On Tue, Apr 6, 2021 at 2:41 PM John Levine <[email protected]> wrote: > In this application, no, because it's not doing a strict tree walk: > > _dmarc.newjersey.sales.bigcorp.wtf > _dmarc.sales.bigcorp.wtf > _dmarc.bigcorp.wtf > > The _dmarc tag means that none of the names is an ancestor of any of > the others. It could also look at, e.g., sales.bigcorp.wtf and see if > it has an NXDOMAIN and prune names below that, but I don't think that > approach is likely to win overall.
Sure, but if I query "_dmarc.newjersey.sales.bigcorp.wtf" and I get back an NXDOMAIN for "sales.bigcorp.wtf", I can eliminate at least one query, because I know right away that the second one in your list isn't there either. Extend that out to a name with a dozen or more labels in it and you're getting somewhere. -MSK
_______________________________________________ DNSOP mailing list [email protected] https://www.ietf.org/mailman/listinfo/dnsop
