Ilari Liusvaara <ilariliusva...@welho.com> wrote: > > Then there is RRSIG, which seems bit alarming. While direct queries > should not do anything special, I noticed two troublesome properties: > > 1) The answers can be pretty large (amplification hazard with UDP). > 2) The queries can be really slow compared to other types.
Yes. From an implementation perspective, RRSIG queries work in a very similar way to ANY queries. They have the advantage that no-one is likely to think an RRSIG query is useful, so it's reasonable to NOTIMP them. If QTYPE=ANY is forbidden for early data then QTYPE=RRSIG should be too. Tony. -- f.anthony.n.finch <d...@dotat.at> http://dotat.at/ Plymouth: Variable 4 or less, becoming east 3 to 5 for a time. Smooth or slight becoming slight or moderate. Fair. Good. _______________________________________________ dns-privacy mailing list dns-privacy@ietf.org https://www.ietf.org/mailman/listinfo/dns-privacy