IETF Logo Mail Archive

Re: [Add] Agenda and Revised Charter for the ABCD BoF

Patrick McManus <mcmanus@ducksong.com> Sat, 16 November 2019 05:05 UTC

Return-Path: <mcmanus@ducksong.com>
X-Original-To: add@ietfa.amsl.com
Delivered-To: add@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6CEDE12007C for <add@ietfa.amsl.com>; Fri, 15 Nov 2019 21:05:32 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ducksong.com header.b=pzhZC8EM; dkim=pass (2048-bit key) header.d=outbound.mailhop.org header.b=s72LRh2k
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id kiNlQvniXnZu for <add@ietfa.amsl.com>; Fri, 15 Nov 2019 21:05:29 -0800 (PST)
Received: from outbound1b.ore.mailhop.org (outbound1b.ore.mailhop.org [54.200.247.200]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 595CC1200B6 for <add@ietf.org>; Fri, 15 Nov 2019 21:05:29 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1573880729; cv=none; d=outbound.mailhop.org; s=arc-outbound20181012; b=O7MGJICZ4meRx9/11EeaEbP1FIqmxCjsZknVxpkD3q8LbbST5XTInJWd1dgwjgoOZEbgVf0pFeYI8 Qvu7HLnkT5mq1eI0QbbH1Jy5+e1AWJEOGPlJuZm6k1Ri22Vsvv6dtQVCEOZYpZJ9JdYIpvoDA+6wTW DtAmdGLyW7JEoZxVZZnO8yIlBHC2J315qrx/uNB7ImaaHmCFeF4V14fatcNnOaj507yh8T1EkdU9z6 AC2Hj/2hNkPCO946Zr3t9gfd60Uz5mURZo+QrPen30f9F1mLispbqwMlzGUZYG/9Y+zJH5dKTf7KHE 3samFK9kQNW9tuJQgYxE4xPQQiExakA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=outbound.mailhop.org; s=arc-outbound20181012; h=content-type:cc:to:subject:message-id:date:from:in-reply-to:references: mime-version:dkim-signature:dkim-signature:from; bh=CK9pfvhTOPCHl7n+GsdnWvNVMOkTBekmBAKqW9Yr3vk=; b=GkJbP5ERdoxOIog9Pq2kiJkmKX4n/C0TIkQCCsbt6h3NU4aUAFW3zhziEHYAkLvM2fIpZjUvQRhFB l7mm28IFP95q0EP24v1c2EGBlfWtjQ6fFZkhgDxIhTWoDKbSrbhjuqHdWeRu6DXjhZhpyoI8C5ajvY isPrIQG/P2B9SuaPt6czg9JCY5vneMvANLaFog9n2dgZgVx974L6K4245vTmcP8Y/J3xaQvDGijycF J0if1Vr+/wc4Lvzc6RmTxGk6gsPRhptT5KB9DhNxGPC1K356RaaoLl6pcAp4rXtPcTIbofIa69QW/+ 1Yy+wGwcQOViyxk4Hs6flXhw6lmPnwA==
ARC-Authentication-Results: i=1; outbound3.ore.mailhop.org; spf=pass smtp.mailfrom=ducksong.com smtp.remote-ip=209.85.167.180; dmarc=none header.from=ducksong.com; arc=none header.oldest-pass=0;
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ducksong.com; s=duo-1537391512170-ea99bbb3; h=content-type:cc:to:subject:message-id:date:from:in-reply-to:references: mime-version:from; bh=CK9pfvhTOPCHl7n+GsdnWvNVMOkTBekmBAKqW9Yr3vk=; b=pzhZC8EMdYm5e5nK7L3OioXQ2Q8HWF2i5Sfl+GkOxHW7Hq8tf0UcAyCilsqc5mrrd2fJWJYN2Iycv LTV2EkJjP7uVhpXkfnWpQ4sz9FeiijonDedLJXqr5CaNepejWcNu8Vrm+ZC2bVKJI+n9NqkCaB+aPa dmYj1/K7P1J2bkEI=
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=outbound.mailhop.org; s=dkim-high; h=content-type:cc:to:subject:message-id:date:from:in-reply-to:references: mime-version:from; bh=CK9pfvhTOPCHl7n+GsdnWvNVMOkTBekmBAKqW9Yr3vk=; b=s72LRh2kqOHXKOw0WhtPWBmzf3V2/Kg635JDPKQR1eHpW+J+JARILhmkytukHfy09YBWTs/wCO1sm yl2XulJM77olLhBXTgql/+MdqTlsRmRca5Yvw91WjF5s0XIzRraVEfp+5RPYHENwiAPDNKNE6FyQzd CK0LC/v/JCQP0p+ltdjSJBnwJH4bA60cmPPvwX30jVgqRSL1kJW9awJnYKV+xTB7rkq1SFcZ0YD0qy ikMKUEAvQp1DfTXlUIq6AuQF86dHlxr7byM4nzBs2A6g4FbIWtWg0WGY3+c9tO437Q9POtr2zg19Wp C/uPgxGYTpq/HB9pKCFB7UFlDYQku9g==
X-MHO-RoutePath: bWNtYW51cw==
X-MHO-User: b38810ac-082e-11ea-b80c-052b4a66b6b2
X-Report-Abuse-To: https://support.duocircle.com/support/solutions/articles/5000540958-duocircle-standard-smtp-abuse-information
X-Originating-IP: 209.85.167.180
X-Mail-Handler: DuoCircle Outbound SMTP
Received: from mail-oi1-f180.google.com (unknown [209.85.167.180]) by outbound3.ore.mailhop.org (Halon) with ESMTPSA id b38810ac-082e-11ea-b80c-052b4a66b6b2; Sat, 16 Nov 2019 05:05:26 +0000 (UTC)
Received: by mail-oi1-f180.google.com with SMTP id e9so10578518oif.8 for <add@ietf.org>; Fri, 15 Nov 2019 21:05:26 -0800 (PST)
X-Gm-Message-State: APjAAAWfnbeb78fh7elxcF3cUjjUnizKsVLhA3+NMCDAtYJbV2SwvYYb ttWH2k2KQ8tAq/WSrFLlxZI1lTu4m0PW3FZg5zw=
X-Google-Smtp-Source: APXvYqxqtFoKMSZpha5DNaFz5vb2t6drgbEznVqVpa7a4F1Up/HBXVJj9V42xsVHnKhLj7SslKC4tdmsI73CBdT0bnI=
X-Received: by 2002:aca:adc1:: with SMTP id w184mr10277739oie.138.1573880725966; Fri, 15 Nov 2019 21:05:25 -0800 (PST)
MIME-Version: 1.0
References: <CAHbrMsCcmFH2Kk2fEPeUvW25HBz22YUczYebfia5ofLqHcDkqA@mail.gmail.com> <254AEFB0-F930-466B-8BB6-707D5CE72657@fl1ger.de> <CAHbrMsBH+2zem_BmQjAvMzSNSi+cSAPm75sGX+rx-BKz4GHotA@mail.gmail.com>
In-Reply-To: <CAHbrMsBH+2zem_BmQjAvMzSNSi+cSAPm75sGX+rx-BKz4GHotA@mail.gmail.com>
From: Patrick McManus <mcmanus@ducksong.com>
Date: Sat, 16 Nov 2019 00:05:13 -0500
X-Gmail-Original-Message-ID: <CAOdDvNq5iHxGVEOPM15orO+K4FOv8v0BrxuWFWgkaQLs9i=O0A@mail.gmail.com>
Message-ID: <CAOdDvNq5iHxGVEOPM15orO+K4FOv8v0BrxuWFWgkaQLs9i=O0A@mail.gmail.com>
To: Ben Schwartz <bemasc=40google.com@dmarc.ietf.org>
Cc: Ralf Weber <dns@fl1ger.de>, ADD Mailing list <add@ietf.org>
Content-Type: multipart/alternative; boundary="0000000000009718c805976fa9f7"
Archived-At: <https://mailarchive.ietf.org/arch/msg/add/gGnsUL-9aEHvzmDandDguzN77Ik>
Subject: Re: [Add] Agenda and Revised Charter for the ABCD BoF
X-BeenThere: add@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Applications Doing DNS <add.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/add>, <mailto:add-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/add/>
List-Post: <mailto:add@ietf.org>
List-Help: <mailto:add-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/add>, <mailto:add-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 16 Nov 2019 05:05:32 -0000

This charter just seems like a suggestion for a perpetual forum to argue
and, afaict, isn't actually expected to produce anything.. it just has some
things that if they were published would belong in the proposed wg.

Please don't make us collectively relive the ADD side meeting every full
meeting.

My suggestion: If the proponents believe that a group can publish a
document on (e.g.) "Communicating configuration between the network,
operating system, and applications" please write a charter with that as the
goal of the group and the BoF can do the usual thing of deciding whether
that is a problem worth solving, is well understood, and has a chance of
success. If it works out - recharter the group for new work.

As is the charter fails those tests by putting everything in scope but
requiring nothing at the same time.

-Patrick


On Thu, Nov 14, 2019 at 1:14 PM Ben Schwartz <bemasc=
40google.com@dmarc.ietf.org> wrote:

>
>
> On Thu, Nov 14, 2019 at 7:42 AM Ralf Weber <dns@fl1ger.de> wrote:
>
>> Moin!
>>
>> On 13 Nov 2019, at 2:32, Ben Schwartz wrote:
>> > Please review the agenda and proposed charter, and join us next week
>> > for a
>> > full discussion.
>>  From the proposed charter:
>> > This working group will consider technical drafts on DNS client
>> > configuration, especially with a focus on the following items where
>> > technical consensus seems obtainable:
>> >
>> > - Communicating configuration between the network, operating system,
>> > and
>> > applications
>> > - Discovery of resolvers and their capabilities and behaviors
>> > - Query routing in a multi-resolver environment
>> This is ambiguous.
>
>
> I think this is very closely related to the next entry on the list, so we
> should understand them together.  Perhaps they should be combined
>
>
>> If it describes the current /etc/resolv.conf that’s
>> fine,
>
>
> That would be in-scope (and there has been some innovation here related to
> retry behavior, load spreading, etc. which could be documented).
>
> but I fear that it describes something where you ask “resolver
>> A” for example.com and “resolver B” for example.net.
>
>
> I think designs of this kind would also be in-scope.
>
>
>> I don’t think that there is consensus for such an approach.
>>
>
> I don't think there is a single approach here; it seems to me that there
> is a vast range of possible client behaviors related to multiple
> resolvers.  Recommending a single behavior universally might be
> controversial, but I think there is plenty of room for productive technical
> discussion in this area without triggering reflexive disagreement.
>
>
>> > - Multiple non-equivalent query paths, such as split-horizon DNS or
>> > geo-sensitive answers
>>
>
> As an example of the kinds of issues that come up here, consider Mozilla's
> default behavior [1], in which an NXDOMAIN response from the primary
> resolution path triggers a retry of the query on a second resolution path.
> This is an interesting choice with particular privacy, security,
> compatibility, and performance properties.  Perhaps it's worth specifying
> this solution in more detail, or perhaps defining a range of solutions with
> different properties.  I believe we can discuss the properties of different
> stub state-machines without debating Mozilla's method for choosing the
> primary resolver.
>
> [1]
> https://support.mozilla.org/en-US/kb/dns-over-https-doh-faqs#w_how-does-firefox-handle-split-horizon-dns
> <https://support..mozilla.org/en-US/kb/dns-over-https-doh-faqs#w_how-does-firefox-handle-split-horizon-dns>
>
>
>> > - Local DNS caches (e.g. partitioning, use of stale records)
>> > - Resilience and fault-tolerance (e.g. single points of failure)
>> > - Support for debugging and analysis
>> > - DNS Push (accepting responses to queries that have not yet been
>> > issued)
>> Same thing I don’t think that there is consensus on this.
>
>
> We don't need consensus that a topic is worthwhile in order to include it
> in a working group charter.  We merely need to believe that there is some
> positive interest and potential for a technical consensus to emerge without
> derailing the working group's other topics.
>
>
>> I personally
>> think it is a bad idea, but I seem to recall from earlier discussions
>> that others agreed with me. IMHO this belongs in the relevant, but more
>> challenging for  consensus building category.
>>
>
> I don't think this topic is particularly controversial, and versions of
> this idea have been considered previously without major incident, e.g.
> [2].  This is purely a performance question; there is little security
> relevance, because we are speaking about answers delivered from the same
> resolver and query path as all the other DNS responses.
>
> In any case, RFC 8484 DoH already defines DNS Push (Section 5.3), along
> with some rules about when it cannot be used.  It does not, however,
> provide any additional guidance that might support practical use, and has
> some significant limitations.  Including this topic would allow us to
> improve the specification of DNS Push, or indeed deprecate it if that is
> the technical consensus.
>
> [2] https://tools.ietf.org/html/draft-wkumari-dnsop-multiple-responses-05
>
> So long
>> -Ralf
>> —--
>> Ralf Weber
>>
> --
> Add mailing list
> Add@ietf.org
> https://www.ietf.org/mailman/listinfo/add
>

v2.23.0 | Report a Bug | By Email