rfc8467 — Search

US RFC 8484: DNS Queries over HTTPS (DoH)

…ental effort to offer guidance on choosing the padding length can be found in [ RFC8467 ]. Additionally, the use of the HTTPS default port 443 and the ability to mix DoH traffic with other HTTPS traffic on the same connection can deter unprivileged on-path devices from interferin…

2026-04-25 02:03 View archive →

US RFC 9539 - Unilateral Opportunistic Deployment of Encrypted Recursive-to-Authoritative DNS

https://datatracker.ietf.org/doc/rfc9539

… is out of scope of this document, but a reasonable suggestion can be found in [RFC8467]. 4. Guidance for Recursive Resolvers The protocol described in this document is OPTIONAL for recursive resolvers. This section outlines a probing policy suitable for unilateral adoption by an…

2026-04-24 10:13 View archive →

US RFC 9250: DNS over Dedicated QUIC Connections

https://www.rfc-editor.org/rfc/rfc9250

…perimental status "Padding Policies for Extension Mechanisms for DNS (EDNS(0))" RFC8467 . While Experimental, these recommendations are referenced because they are implemented and deployed for DoT and provide a way for implementations to be fully compliant with this specification…

2026-04-24 20:20 View archive →

US RFC 9180: Hybrid Public Key Encryption

https://rfc-editor.org/rfc/rfc9180

… this level of privacy should use a suitable padding mechanism. See TLS-ECH and RFC8467 for examples of protocol-specific padding policies. 9.8. Bidirectional Encryption As discussed in Section 5.2 , HPKE encryption is unidirectional from sender to recipient. Applications that re…

2026-04-24 10:40 View archive →

US RFC 9180: Hybrid Public Key Encryption

https://www.rfc-editor.org/rfc/rfc9180

… this level of privacy should use a suitable padding mechanism. See TLS-ECH and RFC8467 for examples of protocol-specific padding policies. 9.8. Bidirectional Encryption As discussed in Section 5.2 , HPKE encryption is unidirectional from sender to recipient. Applications that re…

2026-04-24 10:32 View archive →