Re: [dnsext] FR: An argument against 0x20 and mitigation by standard labels
Dean Anderson
On Wed, 22 Oct 2008, Nicholas Weaver wrote:
>
> On Oct 22, 2008, at 3:07 AM, George Barwood wrote:
>
> > A possible argument against 0x20 is that administrators, in order to
> > lessen the load on their authoritative name servers from resolvers
> > that implement 0x20 and repetition, may start using long labels.
> >
> > This could lead to increased memory requirement for caches.
>
> I don't think this is a concern:
>
> Lets take a resolver that has 1 Million! cache entries. At an extra
> 10B a label (for extra 0x20-padding on names?), this would be a
> whopping 10MB of memory. Suppose the same resolver has 100M active
> cache entries. Thats still just 1 GB. Or about $30.
>
> So who cares about the memory usage of slightly longer names?
Once that 1G gets paged out, you care.
But I think this 'entropy' in names business is just nonsense anyway. I
am sure I won't be running it, nor advising anyone else to run it.
Same for DNSinSEC, err DNSSEC. Sorry I can't give a more detailed
response now, but I'm busy writing up a paper for NTIA on DNSSEC
insecurity.
--Dean
--
Av8 Internet Prepared to pay a premium for better service?
www.av8.net faster, more reliable, better service
617 344 9000
--
to unsubscribe send a message to namedroppe...@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://ops.ietf.org/lists/namedroppers/>