On Tue, Aug 24, 2021 at 05:23:31AM -0700, Éric Vyncke via Datatracker wrote:
> -- Section 2.1 --
> I support Erik Kline's COMMENT on this and am raising it to a blocking
> DISCUSS.
>
> A/ in all the discussion in the last §, a AAAA would have the same benefit
> when
> compared to a NS QTYPE. Or what did I miss ?
Actually, it might not be quite as effective in practice. The reason is
that "AAAA" records are absent more often than "A" records, and when "A"
records are present, but "AAAA" records are not, "AAAA" queries elicit a
"denial of existence" response.
Unfortunately, broken denial of existence, though rare, is not as
infrequent as I'd like. I see a non-negligible set of names where "A"
queries return answers, but "AAAA" queries SERVFAIL.
I am not aware of any advantage to using "AAAA" for the qname
minimisation queries, so "A" appears to me to be the better choice.
Examples:
https://dnssec-stats.ant.isi.edu/~viktor/dnsviz/qmin.d/mail.ajsuarez.com.html
https://dnssec-stats.ant.isi.edu/~viktor/dnsviz/qmin.d/mail.puz.de.html
https://dnssec-stats.ant.isi.edu/~viktor/dnsviz/qmin.d/gloria.sntech.de.html
https://dnssec-stats.ant.isi.edu/~viktor/dnsviz/qmin.d/mx1.espresso-gridpoint.net.html
https://dnssec-stats.ant.isi.edu/~viktor/dnsviz/qmin.d/exchange.hctec.net.html
https://dnssec-stats.ant.isi.edu/~viktor/dnsviz/qmin.d/fallback.hctec.net.html
--
Viktor.
_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop
