Hi all,

I've reviewed version 13 of draft-ietf-opsawg-mud-tls for dnsdir and found only few things in the 'nits' category.

1. DoT (dns over tls) is mentioned but there is no reference to RFC 7858, might be good to add a reference (to the Introduction section)?
2. DoT traffic itself might be more traceable because it runs on a different port (853) - unsure if the authors want/need to say more about this? 

Paragraph 4.2 "Encrypted DNS" looks correct to me.

Regards,
Miek