I think that we have to go back to the original goal, to reduce leakage of information so that we only disclose where there is a need to know.
The authoritative does not need to know who is making the request. The TLD does not need to know the complete query. At some point a recursive somewhere does need to know that a query is being made. That puts client/resolver leakage in a different category to client/authoritative. Yes protecting that data might warrant investigation. Yes, I and others can suggest schemes that would provide that protection. No, this is not costless. No this is not a low hanging fruit. No this should not be our focus in DPRIV right now.
_______________________________________________ dns-privacy mailing list dns-privacy@ietf.org https://www.ietf.org/mailman/listinfo/dns-privacy