Mukund Sivaraman <[email protected]> wrote: > > During the "how-to-achieve-it" phase, attention should be given to not > adding extra roundtrips (to keep it as close as possible to the RFC 1035 > UDP scenario). Various new facilities such as TCP's fast open, TLS false > start, etc. should not be taken for granted - considerion should be > given to the average and worst case scenarios, esp. queries in unseen > zones to non-anycast-"cloud" nameservers that aren't "known".
Yes, I very much agree. As I understand it, TLS false start is able to reduce the 2RTT TLS/1.2 handshake to 1.5RTT (same as a session resume). For TLS/1.3 cold starts and session resume are the same 1.5RTT, and sessions can also be resumed with 0RTT which is very yummy for the DNS. So if I'm allowed to assume TLS/1.3 then false start doesn't buy us anything. The cold start time for DoT is 3RTT. For DNS-over-QUIC I think that could drop to 2RTT, or maybe 1RTT? I don't know QUIC's handshake. The warm start time should soon be 0RTT. Tony. -- f.anthony.n.finch <[email protected]> http://dotat.at/ champion the freedom, dignity, and well-being of individuals _______________________________________________ dns-privacy mailing list [email protected] https://www.ietf.org/mailman/listinfo/dns-privacy
