IETF Logo Mail Archive

Re: [dispatch] Initial version of draft-hoffman-dispatch-dns-over-https

Patrick McManus <pmcmanus@mozilla.com> Tue, 27 June 2017 15:50 UTC

Return-Path: <pmcmanus@mozilla.com>
X-Original-To: dispatch@ietfa.amsl.com
Delivered-To: dispatch@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AE836129A9F for <dispatch@ietfa.amsl.com>; Tue, 27 Jun 2017 08:50:31 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.734
X-Spam-Level:
X-Spam-Status: No, score=-0.734 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_SORBS_SPAM=0.5, SPF_HELO_PASS=-0.001, SPF_SOFTFAIL=0.665, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id irTd9PTC_nPQ for <dispatch@ietfa.amsl.com>; Tue, 27 Jun 2017 08:50:29 -0700 (PDT)
Received: from linode64.ducksong.com (www.ducksong.com [192.155.95.102]) by ietfa.amsl.com (Postfix) with ESMTP id E7C38129ADF for <dispatch@ietf.org>; Tue, 27 Jun 2017 08:50:28 -0700 (PDT)
Received: from mail-qt0-f177.google.com (mail-qt0-f177.google.com [209.85.216.177]) by linode64.ducksong.com (Postfix) with ESMTPSA id 1FFF63A019 for <dispatch@ietf.org>; Tue, 27 Jun 2017 11:50:28 -0400 (EDT)
Received: by mail-qt0-f177.google.com with SMTP id f92so27853529qtb.2 for <dispatch@ietf.org>; Tue, 27 Jun 2017 08:50:28 -0700 (PDT)
X-Gm-Message-State: AKS2vOz9eXWDfuzyYEaUQMGProhEWZw0mSCKJ4DzPM1cK9wQ7scY3r5n jxIcE+keAHyibhh5QHl8tOD3ziC0dQ==
X-Received: by 10.237.50.132 with SMTP id z4mr7787856qtd.31.1498578627857; Tue, 27 Jun 2017 08:50:27 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.12.183.85 with HTTP; Tue, 27 Jun 2017 08:50:27 -0700 (PDT)
In-Reply-To: <4CC73563-67A5-4683-851C-9E2A4B8F8032@mnot.net>
References: <88C327F9-3124-40CE-B1CB-4A8F8870746D@icann.org> <4CC73563-67A5-4683-851C-9E2A4B8F8032@mnot.net>
From: Patrick McManus <pmcmanus@mozilla.com>
Date: Tue, 27 Jun 2017 08:50:27 -0700
X-Gmail-Original-Message-ID: <CAOdDvNouCJHJngOQvvqxpH52Umg5Ztw_58nzjfhLODM0bmLKGw@mail.gmail.com>
Message-ID: <CAOdDvNouCJHJngOQvvqxpH52Umg5Ztw_58nzjfhLODM0bmLKGw@mail.gmail.com>
To: Mark Nottingham <mnot@mnot.net>
Cc: Paul Hoffman <paul.hoffman@icann.org>, Patrick McManus <mcmanus@ducksong.com>, "dispatch@ietf.org" <dispatch@ietf.org>
Content-Type: multipart/alternative; boundary="94eb2c124602c815740552f306bc"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dispatch/Ph3DWEPBC75FtX98boITNIxsHU0>
Subject: Re: [dispatch] Initial version of draft-hoffman-dispatch-dns-over-https
X-BeenThere: dispatch@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: DISPATCH Working Group Mail List <dispatch.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dispatch>, <mailto:dispatch-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dispatch/>
List-Post: <mailto:dispatch@ietf.org>
List-Help: <mailto:dispatch-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dispatch>, <mailto:dispatch-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 27 Jun 2017 15:50:32 -0000

On Mon, Jun 26, 2017 at 9:17 PM, Mark Nottingham <mnot@mnot.net> wrote:

>
>
> I think it's a mistake to bifurcate the request style so fundamentally;
> it's HTTP tunnelling at its worst.
>

I'm going to push back on the tunnel terminology at least a little bit
(while acknowledging one of the use cases has lots of properties of
tunnels) the DoH approach tries to emphasize flexible typing and caching in
order to leverage the HTTP ecosystem. The typing is particularly useful, I
think. Refining that is certainly a goal of any future iterations of the
draft.


> The GET-style request in your example (which I think is pretty
> representative) uses 44 octets to encode the body; the POST serialisation
> is 33 octets. However, with HPACK's huffman encoding (remember, you're
> requiring HTTP/2), that goes down to 34 bytes.
>
> Are we really that sensitive to on-the-wire size? To me, the cache
> efficiency gains as well as simplicity more than make up for a 3%
> difference. The statement that "POST-ed requests are smaller" isn't going
> to be true, in pathological cases.
>
>
So size is one concern that motivates the POST definition but there are
others that should probably be articulated. Most significantly request
header mechanisms that apply to the request message body don't apply well
to GET other than the content-type encoded into the GET URI (which is a
rather unfortunate wart without adding more such warts on). From a size
perspective obviously compression might be a win for POST but not for GET
but I'm also trying to be a pragmatist when thinking about whether 415
applies naturally to the GET mode.

If we were to have only one, and that is a reasonable thing to at least
discuss about a standard (the current situation is definitely a tradeoff,
though one I support), I'd actually be inclined to go POST only to more
naturally delineate the messages in each direction. That of course leads to
the cache discussion - and we know as spec-heads that there's nothing wrong
with caching POST in this model - but we also know that it won't happen.
Thus this flavor of  pragmatism while acknowledging there are 30 other
flavors available on the menu.


> Why shouldn't DNS API servers be able to generate ETags based upon their
> internal state, to reduce outbound bandwidth?
>
>
we should give it a full airing wherever this gets dispatched to, but 2
thoughts:
1 - iirc this boils down to an interaction between the DNS TTL embedded in
the response and the 304.. you really do conceptually need a new DNS entry,
but if its byte-for-byte the same I agree the server could 304 that with
appropriate cache controls. we should figure out the right language to
thread that needle.

2 - these responses are good candidates for immutable

v2.23.0 | Report a Bug | By Email