> should the DNS and the data it holds be considered confidential?

i don't know. doing so could demand a DH exchange on every query, depending
on the threat model. and would demand at least some kind of work-preload for
every initiator, like an expensive hash of to
discourage zone walking. it's a much harder problem than NSEC2 addresses.

to unsubscribe send a message to namedroppers-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.