Evan Hunt wrote: > On Wed, Mar 25, 2015 at 05:24:32PM -0700, Paul Vixie wrote: > ... >> that would be an overspecification. the spec should simply say "any >> RRset, where the choice of which RRset is implementation-dependent". >> some might go for oldest; some for smallest; some for first. > > My one suggestion is that it not be random; for any given set of > two more more types at a node, a succession of ANY queries should > all get back the same response. (Otherwise there's an unnecessary > increase in leaked information, and RRL might not count the responses > as duplicates.) That's why I initially suggested "numerically smallest > rrtype present", but any repeatable selection criteria would be fine.
you make an excellent point. so, the spec might ask for repeatability, but not specify how that's to be achieved. it's still an information leak since the preferred type may have timed out of the cache, in which case an rdns would have to return the next thing on its priority list. (refetching should NOT be done!) -- Paul Vixie _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
