On Fri, 10 Nov 2023, David Conrad wrote:
DNSBLs have been around a lot longer than QNAME minimization.
Not sure that’s relevant — I presume you’re not suggesting DNSBLs are a
predominant use of the DNS.
In the overall Internet, no, but within the e-mail world it's probably the
majority of the traffic since mail servers do multiple DNSBL checks on
every incoming message.
They work(ed) fine without minimization and I don't think it is reasonable
to expect every mail system in the world to change their configuration
to work around our performance bug.
I thought the point of QNAME minimization was to improve privacy.
In many cases it does that. Unfortunately, for DNSBLs (and maybe some
other applications) it is in effect a DDoS with no privacy improvement at
all.
As I think I said a few messages ago, I hope people have done traffic
studies so we can see if there are other situations like this that we
could fix at the same time.
Regards,
John Levine, jo...@taugh.com, Taughannock Networks, Trumansburg NY
Please consider the environment before reading this e-mail. https://jl.ly
_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop