responsible for user security to see potential compromise • Managing network issues and troubleshooting DNS issues • Losing the ability to filter content that is objectionable, malicious or dangerous at the DNS level
  3. DoH Concerns from a Security Perspective • Tools used by

    security companies (Passive DNS) will be impacted • Malicious DoH resolvers • Authoritarian regimes taking even more intrusive steps to monitor user activity • Network Layers being flattened • Local DNS will no longer work in the application using DoH
  4. Questions?

  5. Thanks for listening!