In message <[email protected]>, Ted Lemon writes: > > On Feb 8, 2017, at 12:25 AM, Mark Andrews <[email protected]> wrote: > > And how does the server get the proof of non-existence? It needs > > to leak a query. > > If it has proof of non-existence for .alt cached, it doesn't need to ask > any further questions to deny the existence of any subdomain of .alt.
Which assumes agggressive negative caching. I'm going to make a realistic assumption that it will take 10+ years for there to be meaningful (>50%) deployment of aggressive negative caching. > Leaking a query to .alt is harmless. Is it? What reports are we going to see over the next 20 year of DITL data on *.alt. Mark -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: [email protected] _______________________________________________ DNSOP mailing list [email protected] https://www.ietf.org/mailman/listinfo/dnsop
