On 11/7/2019 22:56, @lbutlr wrote:
On 11 Jul 2019, at 10:52, Lefteris Tsintjelis via bind-users
<bind-users@lists.isc.org> wrote:
On 11/7/2019 15:35, Tony Finch wrote:
Lefteris Tsintjelis via bind-users <bind-users@lists.isc.org> wrote:
Why would you want something like that?
https://datatracker.ietf.org/wg/dprive/about/
If you are willing to sacrifice speed.
Not really. Using DOH servers now doesn’t have any noticeable impact on speed
of DNS.
Doesn't the packet size have any impact at all just by itself, excluding
packet encryption/decryption times? For me the difference was quite
noticeable when I first enabled DNSSEC, specially when I first tested it
with SHA256/512. Packets would easily exceed fragmentation limits and
that alone is just by using DNSSEC only! I don't know what the impact of
DOH would be on the packet size, but I am pretty sure it would be even
worst combined with DNSSEC, would it not?
Lefteris
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users