Re: [Add] Fwd: New Version Notification for draft-schwartz-add-ddr-forwarders-00.txt
"STARK, BARBARA H" <bs7652@att.com> Fri, 24 September 2021 13:51 UTC
Return-Path: <bs7652@att.com>
X-Original-To: add@ietfa.amsl.com
Delivered-To: add@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 01D4B3A299B; Fri, 24 Sep 2021 06:51:16 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=att.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rItmzOI0DC8e; Fri, 24 Sep 2021 06:51:10 -0700 (PDT)
Received: from mx0a-00191d01.pphosted.com (mx0b-00191d01.pphosted.com [67.231.157.136]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A878F3A2996; Fri, 24 Sep 2021 06:51:10 -0700 (PDT)
Received: from pps.filterd (m0083689.ppops.net [127.0.0.1]) by m0083689.ppops.net-00191d01. (8.16.1.2/8.16.1.2) with SMTP id 18OBQYVu019214; Fri, 24 Sep 2021 09:51:09 -0400
Received: from alpi154.enaf.aldc.att.com (sbcsmtp6.sbc.com [144.160.229.23]) by m0083689.ppops.net-00191d01. with ESMTP id 3b93gje5uk-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Fri, 24 Sep 2021 09:51:09 -0400
Received: from enaf.aldc.att.com (localhost [127.0.0.1]) by alpi154.enaf.aldc.att.com (8.14.5/8.14.5) with ESMTP id 18ODp7dW003525; Fri, 24 Sep 2021 09:51:08 -0400
Received: from zlp30483.vci.att.com (zlp30483.vci.att.com [135.47.91.189]) by alpi154.enaf.aldc.att.com (8.14.5/8.14.5) with ESMTP id 18ODp1ND003380 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Fri, 24 Sep 2021 09:51:02 -0400
Received: from zlp30483.vci.att.com (zlp30483.vci.att.com [127.0.0.1]) by zlp30483.vci.att.com (Service) with ESMTP id B0DCA4005951; Fri, 24 Sep 2021 13:51:01 +0000 (GMT)
Received: from GAALPA1MSGEX1AC.ITServices.sbc.com (unknown [135.50.89.98]) by zlp30483.vci.att.com (Service) with ESMTP id 69FAF400595D; Fri, 24 Sep 2021 13:51:01 +0000 (GMT)
Received: from GAALPA1MSGEX1AA.ITServices.sbc.com (135.50.89.96) by GAALPA1MSGEX1AC.ITServices.sbc.com (135.50.89.98) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2308.14; Fri, 24 Sep 2021 09:50:57 -0400
Received: from GAALPA1MSGETA02.tmg.ad.att.com (144.160.249.124) by GAALPA1MSGEX1AA.ITServices.sbc.com (135.50.89.96) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2308.14 via Frontend Transport; Fri, 24 Sep 2021 09:50:57 -0400
Received: from NAM12-DM6-obe.outbound.protection.outlook.com (104.47.59.170) by edgeal2.exch.att.com (144.160.249.124) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2308.14; Fri, 24 Sep 2021 09:50:44 -0400
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=WymrNi8f2ryLUMEio6NpxQ+GbvGAwR0KsPF3psRZX4R4GsJ6Qs3mtANoTkK/br6jHXOsGPUGv7O3xRakduwGcCzOC4MQWzskExoqw9nFqVvNnkYa2fs1/T8MsVhuhdgD/OMFTS2sLmqYLX4feHqDssB/6La/sKRMr9GNhAS8oF/WT+Z8tV8DzQ105ZmaEi2lZPBy1yNk/uNDKpxlSgT2FcBHCk5vgrpfi89Uv0Iy0yvBeECiFEADqljI/Ecpkv+wpIqBp0iImFGt0GsZv4o8lWbRu5T2nUMqmwKrvsg5wjj+134YrnXFp6rNb7tURg2+EJScEqzpe0fD1xQvj9AYlg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=BlZBH4nVICmIf2GL0a8zceje8esd4LG96Y8+svCifvw=; b=b7+yQsJXJZr0aMIwS2dqJ0xAmIiipfbFVWeO++ObFgCKuaQI6mv0GIV0f9d0n44SeCAEhSghFX5JXQPLc3SyHrbTpp9zQ7Ae+eVUZl/rxzO2fgzR06mvJ99OjbcQ0oRLZ837hD63eSo1cwOTalI9uqGfvU7gNKUpoQM7+Ft5CjRcFRnIy4BSvtQr0WndkWRr/o+qpxPco4zLqfSS7m1h365zGkXSEaobTcn2xn4fEfZLhhZQ2FJ0Zz3nfRyzs/4TKKGCjWsK7pdj61lzAOILm2AONbgfI3rb2TtjCGX3U9xa8+6ipdlYm1JB0TnsWDuUD5qW893O/iBkeOrzV2mnIw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=att.com; dmarc=pass action=none header.from=att.com; dkim=pass header.d=att.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=att.onmicrosoft.com; s=selector2-att-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=BlZBH4nVICmIf2GL0a8zceje8esd4LG96Y8+svCifvw=; b=hIwNSI3X+eCzjT7nAtHF3ZbtJN4BKFWgiUwt8iZURSwdw4shElOTrULkFcH4U1Af3SaOdfADO5EraOEHj8vC8s8GW4qEx5tVMs31IDz17Z415Lemx0gF066CoSE1haxO/q0DKzjF6XtNdOD3RCPKrE0303KMcKN6V8He/TXtsLo=
Received: from DM6PR02MB6924.namprd02.prod.outlook.com (2603:10b6:5:25f::7) by DM6PR02MB4923.namprd02.prod.outlook.com (2603:10b6:5:fa::27) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4544.18; Fri, 24 Sep 2021 13:50:42 +0000
Received: from DM6PR02MB6924.namprd02.prod.outlook.com ([fe80::ddec:9436:4971:5d1e]) by DM6PR02MB6924.namprd02.prod.outlook.com ([fe80::ddec:9436:4971:5d1e%4]) with mapi id 15.20.4544.018; Fri, 24 Sep 2021 13:50:42 +0000
From: "STARK, BARBARA H" <bs7652@att.com>
To: 'Ben Schwartz' <bemasc=40google.com@dmarc.ietf.org>, 'ADD Mailing list' <add@ietf.org>
Thread-Topic: [Add] Fwd: New Version Notification for draft-schwartz-add-ddr-forwarders-00.txt
Thread-Index: AQHXrvS1xpR6NelhsUetMo+7TP2rD6uzLpvA
Date: Fri, 24 Sep 2021 13:50:41 +0000
Message-ID: <DM6PR02MB69247B06F32349B37CA9A728C3A49@DM6PR02MB6924.namprd02.prod.outlook.com>
References: <163223345857.28587.9301450225704997678@ietfa.amsl.com> <CAHbrMsDL-QKF-xn0Pz2FrrDoHHRoqKfBkuDoBkuZucDFh8KSQA@mail.gmail.com>
In-Reply-To: <CAHbrMsDL-QKF-xn0Pz2FrrDoHHRoqKfBkuDoBkuZucDFh8KSQA@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: dmarc.ietf.org; dkim=none (message not signed) header.d=none;dmarc.ietf.org; dmarc=none action=none header.from=att.com;
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 346e13fc-251a-4409-3d51-08d97f624cb4
x-ms-traffictypediagnostic: DM6PR02MB4923:
x-microsoft-antispam-prvs: <DM6PR02MB4923839A5903C18FD09694E6C3A49@DM6PR02MB4923.namprd02.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:9508;
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: Kyan721A07oIfP4QrcIvc+D8+IKKS00i+nhEgzITix4Q5PLcFHxl+DojMSez50k3+D1i/8bAJ61/W3aAJTlSeE1zcGKR+J6UEzhnLGWBZujeGkHa9UY6Q7MFF5nsn2NyRQJF8m8Oewipc48cNYDvGYqUBYa8LQk179pJgvQ1RByTcFTnVAe/xPLqoSBCS/F94SwJqUiUjzW+Mzal04XvnGy2N6KsCKgJlbdbzB2FtbZ4gaG8S5GlAKJLtu1KR31nrjVYxMCMimXJ95zPXZYOVkJ+xlXL9O6yGnPFlQ9+YTHH3EclfM7Gg68ZJzXsX0gkV+ED/kRJucUZmu7Nh3ECYYvjtdH95J7KZRaDbuQZM2Pjl1WRXfvYGGyHxLvqsRZFdTgMnFED/OMacjmX8l9MOtk/AqX9/7TIHJj/5OmiV2b0xlMJeXBniNVXRmVo6bHQb5mmLCNB2E5rib8vNNrDayqHtSBiaPXTwhb/+41e+T/IHBS6E1sFE9dWk0be7Ol6pP5qN6yhXxcRRZ3PrWVdAB6hQrnuJmU7SC14G20zXM1jMKzl89LAI1g5Pyey/GhEly6gXi0q0nBW0o3jHV3F7bk0Maim9UmZ0aDZkuwYRu+DaZtgsXdg59JFfSRQaehacmzMNRh7pHJO1ee05giRdtIxAoLSRrztHxONtYUOfb7+DCersAQR7781ylrgKbxhB0Y53/qmAt7smqS+ojUQDdK2kge10XQZue1KxUbzKnByFR6rPNOOLpvj6Nl2tmyscZCzf15txi9L28fBDbNrvy8VqYd7RSI4MlSklcjyYtxId+ap86Xrfvf1UQZXSFgg8/2hYQZRdtL9DjWYHtyG0Q==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:DM6PR02MB6924.namprd02.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(366004)(966005)(33656002)(9326002)(53546011)(6506007)(21615005)(2906002)(82202003)(186003)(8676002)(64756008)(71200400001)(66946007)(66476007)(66446008)(7696005)(66556008)(66574015)(122000001)(38100700002)(15650500001)(76116006)(86362001)(38070700005)(26005)(166002)(55016002)(8936002)(508600001)(5660300002)(52536014)(83380400001)(110136005)(316002)(9686003)(579004); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: jNQZLQDcvOffC2V+VRl4gcm+oJdiexnNelTNdeB8uLHjDAgM0GDMTn9Iv/X35MIrnWXHbRxIB0PQW3mGHqjCV1roUlR86NGCxlgqeHemQ95drPEhL1APjUWUljHzmPxsRsJNxLbUJPq4CCjxjCiARQAFao6O43QQUNW+Q9Q0gA3dOE7wobWZwoRBlSv8Zk+oemIX2kueJcKGyEiDHZ5ekqscq9DJBaE3AKZjfWV/pmJcRaLA1/zBk6aPSOEdQ1woEHIxpge1zHLgMWt5mUWpd2zXDqe7M/aSqhXFtlJA1/U2+oXMt7kwhuZD6ZzOK5KCmkU9jICKaT7WxF5a0/ynRpKfDYgZ2tssLSVUQuXoCkuYRrevby5fOg0m6f+o8Sv9kXJReMxJYHIEwotZuHInOnOWi/1CRI2ALH5CwQgcSl5+ueS3GCm0/eR5a/lO7GOIc8akURALM/cw4cmTPX6QUIidrjw2o4DzlLvcbRVK0Erv7hutyeyN9RwPZa23E3budfUagku4QIIXXzk8QkgOVGcWOV8LEvnRB1MPTg5A+hbGamPI1DNieYYu1TN2heOLUi2gJy05yfH/h0nSotTNuoEQeFsBmuphTd2xQXuI2fXp03lUrR88lcKyD4yrzmFYNZY3BJjqT12f3Zy85lLp7OKtvCqGUlHMakj3rlPscu98J0X1brPqMoSyNEc+tYswiOrStUye2RFjadbo9Q66Gg5RH+8eew1opNVuq511rk5qZY3316WqnK8qiYyaYTT3uTDTDFCnIFKClBbpTDr0IZBDOSeMnkc9GhJSB++fZoDDRQNxfbI3kKxJJRKFeykNqtPv4C2X5Kfi43ij0VzcwLSlc98KUBOopBN3dF/uX/BG8VyRDk31LBBpZ9oODZGRWA78BevMoVI+zNvyB80bRSHntQyZ6e+yT9Jz++GMOXB9m0eITtEjdK8z7KDPfFhZlHSfdoSyqkyNVPLOvDi3AOOTl2Vo0thlKxw1KcGcb5fU502hNGh5EgKEw6cFvFWH1L2Tgn/FaH3Jhc2O3gtnUDXW2VPlGlo/zfF6ABRm4v24/Op9R5BiINJqMnH0EosrU3nO1Vy1AbBjtUj3fBUuv7P88/8ZhJQt97k99+WGp2tNzPrl4Cis7OVRAS8uTJw3/TD5kI6q+UIULabPA5Iy1hd49GxDVO7OkK8YsFrkm99lBEp9z7r+Q1qPXAqy4rrkx61ehBsCkU+Mn+fkrDdzSysaSGpvc4lA8Zl8tJPMFOvEgurGW/BIJBMWqDd+OFP1bedOh28elAtEuO006eiTDs/l/vOGDyXtywmKmRWkBBY=
x-ms-exchange-transport-forked: True
Content-Type: multipart/alternative; boundary="_000_DM6PR02MB69247B06F32349B37CA9A728C3A49DM6PR02MB6924namp_"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: DM6PR02MB6924.namprd02.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 346e13fc-251a-4409-3d51-08d97f624cb4
X-MS-Exchange-CrossTenant-originalarrivaltime: 24 Sep 2021 13:50:41.9491 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: e741d71c-c6b6-47b0-803c-0f3b32b07556
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: tyJExf5DSGDnZLn3pPtwKqsPjCxTMNzyMXXK9SetSbhuLTPVW37tT8UT6buu7iTe
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR02MB4923
X-OriginatorOrg: att.com
X-TM-SNTS-SMTP: D387DCC05F0AB408946DB2F88000DFECADBDFF38F52A1C436A992ED5D8B3F17D2
X-Proofpoint-ORIG-GUID: dBqpo92OJKf1Ta4rx5CZGi81hCWAmQD8
X-Proofpoint-GUID: dBqpo92OJKf1Ta4rx5CZGi81hCWAmQD8
X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.182.1,Aquarius:18.0.790,Hydra:6.0.391,FMLib:17.0.607.475 definitions=2021-09-24_04,2021-09-24_02,2020-04-07_01
X-Proofpoint-Spam-Details: rule=outbound_policy_notspam policy=outbound_policy score=0 clxscore=1011 priorityscore=1501 mlxlogscore=999 impostorscore=0 bulkscore=0 mlxscore=0 spamscore=0 suspectscore=0 malwarescore=0 adultscore=0 phishscore=0 lowpriorityscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2109230001 definitions=main-2109240085
Archived-At: <https://mailarchive.ietf.org/arch/msg/add/0dgMxN01tMEjftQTiHQMOjoUSCQ>
Subject: Re: [Add] Fwd: New Version Notification for draft-schwartz-add-ddr-forwarders-00.txt
X-BeenThere: add@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Applications Doing DNS <add.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/add>, <mailto:add-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/add/>
List-Post: <mailto:add@ietf.org>
List-Help: <mailto:add-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/add>, <mailto:add-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 24 Sep 2021 13:51:18 -0000
Hi Ben, I really like the idea presented in this draft. I think it could be very helpful to many end users – allowing automated upgrade to DoH for people behind DNS proxies who aren’t using any filtering in those DNS proxies. I have just a few comments. I think there needs to be a more complete definition of “non-public IP address” (or perhaps a more refined and specific set IP addresses of where this relaxed validation might be considered). I’m thinking it might be good to restrict to an IPv4 address on the same subnet, an IPv6 address in an on-link prefix, or 127.0.0.0/8. This latter would be for clients that make use of stub resolvers. Note that an IPv4 subnet and IPv6 on-link prefix could be comprised of globally routable addresses – so not necessarily “non-public” as some people might understand that word. But since we’re all trying to head for IPv6, I think it’s good to recognize that the IPv6 address being advertised for DNS proxies tends to be from the delegated prefix and not ULAs. And it might be good if we could support this case. I’m not too sure about the 6.1.1 mitigation solution related to implementing DNR. It’s not that it’s necessarily wrong -- it’s just not really a part of DDR-based discovery and there’s no rules around how DDR and DNR interact. I think the 6.1.2 and 6.1.3 mitigations should somehow be strongly recommended in conjunction with this technique. Though I understand the desire to avoid normative language, I still think it would be beneficial to use some lowercase recommending words. BTW, I really like how short and readable the draft is. 😊 Thx, Barbara From: Add <add-bounces@ietf.org> On Behalf Of Ben Schwartz Sent: Tuesday, September 21, 2021 9:25 AM To: ADD Mailing list <add@ietf.org> Subject: [Add] Fwd: New Version Notification for draft-schwartz-add-ddr-forwarders-00.txt Hi ADD, I've written a new draft regarding DDR and legacy DNS forwarders ("the 85% problem"). This replaces my previous proposed changes to the DDR draft. Note that this draft's "intended status" is currently "Informational", on the theory that we are more likely to reach consensus (and stay within the charter) if we aren't trying to make normative rules about client policy details. --Ben ---------- Forwarded message --------- From: <internet-drafts@ietf.org<mailto:internet-drafts@ietf.org>> Date: Tue, Sep 21, 2021 at 10:10 AM Subject: New Version Notification for draft-schwartz-add-ddr-forwarders-00.txt To: Benjamin Schwartz <bemasc@google.com<mailto:bemasc@google.com>> A new version of I-D, draft-schwartz-add-ddr-forwarders-00.txt has been successfully submitted by Benjamin Schwartz and posted to the IETF repository. Name: draft-schwartz-add-ddr-forwarders Revision: 00 Title: Discovery of Designated Resolvers in the Presence of Legacy Forwarders Document date: 2021-09-21 Group: Individual Submission Pages: 9 URL: https://www.ietf.org/archive/id/draft-schwartz-add-ddr-forwarders-00.txt Status: https://datatracker.ietf.org/doc/draft-schwartz-add-ddr-forwarders/ Html: https://www.ietf.org/archive/id/draft-schwartz-add-ddr-forwarders-00.html Htmlized: https://datatracker.ietf.org/doc/html/draft-schwartz-add-ddr-forwarders Abstract: This draft describes how the Discovery of Designated Resolvers (DDR) standard interacts with legacy DNS forwarders, including potential incompatibilities and relevant mitigations. Discussion Venues This note is to be removed before publishing as an RFC. Discussion of this document takes place on the mailing list (add@ietf.org<mailto:add@ietf.org>), which is archived at https://mailarchive.ietf.org/arch/browse/add/. Source for this draft and an issue tracker can be found at https://github.com/bemasc/ddr-forwarders. The IETF Secretariat
- [Add] Fwd: New Version Notification for draft-sch… Ben Schwartz
- Re: [Add] Fwd: New Version Notification for draft… STARK, BARBARA H
- Re: [Add] Fwd: New Version Notification for draft… Chris Box
- Re: [Add] Fwd: New Version Notification for draft… Ben Schwartz