Re: [dispatch] Initial version of draft-hoffman-dispatch-dns-over-https
"Paul Hoffman" <paul.hoffman@vpnc.org> Tue, 27 June 2017 14:49 UTC
Return-Path: <paul.hoffman@vpnc.org>
X-Original-To: dispatch@ietfa.amsl.com
Delivered-To: dispatch@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 82312129B59 for <dispatch@ietfa.amsl.com>; Tue, 27 Jun 2017 07:49:31 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hIEePRjXeLAf for <dispatch@ietfa.amsl.com>; Tue, 27 Jun 2017 07:49:30 -0700 (PDT)
Received: from mail.proper.com (Opus1.Proper.COM [207.182.41.91]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D9672129B51 for <dispatch@ietf.org>; Tue, 27 Jun 2017 07:49:29 -0700 (PDT)
Received: from [169.254.168.162] (142-254-101-176.dsl.dynamic.fusionbroadband.com [142.254.101.176]) (authenticated bits=0) by mail.proper.com (8.15.2/8.14.9) with ESMTPSA id v5REmM4l051141 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Tue, 27 Jun 2017 07:48:24 -0700 (MST) (envelope-from paul.hoffman@vpnc.org)
X-Authentication-Warning: mail.proper.com: Host 142-254-101-176.dsl.dynamic.fusionbroadband.com [142.254.101.176] claimed to be [169.254.168.162]
From: Paul Hoffman <paul.hoffman@vpnc.org>
To: Mark Nottingham <mnot@mnot.net>
Cc: Paul Hoffman <paul.hoffman@icann.org>, Patrick McManus <mcmanus@ducksong.com>, "dispatch@ietf.org" <dispatch@ietf.org>
Date: Tue, 27 Jun 2017 07:49:02 -0700
Message-ID: <3302E029-063B-4CDF-9861-DEB6CFA09B0C@vpnc.org>
In-Reply-To: <4CC73563-67A5-4683-851C-9E2A4B8F8032@mnot.net>
References: <88C327F9-3124-40CE-B1CB-4A8F8870746D@icann.org> <4CC73563-67A5-4683-851C-9E2A4B8F8032@mnot.net>
MIME-Version: 1.0
Content-Type: text/plain; format="flowed"
X-Mailer: MailMate (1.9.6r5347)
Archived-At: <https://mailarchive.ietf.org/arch/msg/dispatch/nQjxbNXBOEf7RRBWE5wSoj4U2Zk>
Subject: Re: [dispatch] Initial version of draft-hoffman-dispatch-dns-over-https
X-BeenThere: dispatch@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: DISPATCH Working Group Mail List <dispatch.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dispatch>, <mailto:dispatch-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dispatch/>
List-Post: <mailto:dispatch@ietf.org>
List-Help: <mailto:dispatch-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dispatch>, <mailto:dispatch-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 27 Jun 2017 14:49:31 -0000
On 26 Jun 2017, at 21:17, Mark Nottingham wrote:
Issues will be opened for all of these.
> """
> A DNS API Client encodes the DNS query into the HTTP request using
> either the HTTP GET or POST methods.
>
> When using the POST method, the DNS query is included as the
> message
> body of the HTTP request and the Content-Type request header
> indicates the media type of the message. POST-ed requests are
> smaller than their GET equivalents.
> """
>
> I think it's a mistake to bifurcate the request style so
> fundamentally; it's HTTP tunnelling at its worst.
>
> The GET-style request in your example (which I think is pretty
> representative) uses 44 octets to encode the body; the POST
> serialisation is 33 octets. However, with HPACK's huffman encoding
> (remember, you're requiring HTTP/2), that goes down to 34 bytes.
>
> Are we really that sensitive to on-the-wire size? To me, the cache
> efficiency gains as well as simplicity more than make up for a 3%
> difference. The statement that "POST-ed requests are smaller" isn't
> going to be true, in pathological cases.
The bifurcation was not at all due to size, but instead the likelihood
of HTTP caching. As the draft says in the paragraph after the quoted
ones: "Using the GET method is friendlier to many HTTP cache
implementations." We recognized that POST-ed requests can be cached,
they rarely are. Also, not needing to encode the GET means that a client
that doesn't already have a base64url encoder doesn't need to add one.
I'm kinda speaking for my co-author there; I'm fine with having just one
type and dealing with the trade-offs. We're open to what the WG might
want.
>
> """
> The media type is "application/dns-udpwireformat"
> """
>
> That's needlessly long; suggest "application/dns-uwf".
Is there a length-equivalent of bike-shed colors? :-)
> There's a laundry list of questions about what HTTP functionality the
> client needs to support. I'm hoping a draft will emerge shortly that
> will help with this.
Great.
> Why shouldn't DNS API servers be able to generate ETags based upon
> their internal state, to reduce outbound bandwidth?
Can you say more? The current text is:
"""
In the HTTP responses, the HTTP cache headers SHOULD be set to
expire
at the same time as the shortest DNS TTL in the response. Because
DNS provides only caching but not revalidation semantics, DNS over
HTTP responses should not carry revalidation response headers (such
as Last-Modified: or Etag:) or return 304 responses.
"""
--Paul Hoffman
- [dispatch] Initial version of draft-hoffman-dispa… Paul Hoffman
- Re: [dispatch] Initial version of draft-hoffman-d… Mark Nottingham
- Re: [dispatch] Initial version of draft-hoffman-d… Paul Hoffman
- Re: [dispatch] Initial version of draft-hoffman-d… Patrick McManus
- Re: [dispatch] Initial version of draft-hoffman-d… Martin Thomson
- Re: [dispatch] Initial version of draft-hoffman-d… Mark Nottingham
- Re: [dispatch] Initial version of draft-hoffman-d… Mark Nottingham