On Tue, Aug 24, 2021 at 05:23:31AM -0700, Éric Vyncke via Datatracker wrote:
> -- Section 2.1 -- > I support Erik Kline's COMMENT on this and am raising it to a blocking > DISCUSS. > > A/ in all the discussion in the last §, a AAAA would have the same benefit > when > compared to a NS QTYPE. Or what did I miss ? Actually, it might not be quite as effective in practice. The reason is that "AAAA" records are absent more often than "A" records, and when "A" records are present, but "AAAA" records are not, "AAAA" queries elicit a "denial of existence" response. Unfortunately, broken denial of existence, though rare, is not as infrequent as I'd like. I see a non-negligible set of names where "A" queries return answers, but "AAAA" queries SERVFAIL. I am not aware of any advantage to using "AAAA" for the qname minimisation queries, so "A" appears to me to be the better choice. Examples: https://dnssec-stats.ant.isi.edu/~viktor/dnsviz/qmin.d/mail.ajsuarez.com.html https://dnssec-stats.ant.isi.edu/~viktor/dnsviz/qmin.d/mail.puz.de.html https://dnssec-stats.ant.isi.edu/~viktor/dnsviz/qmin.d/gloria.sntech.de.html https://dnssec-stats.ant.isi.edu/~viktor/dnsviz/qmin.d/mx1.espresso-gridpoint.net.html https://dnssec-stats.ant.isi.edu/~viktor/dnsviz/qmin.d/exchange.hctec.net.html https://dnssec-stats.ant.isi.edu/~viktor/dnsviz/qmin.d/fallback.hctec.net.html -- Viktor. _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop