On Fri, Jul 31, 2020 at 10:32:17PM +0200, Peter van Dijk wrote: > On Thu, 2020-07-23 at 12:57 +0100, [email protected] wrote: > > Are you saying we shouldn't have a list of allowed RR types at all and just > > limiting to QUERY messages is enough? I asked this question at the last > > meeting > > and the responses were mixed. > > Looking at the list of types, I can't even guess why these types would > be safe and others would not be. If you're going to have a list, it > would be good to explain why those types are on it and the rest is not.
You still need an explanation even if there's not a specific list (vs. just "all types are allowed"). An application profile allowing the use of TLS 0-RTT data needs to identify which messages are safe to use with 0-RTT and I'm quite willing to put up a Discuss point if such guidance is not backed by compelling reasoning. -Ben _______________________________________________ dns-privacy mailing list [email protected] https://www.ietf.org/mailman/listinfo/dns-privacy
