Re: [dane] Behavior in the face of no answer?
Adam Langley <agl@imperialviolet.org> Mon, 07 May 2012 15:45 UTC
Return-Path: <alangley@gmail.com>
X-Original-To: dane@ietfa.amsl.com
Delivered-To: dane@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix)
with ESMTP id 870FB21F862A for <dane@ietfa.amsl.com>;
Mon, 7 May 2012 08:45:39 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.977
X-Spam-Level:
X-Spam-Status: No, score=-2.977 tagged_above=-999 required=5
tests=[BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com
[127.0.0.1]) (amavisd-new, port 10024) with ESMTP id GM8vxz8PxXko for
<dane@ietfa.amsl.com>; Mon, 7 May 2012 08:45:38 -0700 (PDT)
Received: from mail-yx0-f172.google.com (mail-yx0-f172.google.com
[209.85.213.172]) by ietfa.amsl.com (Postfix) with ESMTP id 6650B21F8620 for
<dane@ietf.org>; Mon, 7 May 2012 08:45:38 -0700 (PDT)
Received: by yenq13 with SMTP id q13so601986yen.31 for <dane@ietf.org>;
Mon, 07 May 2012 08:45:38 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
h=mime-version:sender:in-reply-to:references:date
:x-google-sender-auth:message-id:subject:from:to:cc:content-type;
bh=D8UBdu+6wd1gLVvh8LVtFZ7NmN8yBqfVahuJjnj+eCo=;
b=aE7e00VRKVoxrxAUlmUGMsIxD3uFGt/Loj2F3dlkhMgFqu6Xpe3Rn+wfluPVre0x1E
dLa4o/N+FHucvvAWZzX0dAohVEwZOLkkikiyzZrCIcFpCM5wn44Cr9ZUSK8eGjXNFxWQ
6fsVH4r1FeX9R/T83FZF/waubytYOImeXtn1Hf/NClzRaD8pcsI6qu00DEKd+ut5MQpC
XJiI1MfSPtruznN8fnooubdlDDq5UDFGDvisyPiR6OMxeMlotR+K95lBvqFb/l/D9rFd
Sye2NFIaNcADlEOsU31cSzWI9kulNDdpeMzXDti9YuFvTVvaZGiGK1LK0ONNlB1+YVLE L7Yw==
MIME-Version: 1.0
Received: by 10.50.154.169 with SMTP id vp9mr8242289igb.71.1336402020754;
Mon, 07 May 2012 07:47:00 -0700 (PDT)
Sender: alangley@gmail.com
Received: by 10.42.144.66 with HTTP; Mon, 7 May 2012 07:47:00 -0700 (PDT)
In-Reply-To: <4FA5D178.8030405@nic.cz>
References: <20120504023602.GA4683@mail.yitter.info>
<CABcZeBO93n_C5detefBcOjAoswe2inGKDj65gQPDQmREyGnhAw@mail.gmail.com>
<20120504112922.GB4929@mail.yitter.info>
<CABcZeBPTTa07iUHo9XL5WrHGMYHwaQzs6xYtiF25O4Jek8E3RQ@mail.gmail.com>
<20120504144426.GD4929@mail.yitter.info>
<CABcZeBOM_0L42Rng75AsVda9u4G=FH8=OB8Qg=nQpL-BzRoBuQ@mail.gmail.com>
<3FF36EBA-F8B1-4D66-BA00-E8E36A7E449D@kumari.net>
<CABcZeBP2iRLa76rSXu4A0OwFxP=tqK1ShZ6wv=6wnaEC6uad+w@mail.gmail.com>
<CAMfhd9XYS=9SGotCTwa7NJU4L8WFys2rDVsQZxn4a0wz+NxS3Q@mail.gmail.com>
<6015A12B-8CA9-426B-9AFF-32CD4211DAB5@vpnc.org>
<20120504165311.GB7394@mail.yitter.info> <4FA5D178.8030405@nic.cz>
Date: Mon, 7 May 2012 10:47:00 -0400
X-Google-Sender-Auth: MPnIcLlg1oEwszXr24Ezrpw9nSc
Message-ID: <CAMfhd9X-3sRZo3RBE5hNKHb50L+Xj-UuaVD7z9tdg7S9K2Q0Kw@mail.gmail.com>
From: Adam Langley <agl@imperialviolet.org>
To: Ondrej Mikle <ondrej.mikle@nic.cz>
Content-Type: text/plain; charset=UTF-8
Cc: dane@ietf.org
Subject: Re: [dane] Behavior in the face of no answer?
X-BeenThere: dane@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: DNS-based Authentication of Named Entities <dane.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dane>,
<mailto:dane-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dane>
List-Post: <mailto:dane@ietf.org>
List-Help: <mailto:dane-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dane>,
<mailto:dane-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 07 May 2012 15:45:40 -0000
On Sat, May 5, 2012 at 9:18 PM, Ondrej Mikle <ondrej.mikle@nic.cz> wrote: > Another goal of the scan is to find statistics on average/maximum size of > DNSSEC-stapled structure (as Jim Schaad asked - > https://www.ietf.org/mail-archive/web/dane/current/msg04694.html), which is > heavily influenced by number of zones traversed by CNAMEs/DNAMEs (ask away if > you're interested in other stats). My (very rough) rule of thumb is that it's ~2.5KB. Getting from . to a TLD is ~600 bytes. The TLDs tend to have a two key structure (I assume because updating DS records at the root is very hard?), and that's about another ~1200 bytes. Most of the time I assume that the record is sitting one zone above the TLD and that the zone only has a single key. So that ends up being about 2000-2500 bytes in total. Cheers AGL -- Adam Langley agl@imperialviolet.org http://www.imperialviolet.org
- [dane] Behavior in the face of no answer? Eric Rescorla
- Re: [dane] Behavior in the face of no answer? Nicholas Weaver
- Re: [dane] Behavior in the face of no answer? Paul Hoffman
- Re: [dane] Behavior in the face of no answer? Andrew Sullivan
- Re: [dane] Behavior in the face of no answer? Paul Wouters
- Re: [dane] Behavior in the face of no answer? Eric Rescorla
- Re: [dane] Behavior in the face of no answer? Eric Rescorla
- Re: [dane] Behavior in the face of no answer? Martin Rex
- Re: [dane] Behavior in the face of no answer? Paul Hoffman
- Re: [dane] Behavior in the face of no answer? Paul Wouters
- Re: [dane] Behavior in the face of no answer? Andrew Sullivan
- Re: [dane] Behavior in the face of no answer? Andrew Sullivan
- Re: [dane] Behavior in the face of no answer? Nicholas Weaver
- Re: [dane] Behavior in the face of no answer? Andrew Sullivan
- Re: [dane] Behavior in the face of no answer? Martin Rex
- Re: [dane] Behavior in the face of no answer? Eric Rescorla
- Re: [dane] Behavior in the face of no answer? Andrew Sullivan
- Re: [dane] Behavior in the face of no answer? Andrew Sullivan
- Re: [dane] Behavior in the face of no answer? Nicholas Weaver
- Re: [dane] Behavior in the face of no answer? Andrew Sullivan
- Re: [dane] Behavior in the face of no answer? Eric Rescorla
- Re: [dane] Behavior in the face of no answer? Nicholas Weaver
- Re: [dane] Behavior in the face of no answer? Andrew Sullivan
- Re: [dane] Behavior in the face of no answer? Eric Rescorla
- Re: [dane] Behavior in the face of no answer? Tom Ritter
- Re: [dane] Behavior in the face of no answer? Warren Kumari
- Re: [dane] Behavior in the face of no answer? Eric Rescorla
- Re: [dane] Behavior in the face of no answer? Eric Rescorla
- Re: [dane] Behavior in the face of no answer? Adam Langley
- Re: [dane] Behavior in the face of no answer? Paul Hoffman
- Re: [dane] Behavior in the face of no answer? Andrew Sullivan
- Re: [dane] Behavior in the face of no answer? Andrew Sullivan
- Re: [dane] Behavior in the face of no answer? Martin Rex
- Re: [dane] Behavior in the face of no answer? Paul Wouters
- Re: [dane] Behavior in the face of no answer? Paul Wouters
- Re: [dane] Behavior in the face of no answer? Paul Wouters
- Re: [dane] Behavior in the face of no answer? Paul Wouters
- Re: [dane] Behavior in the face of no answer? Eric Rescorla
- Re: [dane] Behavior in the face of no answer? Martin Rex
- Re: [dane] Behavior in the face of no answer? Eric Rescorla
- Re: [dane] Behavior in the face of no answer? Eric Rescorla
- Re: [dane] Behavior in the face of no answer? Martin Rex
- Re: [dane] Behavior in the face of no answer? Andrew Sullivan
- Re: [dane] Behavior in the face of no answer? Eric Rescorla
- Re: [dane] Behavior in the face of no answer? Paul Wouters
- Re: [dane] Behavior in the face of no answer? Andrew Sullivan
- Re: [dane] Behavior in the face of no answer? Nicholas Weaver
- Re: [dane] Behavior in the face of no answer? Andrew Sullivan
- Re: [dane] Behavior in the face of no answer? Yoav Nir
- Re: [dane] Behavior in the face of no answer? Paul Wouters
- Re: [dane] Behavior in the face of no answer? Yoav Nir
- Re: [dane] Behavior in the face of no answer? Ondrej Mikle
- Re: [dane] Behavior in the face of no answer? Warren Kumari
- Re: [dane] Behavior in the face of no answer? Nicholas Weaver
- Re: [dane] Behavior in the face of no answer? Paul Hoffman
- Re: [dane] Behavior in the face of no answer? Nicholas Weaver
- Re: [dane] Behavior in the face of no answer? Paul Hoffman
- Re: [dane] Behavior in the face of no answer? Adam Langley
- Re: [dane] Behavior in the face of no answer? Nicholas Weaver
- Re: [dane] Behavior in the face of no answer? Andrew Sullivan
- Re: [dane] Behavior in the face of no answer? Paul Hoffman
- Re: [dane] Behavior in the face of no answer? Nicholas Weaver
- Re: [dane] Behavior in the face of no answer? John Gilmore
- Re: [dane] Behavior in the face of no answer? Yoav Nir
- Re: [dane] Behavior in the face of no answer? Martin Rex
- Re: [dane] Behavior in the face of no answer? Andrew Sullivan
- Re: [dane] Behavior in the face of no answer? Tony Finch
- Re: [dane] Behavior in the face of no answer? Tony Finch
- Re: [dane] Behavior in the face of no answer? Paul Wouters
- Re: [dane] Behavior in the face of no answer? Paul Wouters
- Re: [dane] Behavior in the face of no answer? Tony Finch
- Re: [dane] Behavior in the face of no answer? Scott Schmit
- Re: [dane] Behavior in the face of no answer? Paul Wouters
- Re: [dane] Behavior in the face of no answer? Ondrej Mikle
- Re: [dane] Behavior in the face of no answer? Tony Finch
- Re: [dane] Behavior in the face of no answer? Ondrej Mikle
- Re: [dane] Behavior in the face of no answer? John Gilmore
- Re: [dane] Behavior in the face of no answer? Nicholas Weaver
- Re: [dane] Behavior in the face of no answer? Paul Wouters
- Re: [dane] Behavior in the face of no answer? Paul Hoffman
- Re: [dane] Behavior in the face of no answer? Eric Rescorla
- Re: [dane] Behavior in the face of no answer? Paul Wouters
- Re: [dane] Behavior in the face of no answer? Eric Rescorla
- Re: [dane] Behavior in the face of no answer? Paul Wouters
- Re: [dane] Behavior in the face of no answer? Eric Rescorla
- Re: [dane] Behavior in the face of no answer? Paul Wouters
- Re: [dane] Behavior in the face of no answer? Andrew Sullivan
- Re: [dane] Behavior in the face of no answer? Andrew Sullivan
- Re: [dane] Behavior in the face of no answer? Eric Rescorla
- Re: [dane] Behavior in the face of no answer? Paul Wouters
- Re: [dane] Behavior in the face of no answer? Andrew Sullivan
- Re: [dane] Behavior in the face of no answer? Andrew Sullivan
- Re: [dane] Behavior in the face of no answer? Andrew Sullivan
- Re: [dane] Behavior in the face of no answer? Nicholas Weaver
- Re: [dane] Behavior in the face of no answer? Martin Rex
- Re: [dane] Behavior in the face of no answer? Eric Rescorla
- Re: [dane] Behavior in the face of no answer? Martin Rex
- Re: [dane] Behavior in the face of no answer? Eric Rescorla
- Re: [dane] Behavior in the face of no answer? Martin Rex
- Re: [dane] Behavior in the face of no answer? Eric Rescorla
- Re: [dane] Behavior in the face of no answer? Paul Hoffman
- Re: [dane] Behavior in the face of no answer? Warren Kumari
- Re: [dane] Behavior in the face of no answer? Nicholas Weaver
- Re: [dane] Behavior in the face of no answer? Warren Kumari
- Re: [dane] Behavior in the face of no answer? Martin Rex
- Re: [dane] Behavior in the face of no answer? Eric Rescorla
- Re: [dane] Behavior in the face of no answer? Warren Kumari
- Re: [dane] Behavior in the face of no answer? Warren Kumari
- Re: [dane] Behavior in the face of no answer? John Gilmore
- Re: [dane] Behavior in the face of no answer? John Gilmore
- [dane] Network errors ARE attacks - on the end-to… John Gilmore
- Re: [dane] Behavior in the face of no answer? Mark Andrews
- Re: [dane] Behavior in the face of no answer? Martin Rex
- Re: [dane] Network errors ARE attacks - on the en… Martin Rex
- Re: [dane] Network errors ARE attacks - on the en… Yoav Nir
- Re: [dane] Network errors ARE attacks - on the en… Henry Story
- Re: [dane] Network errors ARE attacks - on the en… Henry Story
- Re: [dane] Network errors ARE attacks - on the en… SM
- Re: [dane] Network errors ARE attacks - on the en… Michael Richardson
- Re: [dane] Network errors ARE attacks - on the en… Andrew Sullivan
- Re: [dane] Behavior in the face of no answer? Eric Rescorla
- Re: [dane] Behavior in the face of no answer? Paul Wouters
- Re: [dane] Network errors ARE attacks - on the en… Mark Andrews
- Re: [dane] Network errors ARE attacks - on the en… Warren Kumari
- Re: [dane] Network errors ARE attacks - on the en… Phillip Hallam-Baker