Hi all,
We have recently submitted an individual Internet-Draft entitled
"draft-li-qname-minimization-trade-offs":
-- Abstract
This document examines the current protocol policies and operational state of
QNAME Minimization (QMIN), defined in RFC 9156 [RFC9156]. While QMIN is a DNS
privacy mechanism, its existing implementation strategies introduce subtle
trade-offs between privacy and security. Specifically, current policies may
still present potential information leakage or introduce query amplification
potential. This informational document aims to alert protocol designers,
implementers, and users to these emerging challenges and suggests that a
careful re-evaluation and improvement of the QMIN mechanism are necessary to
fully mitigate these combined privacy and security risks.
File can be retrieved from:
https://www.ietf.org/archive/id/draft-li-qname-minimization-trade-offs-00.txt
We would appreciate any comments or feedback from the DNSOP community.
Thanks in advance for your time and input.
Best regards,
Qinxin Li
_______________________________________________
DNSOP mailing list -- [email protected]
To unsubscribe send an email to [email protected]
_______________________________________________
DNSOP mailing list -- [email protected]
To unsubscribe send an email to [email protected]
