As long as we're in UDP, with DNSSEC, and many NS, packetsize in DNS will be a "thing" and revoking label compression pushes to fragments and/or TCP.
Personally, I think TCP is fine, and the emergence of long-lived bindings in DNS is fine, and this is a bit overblown as a problem. But, I get reminded by people just how long, deep and *old* the CPE embedded DNS footprint is. Which believes UDP at 512 is a "thing" So basically, yes: you can turn it off. But. Is it wise? -G _______________________________________________ DNSOP mailing list [email protected] https://www.ietf.org/mailman/listinfo/dnsop
