On 11/10/2023, Paul Wouters wrote:
On Fri, 10 Nov 2023, John R Levine wrote:
Subject: [DNSOP] QNAME minimization is bad
Well, not always bad but sometimes.
A bit misleading subject :P
I'd like to write a draft that updates RFC 9156 by describing
situations like this that caches could recognize and avoid useless
churn, added to section 2.3 which already suggests special casing
underscored labels.
Couldn't the RBL's add an underscore in their base zone name to trigger
the special casing in 9156? That would not require a new RFC and
perhaps might not require code updates?
The current situation represents countless software packages that would
need to be reworked to accommodate a new QNAME request starting with an
underscore. It's a bit of a heavy lift. While I personally believe it
would be better to get these sorts of queries out of DNS, this again
points the the install base problem, still also a heavy lift.
One thing that is of interest to me; There appears to be no way for the
owner of the dataset being queried (they should understand what exists
in their zones better than anyone else) to signal that beneath this
domain cut you should just request the full QNAME.
I also suspect (perhaps I missed it) that modifying the values in SOA
returned for NOERROR + NODATA would be of value for negative caching.
Again, the data owners should have a better understanding of their zones
than anyone else.
--
Denny Watson
Lead Investigator
The Spamhaus Project
_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop
