IETF Logo Mail Archive

Re: [Add] DNR's SvcParams encoding

Erik Nygren <erik+ietf@nygren.org> Mon, 02 October 2023 19:30 UTC

Return-Path: <nygren@gmail.com>
X-Original-To: add@ietfa.amsl.com
Delivered-To: add@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C8C22C151064 for <add@ietfa.amsl.com>; Mon, 2 Oct 2023 12:30:02 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.405
X-Spam-Level:
X-Spam-Status: No, score=-1.405 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FREEMAIL_FORGED_FROMDOMAIN=0.25, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.249, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MbWDR4semgrw for <add@ietfa.amsl.com>; Mon, 2 Oct 2023 12:29:58 -0700 (PDT)
Received: from mail-wm1-f42.google.com (mail-wm1-f42.google.com [209.85.128.42]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A01AFC15107D for <add@ietf.org>; Mon, 2 Oct 2023 12:29:58 -0700 (PDT)
Received: by mail-wm1-f42.google.com with SMTP id 5b1f17b1804b1-405361bb94eso1476415e9.0 for <add@ietf.org>; Mon, 02 Oct 2023 12:29:58 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1696274997; x=1696879797; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=g8H62kVc8LiAcrwO3w5eLF39+nAiqhfU4U0OvGxWO0U=; b=qtvzV5lG16azaSmxd5mwRvZ/BSm3kNqIk9gpuzz2+KbhyeMdBmxVKNyYufu5XKhz7V XzVK5vobEiuMIqGUEvRu9mmQlYHkRagygrBhUPLKqgp0LWyOHN21vv8+NMSLmP+AfaWy e4rKxndbOK86MZVfN8WnuelxJGI4ILPu0FcryIZZukyM/wBZUKekJJ0s6dMUUUlU2Rmt TZVViK7u8ov2iK9o0t4pp64bAhWm90BI+Jske75qIDWcNLOEaNCviqokJuubGb6F5tvO 5Et+22cSoJrzQ3DHKATImVQxyganLPHm0C4TVLHb+dey3gRxpppSf/DXDEc2PaU459a1 FqQA==
X-Gm-Message-State: AOJu0Yy9Iwl7X0VJB4m3R78bD1iTWV/JtopBD4Mq3vY2SQ8C6h0gZY6x k0tbKFYzqwy5N0jwP6mpUPxVGtOYMn1N7veRkcQ=
X-Google-Smtp-Source: AGHT+IGn1YdwonAUVXS3/CuF9yIytzFG1d48LDp6MRGumVfTgBkNxQ5i23JX9S4GH8sRl7Mman2ljUB2njp0zib2owA=
X-Received: by 2002:a5d:4052:0:b0:321:71be:3484 with SMTP id w18-20020a5d4052000000b0032171be3484mr10152469wrp.21.1696274996566; Mon, 02 Oct 2023 12:29:56 -0700 (PDT)
MIME-Version: 1.0
References: <DU2PR02MB101600E0EF4F9DFD31E64192F88C7A@DU2PR02MB10160.eurprd02.prod.outlook.com> <D707F587-DBFA-46E5-8B4E-63592E621875@apple.com>
In-Reply-To: <D707F587-DBFA-46E5-8B4E-63592E621875@apple.com>
From: Erik Nygren <erik+ietf@nygren.org>
Date: Mon, 02 Oct 2023 15:29:44 -0400
Message-ID: <CAKC-DJjMwB9Aite7FS+J8DzVjTpgyq+b5Qju_MnBYAmXADYBKQ@mail.gmail.com>
To: Tommy Pauly <tpauly=40apple.com@dmarc.ietf.org>
Cc: mohamed.boucadair@orange.com, Tommy Jensen <Jensen.Thomas=40microsoft.com@dmarc.ietf.org>, Chris Box <chris.box.ietf@gmail.com>, Ben Schwartz <bemasc=40meta.com@dmarc.ietf.org>, ADD Mailing list <add@ietf.org>
Content-Type: multipart/alternative; boundary="0000000000009ca2c70606c0cc16"
Archived-At: <https://mailarchive.ietf.org/arch/msg/add/omzrIa767sc53UbR9q6f7aiyAHM>
Subject: Re: [Add] DNR's SvcParams encoding
X-BeenThere: add@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Applications Doing DNS <add.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/add>, <mailto:add-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/add/>
List-Post: <mailto:add@ietf.org>
List-Help: <mailto:add-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/add>, <mailto:add-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 02 Oct 2023 19:30:02 -0000

I was also assuming this would be the wire format and am surprised that it
is presentation format (which was meant to just be in human-edited zone
files or other serializations).  I also suspect it was missed due to
referencing the section number without a description of which section so
readers jumped to the conclusion of which seemed obvious to them.  (eg,
wire format as being the obvious encoding for something on the wire.)

Much of the presentation format encoding is also specific to
representations in DNS zone files.  It took enough iterations to handle all
of the corner-cases around escaping and encoding, with some of that
referencing how DNS zone files assume things will be in presentation
format, that using presentation format on the wire is going to open up a
ton of opportunities for interop issues and bugs.  Even the section now
covering this ("Decoding text in zone files") is about zone files.

Lots of ambiguity issues start showing up if we include the presentation
format, as well as interop issues which are primarily addressed through the
wire format but not as clearly in the presentation format.  Some of these
also open up potentials for security vulnerabilities.

If we were to expect clients to interop by sending messages in presentation
format there are likely sets of design and security considerations which
we'd need to address which aren't addressed in the draft(s).

As an example, that "key1=\1522" and "alpn=h2" are the same thing and both
valid seems like a horrible thing to have to put into DHCP clients.

I'd be strongly in-favor of clarifying/fixing this to use wire format even
if it means delay in getting the cluster out.  (We should probably have the
drafts be clear that this is "wire format" in their text as well, not just
give a section reference.)

     Erik



On Sat, Sep 30, 2023 at 10:08 PM Tommy Pauly <tpauly=
40apple.com@dmarc.ietf.org> wrote:

> My impression is that the blob should be a binary-encoded blob. The DHCP
> server can be provisioned with the same data as a DDR server for these
> properties, and doesn’t require the router understanding the specific
> values contained within the blob.
>
> Regarding implementations, my impression is that we don’t yet have
> deployments of clients using this, so it’s not like this is too late. It
> also seems from this list that the majority of people assumed this was wire
> format, not string format. This does look like a bug in the spec.
>
> Tommy P
>
> On Sep 30, 2023, at 1:01 AM, mohamed.boucadair@orange.com wrote:
>
> 
>
> Hi Tommy,
>
>
>
> I have no problem to make a change if there is a bug, but it isn’t for
> this specific case.
>
>
>
> The rationale why we had 2.1 is to avoid requiring updating DHCP servers
> (or routers for RA) when new service parameters are defined. With the
> current approach, there is no need for server implementation to map a
> configured service parameter to an assigned IANA integer value in order to
> send it on the wire. The server just supplies the blob to clients (modulo
> validation in 2.1) which pass it to a DNS library.
>
> I also have a concern that we will be breaking existing implems such as
> the one I already cited.
>
>
>
> Cheers,
>
> Med
>
>
>
> *De :* Add <add-bounces@ietf.org> *De la part de* Tommy Jensen
> *Envoyé :* vendredi 29 septembre 2023 20:58
> *À :* Tommy Pauly <tpauly=40apple.com@dmarc.ietf.org>; Ben Schwartz
> <bemasc=40meta.com@dmarc.ietf.org>; ADD Mailing list <add@ietf.org>
> *Cc :* Chris Box <chris.box.ietf@gmail.com>
> *Objet :* Re: [Add] [EXTERNAL] Re: DNR's SvcParams encoding
>
>
>
> Merging forks.
>
>
>
> Med, I did the archaeology and also saw this was here since -01. I’m going
> to admit my part in this as a supporter of the wire format, both as a
> co-author and as a client implementor. I did not read carefully enough and
> assumed the reference to SVCB enabled the wire format, not the presentation
> format, given the reuse of parsers between DNR and DDR, along with the
> concerns Ben is likely referring to with presentation format on the wire.
>
>
>
> Anyway, the point isn’t that this is a new objection, just a failure on us
> collectively in determining that we ended up addressing what we thought was
> there. I’m as big a fan of DNR as the next person, though I now wish we had
> gotten to our prototype sooner.
>
>
>
> I don’t know what the process is for making this change, but even if it
> means pulling it back to the WG, I think we need to fix this before we are
> all stuck with 1) using text format on the wire, 2) all violating RFC, 3)
> doing an immediate -bis. I say that with all the pain of a co-author of two
> docs in this AUTH48 cluster, which I know others share. Silver lining: at
> least we do have time to discuss this, even if at the 11.99th hour.
>
>
>
> Thanks,
>
> Tommy
>
>
>
>
>
> *From:* Add add-bounces@ietf.org *On Behalf Of *
> mohamed.boucadair@orange.com
> *Sent:* Friday, September 29, 2023 10:53 AM
> *To:* Ben Schwartz bemasc=40meta.com@dmarc.ietf.org; Chris Box
> chris.box.ietf@gmail.com; ADD Mailing list add@ietf.org
> *Subject:* [EXTERNAL] Re: [Add] DNR's SvcParams encoding
>
>
>
> Hi all,
>
>
>
> It is surprising to raise this objection now given that text was there
> since -01: https://datatracker.ietf.org/doc/draft-ietf-add-dnr/01/ (May
> 2021) and the intent was clarified during the AD review. The rationale was
> to supply a blob in DHCP, not inherit DNS wire format.
>
>
>
> I even had a thread with Chris with that section explicitly mentioned:
> https://mailarchive.ietf.org/arch/msg/add/05eABH5YubZPoqj3wBMMdsdhTrg/.
>
>
>
> FWIW, I know that at least
> https://reports.kea.isc.org/dev_guide/d7/dee/classisc_1_1dhcp_1_1DnrInstance.html#a7f272a5323080bcf23228dc66c4069d5
> followed that encoding.
>
>
>
> Cheers
>
> *From:* Add <add-bounces@ietf.org> *On Behalf Of *Tommy Pauly
> *Sent:* Friday, September 29, 2023 11:23 AM
> *To:* Ben Schwartz <bemasc=40meta.com@dmarc.ietf.org>; ADD Mailing list <
> add@ietf.org>
> *Cc:* Chris Box <chris.box.ietf@gmail.com>
> *Subject:* [EXTERNAL] Re: [Add] DNR's SvcParams encoding
>
>
>
> I would also expect interpretation A. Agreed with Ben about concerns for B.
>
>
>
> I expect that this wasn’t caught since it is easy to not follow the
> Section 2.1 reference and assume it is applying to the wire format.
>
>
>
> Thanks,
>
> Tommy
>
>
>
> On Sep 29, 2023, at 10:33 AM, Ben Schwartz <
> bemasc=40meta.com@dmarc.ietf.org> wrote:
>
>
>
> I expected interpretation A, and would correct the reference to point to
> Section 2.2.  I would have serious concerns about publication under
> interpretation B.
>
>
>
> --Ben Schwartz
> ------------------------------
>
> *From:* Add <add-bounces@ietf.org> on behalf of Chris Box <
> chris.box.ietf@gmail.com>
> *Sent:* Friday, September 29, 2023 1:27 PM
> *To:* ADD Mailing list <add@ietf.org>
> *Subject:* [Add] DNR's SvcParams encoding
>
>
>
> *This Message Is From an Untrusted Sender *
>
> You have not previously corresponded with this sender.
>
> Hi everyone
>
>
>
> DNR is currently in the RFC queue, as part of a cluster in AUTH48 (
> https://www.rfc-editor.org/cluster_info.php?cid=C461).
>
> As part of recent implementation work, it's become apparent to me that
> there are two possible interpretations of DNR's description of the wire
> encoding of SvcParams.
>
>
> DNR draft 16 says this.
>
>
>
>    Service Parameters (SvcParams) (variable length):  Specifies a set of
>       service parameters that are encoded following the rules in
>       Section 2.1 of [I-D.ietf-dnsop-svcb-https].  Service parameters
>       may include, for example, a list of ALPN protocol identifiers or
>       alternate port numbers.  This field SHOULD include at least "alpn"
>       SvcParam.  The "alpn" SvcParam may not be required in contexts
>       such as a variant of DNS over CoAP where messages are encrypted
>       using OSCORE.  The service parameters MUST NOT include "ipv4hint"
>       or "ipv6hint" SvcParams as they are superseded by the included IP
>       addresses.
>
>
>
> I'll describe the two different ways to understand that.
>
>
>
> *Human interpretation A*
>
> Section 2.1
> <https://datatracker.ietf.org/doc/html/draft-ietf-dnsop-svcb-https-12#section-2.1>
>  is "Zone file presentation format". This interpretation considers that
> this section is simply a description of how such information would appear
> if it was in a zone file, and does not define a wire format. In the case of
> DNR, this implies that the wire format of the SvcParams field of the DHCP
> option ought to follow Section 2.2
> <https://datatracker.ietf.org/doc/html/draft-ietf-dnsop-svcb-https-12#section-2.2>
>  which is "RDATA wire format".
>
> An example DNR option response could be:
>
> Tag (0xA2)
>
> Length
>
> DNR Instance Data Length
>
> Service Priority (0x0001)
>
> ADN Length
>
> ADN (0x04 "doh1" 0x07 "example" 0x03 "com" 0x00)
>
> Addr Length
>
> Address (0xC0 0x0 0x2 0x1)
>
> SvcParams (0x0001 0x0002 "h2" 0x0007 0x0010 "/dns-query{?dns}")
>
>
> This is a format where the last part is similar to what a DDR client would
> receive in the answer to its SVCB request. So in that sense, DNR is similar
> to DDR.
>
>
> *Human interpretation B*
>
> Section 2.1
> <https://datatracker.ietf.org/doc/html/draft-ietf-dnsop-svcb-https-12#section-2.1>
>  is followed literally, and therefore the wire format of the SvcParams is
> in zone file format.
>
> Tag (0xA2)
>
> Length
>
> DNR Instance Data Length
>
> Service Priority (0x0001)
>
> ADN Length
>
> ADN (0x04 "doh1" 0x07 "example" 0x03 "com" 0x00)
>
> Addr Length
>
> Address (0xC0 0x0 0x2 0x1)
>
> SvcParams ("alpn=h2 dohpath=/dns-query{?dns}")
>
>
> This obviously requires textual parsing by the recipient, which is
> different to DDR.
>
>
> My question to you all is: when you considered DNR during WGLC, which
> interpretation did you have? Rough concensus was declared, but I wonder
> whether we all had the same interpretation of the meaning of the text when
> we did so.
>
> Looking back, I see Eric did pick up on this ambiguity in his AD review:
> https://mailarchive.ietf.org/arch/msg/add/SFIpMWvnhzTkMDWKQkrl_jGMC6E/ He
> expressed doubt about interpretation B, but did not block. Unfortunately I
> did not see this exchange at the time.
>
>
>
> Which interpretation did you consider at the time?
>
>
>
> Chris
>
> --
> Add mailing list
> Add@ietf.org
> https://www.ietf.org/mailman/listinfo/add
>
>
>
> ____________________________________________________________________________________________________________
> Ce message et ses pieces jointes peuvent contenir des informations confidentielles ou privilegiees et ne doivent donc
> pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce message par erreur, veuillez le signaler
> a l'expediteur et le detruire ainsi que les pieces jointes. Les messages electroniques etant susceptibles d'alteration,
> Orange decline toute responsabilite si ce message a ete altere, deforme ou falsifie. Merci.
>
> This message and its attachments may contain confidential or privileged information that may be protected by law;
> they should not be distributed, used or copied without authorisation.
> If you have received this email in error, please notify the sender and delete this message and its attachments.
> As emails may be altered, Orange is not liable for messages that have been modified, changed or falsified.
> Thank you.
>
> --
> Add mailing list
> Add@ietf.org
> https://www.ietf.org/mailman/listinfo/add
>
> --
> Add mailing list
> Add@ietf.org
> https://www.ietf.org/mailman/listinfo/add
>

v2.23.0 | Report a Bug | By Email