Wes, all,
thanks for putting together draft-ietf-dnsop-nsec3-guidance. I have
one small comment regarding section 2.2 (Flags):
In some deployments of larger (eg TLD), in-memory zone size on the
authoritative servers is a significant issue, particularly if the
total memory size required is multipl
On Fri, 3 Sep 2021, Alexander Mayrhofer wrote:
In some deployments of larger (eg TLD), in-memory zone size on the
authoritative servers is a significant issue, particularly if the
total memory size required is multiplied by hundreds of anycast nodes.
Why would you calculate the cost of memory
On 03/09/2021 09.32, Paul Wouters wrote:
I guess with aggressive nsec, you might even gain some CPU cycles back
for that extra memory used, and receive less queries too? Saving you
some money?
I think these savings won't be significant in delegation-centric zones
that are huge enough to consi
On 03/09/2021 09.48, Vladimír Čunát wrote:
you can't expect them[resolvers] to keep a significant fraction of
huge zones in cache
That being said, if a zone with (only) a couple million entries is
*attacked*, it can be realistically protected by aggressive caching. A
cache of a couple GB see
On 03/09/2021 08:32, Paul Wouters wrote:
> I myself think we have reached the point where memory on nodes is so
> cheap, it is not worth the security degradation to use opt-out.
Generic DIMMs are indeed cheap.
However, supported ones from server vendors such as Dell have a retail
price about
All,
We had a lighter meeting, as we missed Warren. Focus on Interim planning.
See below.
Thanks
Benno/Suzanne/Tim
# Chairs Meeting Notes
This File:
https://github.com/ietf-wg-dnsop/wg-materials/blob/main/chairs-notes-2021.md
Doc Status:
https://github.com/ietf-wg-dnsop/wg-materials/blob/mai
Reviewer: Jean Mahoney
Review result: Ready with Nits
Reviewer: Jean Mahoney
Review result: Ready with nits
A well-written, easy-to-read document. Love Appendix A!
Question about Appendix A.2 and Updates - Should this document also update RFC
1536?
Current text in A.2:
The informational doc
