[dns-privacy] IETF 118 hackaton: Does Not Scale: Rethinking DNS

Petr Špaček <pspacek@isc.org> Fri, 15 September 2023 16:14 UTC

Return-Path: <pspacek@isc.org>
X-Original-To: dns-privacy@ietfa.amsl.com
Delivered-To: dns-privacy@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D765CC15107D; Fri, 15 Sep 2023 09:14:39 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.108
X-Spam-Level:
X-Spam-Status: No, score=-7.108 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=isc.org header.b="mKN4cOxv"; dkim=pass (1024-bit key) header.d=isc.org header.b="m9OmD+SF"
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id BkErU7UT2_gZ; Fri, 15 Sep 2023 09:14:34 -0700 (PDT)
Received: from mx.pao1.isc.org (mx.pao1.isc.org [149.20.2.50]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C2F4BC14CE2F; Fri, 15 Sep 2023 09:14:34 -0700 (PDT)
Received: from zimbrang.isc.org (zimbrang.isc.org [149.20.2.31]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mx.pao1.isc.org (Postfix) with ESMTPS id B55AC3AB01E; Fri, 15 Sep 2023 16:14:33 +0000 (UTC)
ARC-Filter: OpenARC Filter v1.0.0 mx.pao1.isc.org B55AC3AB01E
Authentication-Results: mx.pao1.isc.org; arc=none smtp.remote-ip=149.20.2.31
ARC-Seal: i=1; a=rsa-sha256; d=isc.org; s=ostpay; t=1694794473; cv=none; b=BQ9uBILw28jqI1knQwWYFrxQmq3R0J3NCOhcYj9Qlv2T0zIWbTimEsZj3DteTlN/RwZsHIX4RFZpnrx9vnzd1LqheOpPgEyucrKIoGf7inwTO+vw+L7Z+2kEBovwaNymwPe3FRCDGN0B4m0Q5SnAuPkE16QxaSLI/mEEgtKF778=
ARC-Message-Signature: i=1; a=rsa-sha256; d=isc.org; s=ostpay; t=1694794473; c=relaxed/relaxed; bh=91Vb9X0yWtyh/DbwGn/S4A9Z6zKU7CcmKl0q47mJZuA=; h=DKIM-Signature:DKIM-Signature:Message-ID:Date:MIME-Version:From: Subject:To; b=DEF7BVinrLrn6veIUXXjMmNyQfzqX0w5lVlPFj6lSfCUHNR+wDHJ6ZmQZJttVpOSIOaZLcXDzgZNSnHavfNzY5vLeRWtnZWfVBI7WpCOj0kHsna75jI3ZIkLih3slR/NMegqipsKm3Xj4eownZG1ajFr9x9L7jg5QkNVcl/eDU8=
ARC-Authentication-Results: i=1; mx.pao1.isc.org
DKIM-Filter: OpenDKIM Filter v2.10.3 mx.pao1.isc.org B55AC3AB01E
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=isc.org; s=ostpay; t=1694794473; bh=91Vb9X0yWtyh/DbwGn/S4A9Z6zKU7CcmKl0q47mJZuA=; h=Date:From:Subject:To; b=mKN4cOxvfESdVivAdqqabe+kPxNapaI8tLLgQ0YD9nwc1XbQqM1zXRS3sTM8aBuic 3f3lePPfdt5gRrlVnsG43X8KfFM3W1ye9Oq0/DXCad+S+zItpAz9NwUsbfBuEjb/SW mC71xFNlJGFtffEeMrH3ju5Lq69bcFklzNT36Pt8=
Received: from zimbrang.isc.org (localhost.localdomain [127.0.0.1]) by zimbrang.isc.org (Postfix) with ESMTPS id A9F4FECB7E1; Fri, 15 Sep 2023 16:14:33 +0000 (UTC)
Received: from localhost (localhost.localdomain [127.0.0.1]) by zimbrang.isc.org (Postfix) with ESMTP id 85BE8ECBAB0; Fri, 15 Sep 2023 16:14:33 +0000 (UTC)
DKIM-Filter: OpenDKIM Filter v2.10.3 zimbrang.isc.org 85BE8ECBAB0
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=isc.org; s=05DFB016-56A2-11EB-AEC0-15368D323330; t=1694794473; bh=91Vb9X0yWtyh/DbwGn/S4A9Z6zKU7CcmKl0q47mJZuA=; h=Message-ID:Date:MIME-Version:From:To; b=m9OmD+SF8+Py8xEtRuB7BYXxk0Ec90L0ozypw95dZ0f+IHrqjvX3zc7+dHN/fCMvC X1idPF53SmgQQ2LzLvlH6njA4EEaQEV7Pgo122l9ndrZUKWL+R5u1tCjHFrEr5V0kF Et1FW5Xc+vqQaUkGlgaasoF0cczd9zYTQ2tOmRZs=
Received: from zimbrang.isc.org ([127.0.0.1]) by localhost (zimbrang.isc.org [127.0.0.1]) (amavis, port 10026) with ESMTP id RN07NUl_fTXS; Fri, 15 Sep 2023 16:14:33 +0000 (UTC)
Received: from [192.168.0.158] (ip-86-49-236-107.bb.vodafone.cz [86.49.236.107]) by zimbrang.isc.org (Postfix) with ESMTPSA id 0B154ECB7E1; Fri, 15 Sep 2023 16:14:31 +0000 (UTC)
Message-ID: <6d976f05-b6a1-493c-ab62-e354d03d38f5@isc.org>
Date: Fri, 15 Sep 2023 18:14:28 +0200
MIME-Version: 1.0
User-Agent: Mozilla Thunderbird
From: Petr Špaček <pspacek@isc.org>
To: dnsop@ietf.org, "dns-operations@dns-oarc.net" <dns-operations@dns-oarc.net>, dns-privacy <dns-privacy@ietf.org>
Content-Language: en-US
Autocrypt: addr=pspacek@isc.org; keydata= xsFNBF/OJ/4BEAC0jP/EShRZtcI9KmzVK4IoD/GEDtcaNEEQzPt05G8xtC0P4uteXUwW8jaB CdcKIKR4eUJw3wdXXScLNlyh0i+gm5mIvKPrBYNAMOGGnkbAmMQOt9Q+TyGeTSSGiAjfvd/N nYg7L/KjVbG0sp6pAWVORMpR0oChHflzKSjvJITCGdpwagxSffU2HeWrLN7ePES6gPbtZ8HY KHUqjWZQsXLkMFw4yj8ZXuGarLwdBMB7V/9YHVkatJPjTsP8ZE723rV18iLiMvBqh4XtReEP 0vGQgiHnLnKs+reDiFy0cSOG0lpUWVGI50znu/gBuZRtTAE0LfMa0oAYaq997Y4k+na6JvHK hhaZMy82cD4YUa/xNnUPMXJjkJOBV4ghz/58GiT32lj4rdccjQO4zlvtjltjp9MTOFbRNI+I FCf9bykANotR+2BzttYKuCcred+Q7+wSDp9FQDdpUOiGnzT8oQukOuqiEh3J8hinHPGhtovH V22D0cU6T/u9mzvYoULhExPvXZglCLEuM0dACtjVsoyDkFVnTTupaPVuORgoW7nyNl0wDrII ILBqUBwzCdhQpYnyARSjx0gWSG1AQBKkk5SHQBqi1RAYC38M59SkpH0IKj+SaZbUJnuqshXh UIbY1GMHbW/GDhz7pNQFFYm2S4OPUBcmh/0O0Osma151/HjF7wARAQABzR9QZXRyIMWgcGHE jWVrIDxwc3BhY2VrQGlzYy5vcmc+wsGXBBMBCABBAhsDBQsJCAcCBhUKCQgLAgQWAgMBAh4B AheAAhkBFiEEEVO2++xeDVoSYmDzq9WHzfBlga4FAmOy+ukFCQXDY2sACgkQq9WHzfBlga5N Eg/+P6lTHvp6mWTatgv7M8J+H3NAnMvJgDrtxN+rVdf9cZDOYGymn/G0ebOqIncRnJ7MPsma G0kjhk4TZNWY6AGyQjg6jVw85rdYTqCBmTTGrR39gnTnanYjEAHL15vpi0T6DC/DMMmpoKNz S6eh4atayF2yVMxUZG9SFkAF+Bukc4VLe1uPgzVDYiabBWsgB+p4NijwiEYbmYChwr5NBAf7 HIrS6MyEVoUeSOzf40lcTg7wp+YFvbQeQ/Xf0F3dPy93lLTWhw8uYSzxQx86SY0sKDhcueQs DK5FeNQvXrZwyoCOG82cxxzUFFb/vXfFw53JoPg33PPPZlSoZYY6T4CqmUittP/UVJw8Gu/w 2NQwwkWq+2Xt6dNJWV7EfXlHz/iwaZaJtNoodPUHQ0X+17/GcYuMhbEIMNq5yW9HfEAuGXbf V8KruYOjWIIVI99kelwnIrshAvjpX31GOZeI9pI+D7QqBCyD8GwHheXkW+iaeY6800IOLclv dWZAgfyi6P6kJusdHextK3d85dmPUkn9KaRpWT3+UpAjTEOQUWuwCC2ivVZQTcddV9Sptnfc iMwxGmaZRZx1hrESA8rQLWeko1he8fJbC3cj+tlgRRdHnsw8bxzyRh7OGPkqGJNbeT6Z3BSy /j0XrFyJIOXhtbD/hXR1JeiDTZuwhOSP8hqItr3OwU0EX84n/gEQANARNXihDNc1fLNFZK5s O14Yg2TouK9eo9gGh4yLSrmZ3pjtnuJSpTWmGD4g0EYzhwWA/T+CqjUnrhsvzLQ1ECYVqLpM VqK2OJ9PhLRbx1ITd4SKO/0xvXFkUqDTIF6a5mUCXH5DzTQGSmJwcjoRv3ye+Z1lDzOKJ+Qr gDHM2WLGlSZAVGcUeD1S2Mp/FroNOjGzrFXsUhOBNMo8PSC4ap0ZgYeVBq5aiMaQex0r+uM4 45S1z5N2nkNRYlUARkfKirqQxJ4mtj5XPC/jtdaUiMzvnwcMmLAwPlDNYiU0kO5IqJFBdzmJ yjzomVk1zK9AYS/woeIxETs+s6o7qXtMGGIoMWr6pirpHk4Wgp4TS02BSTSmNzParrFxLpEU dFKq3M0IsBCVGvfNgWL2pKKQVq34fwuBhJFQAigR9B3O9mfaeejrqt73Crp0ng0+Q74+Llzj EIJLOHYTMISTJyxYzhMCQlgPkKoj+TSVkRzBZoYFkUt4OXvlFj73wkeqeF8Z1YWoOCIjwXH9 0u2lPEq0cRHHyK+KSeH1zQJ4xgj0QDGPmkvi81D13sRaaNu3uSfXEDrdYYc+TSZd2bVh2VCr xrcfzQ1uz9fsdC9NPdNd7/mHvcAaNc5e9IhNh67L54aMBkzlJi18d0sWXOOHkyLSvbHnC/OP wv7qCf69PUJmtoeHABEBAAHCwXwEGAEIACYCGwwWIQQRU7b77F4NWhJiYPOr1YfN8GWBrgUC Y7L7EwUJBcNjlQAKCRCr1YfN8GWBrhHmEACH5ailkji2meFhmfNF7CdR67gcGL5abm5Ac/68 eXzX6xwNQsb04xS+SUnDXf0g5pt3QmzPARfA45z/Wd6HLv7eAcMVbMotG5gxcaEn6M26gDhd o6C/haYRNYUecfqE2GJlMVNQ3ozLiUZHI0UzWgf7eleASywvl4XKfxaRQnu75T2cOVqGhvqc Re0vpUFyoIKH5JwgoQYZ7vcL0LgoL4YspvfzhifYXeU7ymy3L763kQjAfTRqpaIpb0NEb4Qc Viq2Wm7ajwYcCeuZYicShPXeHa69SJqoLENPDSSJfxAOQyN7v5I2ZbqKvlu/9JBvR+ggPJMw Dq2G1GoJuAyT1M5vBVyJ4+AWwq+ujQuYCWgUX9UBIQfgxE1srFL9e229AaX57MebGya6/pBb tlV5ntXrvFh8DSsIAslhO7mybhMij6DWcGX7AB/9+y4xiQanKPAiJTOVMe020CgwbcXYIggp ts1rdXizZImC2qp7EqUbL7egCUsr8LO/8tJ3jGdxoaSK4eaTAc/Ii10NYN7PRs8KWHSHYRbp PTcFT2b45dOeVvbAfgMrZeSmUlutJ0O8QbwI/+dK5wXMW0dQY3w5glV2ELBX+98d9L3haKy+ EFtFHCUTmNuoCAp0oz94MJTYp23XKXfl/PClosk3xCMPl/dcQqgMDhOyF33Dz+IdLQ8qnw==
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/dns-privacy/NnvYmd-cLI62CGaeIS9jX2ATQXo>
Subject: [dns-privacy] IETF 118 hackaton: Does Not Scale: Rethinking DNS
X-BeenThere: dns-privacy@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Addition of privacy to the DNS protocol <dns-privacy.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dns-privacy/>
List-Post: <mailto:dns-privacy@ietf.org>
List-Help: <mailto:dns-privacy-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 15 Sep 2023 16:14:39 -0000

Hello all!

I would like to invite you to a "round table" planned during IETF 118 
hackathon [1] - Saturday and Sunday before IETF 118.

We plan to have an open and friendly brainstorming session with people 
who work on the DNS protocol, write implementations, and operate networks.

The purpose is to brainstorm and think about DNS without being bound by 
current protocol constraints. Where are we hitting limits? What can we 
do about them? Do you want to put your protocol pet peeve out of its misery?

If you want to join, please list yourself here:
https://doodle.com/meeting/participate/id/azXrrv7d.
This will allow us to secure a large enough workspace.


Participants are expected to come with their homework done. Bring a list 
of limitations you can see in the current protocol with you, and don't 
hesitate to think big. Hate the duplicate TTLs in DNS messages? Please 
write it down. Want secure & flexible transport protocol specification? 
Never liked the compression method? Put it on the list.


As a teaser, here are a couple of real-world motivating questions just 
to get us started.

How do we make DNS:
... scalable so it can transfer millions of zones? And how do we monitor 
it? [2]
... handle humongous post-quantum crypto keys and signatures, in both 
protocol and transport? [3]
... support distributed multi-master setups?
... extensible to new wire format & at the same time, maintain a single 
namespace?
... simpler to operate? What if we rethink basic assumptions? [4] (see 
the talk starting at 33:40)

[1] https://wiki.ietf.org/en/meeting/118/hackathon
[2] https://indico.dns-oarc.net/event/47/contributions/1017/
[3] https://indico.dns-oarc.net/event/46/contributions/985/
[4] 
https://icann.zoom.us/rec/share/PUZu_QsO_rdY0gavMatzFOSVpZY1oNahNYnPBuy6pgTUJARw-YIOEzWEV11aqaHW.4Cwr3dGRlunUwhD9?startTime=1693897245000


It's unlikely we will produce running code, but hopefully we'll generate 
some good ideas and possibly proto-I-Ds.

-- 
Petr Špaček
Internet Systems Consortium