On 3/31/2021 2:15 PM, Bill Woodcock wrote:
We have that:
https://vaibhavbajpai.com/documents/papers/proceedings/dot-pam-2021.pdf
That paper is about home measurements, and says:
"Previous work [8,17,26] has studied the support and response times of
DoT (and DoH). However, the studies performed response time measurements from
proxy networks and data centers, which means that results might not
appropriately reflect the latency of regular home users...”
…and it’s measuring latency rather than server-side load. I just checked with our engineers, and it sounds like the server load
per-query is more like 3x-5x higher for the encrypted queries.
I think that's the big motivation behind DoQ. Because QUIC runs over
UDP, it makes some things easier than TCP. In particular, I have seen
(and done) demos of supporting 50,000 QUIC connections over a single UDP
socket, which is definitely easier on the system than trying to support
parallel wait on 50,000 TCP sockets. But this is a motivation to do work
on the subject, not a recommendation to change the way root servers
operate. I personally agree with the statement that root servers should
not rush to implement, but rather wait and see until the technology matures.
-- Christian Huitema
_______________________________________________
dns-privacy mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dns-privacy
