On Jan 17, 2024, at 05:15, Bellebaum, Thomas <thomas.belleb...@aisec.fraunhofer.de> wrote: > > 1. Caching of unrequested RRs would actually be fine, if they are > properly signed. At worst, a resolver would cache irrelevant records.
This is not entirely true. By tailoring someone’s cache you might be able to track them. There is definitely a privacy aspect here. > 2. It is the usage of irrelevant records by the application which is > causing the problem. You could reproduce this problem without any > caches involved. They could become relevant later on when they are already in the cache ? Eg the google.con example ? The user later on browses google.com. This is not an application using “irrelevant records” Paul _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop