IETF Logo Mail Archive

Re: [dns-privacy] AD review of draft-ietf-dprive-dnsoquic

"Eric Vyncke (evyncke)" <evyncke@cisco.com> Fri, 07 January 2022 07:38 UTC

Return-Path: <evyncke@cisco.com>
X-Original-To: dns-privacy@ietfa.amsl.com
Delivered-To: dns-privacy@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 849673A15F5 for <dns-privacy@ietfa.amsl.com>; Thu, 6 Jan 2022 23:38:17 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -9.596
X-Spam-Level:
X-Spam-Status: No, score=-9.596 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b=X/rQ6WV6; dkim=pass (1024-bit key) header.d=cisco.onmicrosoft.com header.b=RMLJqFh5
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KBTYRv0APwax for <dns-privacy@ietfa.amsl.com>; Thu, 6 Jan 2022 23:38:13 -0800 (PST)
Received: from rcdn-iport-6.cisco.com (rcdn-iport-6.cisco.com [173.37.86.77]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 107093A15F3 for <dns-privacy@ietf.org>; Thu, 6 Jan 2022 23:38:12 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=10096; q=dns/txt; s=iport; t=1641541092; x=1642750692; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-id:content-transfer-encoding: mime-version; bh=pVJfslvxgKgkJtakKNRRt6R0LawtqhW5Bw2vSpb/500=; b=X/rQ6WV6E6hldLlu2AdyJI3sRU0Mt62ZdVa91SKA1xXw1vMLjiGGXUmJ JOP+CrplQZ4yd5rC5DxIlfLegGImT0uRfySaU6Gngm4cOiNTcAn4zbwMS fxrGa23xnYWWquHI501H9YFa8yDeHAOzPVmt17sKDym2Zsjtn6j/bBuuH Y=;
IronPort-PHdr: A9a23:tCyrUxdda2SfVkCxYrQnqwlylGM/tYqcDmcuAtIPh7FPd/Gl+JLvdAza6O52hVDEFYPc97pfiuXQvqyhPA5I4ZuIvH0YNpAZURgDhJYamgU6C5uDDkv2ZPfhcy09GpFEU1lot3G2OERYAoDwfVrX93az9jUVXB74MFkdGw==
IronPort-Data: A9a23:/Y2BW6PPp2gueRzvrR1ylcFynXyQoLVcMsEvi/4bfWQNrUpz1WdUz2obW2DXPP/YZmbxfd4ja4vn/U0F7J7TyoM3QXM5pCpnJ55oRWUpJjg4wn8dtEp+F+WbJK5cx5hYOomowPwcFCeG/E/0aue59BGQ6InRLlbCIL+cUsxObVcMpBcJ0XqPqsZh6mJaqYHR7zCl4bsel/bi1GqNgFaYBI67B5Wr83uDtNyq0N8RU8dXifpj5DcynFFNZH4TyD3YEpf2fmVUNrbSq+fr1rq1+CbS+A0gT47jmbfgeUpMSbnXVeSMoiMJAO753V4T/Wprj/hT2Pk0MS+7jx2EgcF3w9ZAnZexUgwueKbLnYzxVjEJQ3smYvEXoeKvzX+X9Jb7I1f9W3fq2LB2FkAoNIYJ0ud6HW8I8uYXQBgAcAGFjOG7le7jQeh3jcNlJ87uFI8as2trizDUEfhgRorMK43R7MVR9CwxgMdCAPCYbM0cAQeDxjyojwZnIFwbDtc1m/2lwyS5eDxDo1XTrq0yi1U/BTdZiNDFWOc5sPTTLSmNonulmw==
IronPort-HdrOrdr: A9a23:I/6LCK7PTsNuQOo+iQPXwZiCI+orL9Y04lQ7vn2ZFiY1TiXIra6TdaoguiMc0AxhJ03Jmbi7Sc69qeu1z+803WBjB8bdYOCAghrqEGgC1/qi/9SEIU3DH4FmpNxdmsRFebjN5B1B/LrHCWqDYpQdKbu8gdqVbI7lph8HJ2wHGsIQjTuRSDzrb3GeLzM2Y6bRYaDsnvav0ADQAEj/AP7LYkUtbqzmnZnmhZjmaRkJC1oM8w+Vlw6l77b8Dlyxwgoeeykn+8ZmzUH11yjCoomzufCyzRHRk0XJ6Y5NpdfnwtxfQOSRl8kuLCn2gArAXvUkZ1TChkFznAic0idyrDD+mWZ5Ay210QKLQoiBm2qq5+An6kd115at8y7EvZKpm72JeNtzMbswuWseSGqE16Ll1+sMjp6iGAmixsVq5Fr77VbAD5KjbWAYqmOk5XUliuIdlHpZTM8Xb6JQt5UW+AdPHI4HBz+S0vFqLABCNrCX2B9tSyLWU5kZhBgY/PW8GnAoWhuWSEkLvcKYlzBQgXBi1kMdgMgShG0J+p4xQ4RNo72sCNUnqJheCssNKa5tDuYIRsW6TmTLXBLXKWqXZVDqDrsONX7Bo4P+pL81+OapcpoVy4ZaouWPbHpI8WopP07+A8yH25NGthjLXWWmRDzojtpT4pBo04eMD4YD8RfzAGzGv/HQ18n3M/erEspbYqgmdsMLBVGebrp04w==
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0B/AADg7Ndh/5xdJa1aHQEBAQEJARIBBQUBQIFFCAELAYFRVQd4WhMkMYRHg0cDhFlghQ6DAgObH4EuFIERA1QLAQEBDQEBKg0KBAEBhQYCF4MoAiU0CQ4BAgQBAQESAQEFAQEBAgEGBIEJE4VoDYZCAQEBAQIBAQEQEREMAQEsCwEPAgEIGAICJgICAiULFRACBAENBSKCXAGCZQMOIQEOQqJEAYE6AoofeoExgQGCCAEBBgQEgTYBgRuCORiCNgMGgRAqAYMNhB6HBiccgUlEgRUnHIFmgQE+gmMBAQKBJCABARgXgwE3gi6POS0+BgEBYgEDFBsUEAkZDSwgRwsNBAcGEgURAxwWBikDilmGdoN1lyKSVQqDQop1lFMFLoNwjAmGWJEYlVtcIIIkijyUMIR4AgQCBAUCDgEBBoFhO4FZcBU7KgGCCgEBMlEZD44gDBaDUIUUhUp0AjYCBgEKAQEDCY8eAQE
X-IronPort-AV: E=Sophos;i="5.88,269,1635206400"; d="scan'208";a="982074915"
Received: from rcdn-core-5.cisco.com ([173.37.93.156]) by rcdn-iport-6.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 07 Jan 2022 07:38:09 +0000
Received: from mail.cisco.com (xbe-rcd-003.cisco.com [173.37.102.18]) by rcdn-core-5.cisco.com (8.15.2/8.15.2) with ESMTPS id 2077c90r030379 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=OK); Fri, 7 Jan 2022 07:38:09 GMT
Received: from xfe-rcd-005.cisco.com (173.37.227.253) by xbe-rcd-003.cisco.com (173.37.102.18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.14; Fri, 7 Jan 2022 01:38:09 -0600
Received: from xfe-rtp-002.cisco.com (64.101.210.232) by xfe-rcd-005.cisco.com (173.37.227.253) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.14; Fri, 7 Jan 2022 01:38:08 -0600
Received: from NAM12-BN8-obe.outbound.protection.outlook.com (64.101.32.56) by xfe-rtp-002.cisco.com (64.101.210.232) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.14 via Frontend Transport; Fri, 7 Jan 2022 02:38:08 -0500
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=LJ+DucG11t2qZE5uhEjnn8b7/WYlhF+TDElpoqujctsyk6aXe3y1EIIsi+HtR1QdrAX9u9830CbeJE1tL2tiM2T1omWnTIb3Ji+mXQKPLcmv4NapjualQGbjGYm3hh/dP15lgKw4Hva595TiPG3KlCRh8i1w67EuFg+/eIlS0tjLaDxmu5xeZTAX80CFjG111SSmxiQJzbLeE1Qu/Re495tQRlLWCMDP4XQsDwUnMJBljASWGWITAa4pEB2fIIxB8lYKLqwyQUxCbvNJKAb7Dk5Wx9xKQTW/Dd8xrU+oCRGm8cAsehzseGGo89vepEQbCmjWX8dKV2QKnzvcfA8EFQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=pVJfslvxgKgkJtakKNRRt6R0LawtqhW5Bw2vSpb/500=; b=VYQnap6dXTCp8nDNDudTKV7NW0CErrXn+5AEo/Kn5l4OnExrMCPdAL7k0l1nxk3+vru31oNP2IIguNESIaZCnC+B2ziDLH7XL4jHBf+XIvR9eh8RhFIxM85Drvq5hEwXuuY14PkBndGSTMmjkLTbfbFjQfIH68ojurfnLEPIPgj3JqBXBd5yntpo8lDey2f4x0sRm8qSiMBrHjO6fJBgNFlz2srbA49aom74lgzlhBn5uIMILOKgWzqzogLUvz4isJUEm+1MzD/VxTwoScFTWfyO3Jxr1Wfv3f73laSNUj0OiN6N2AcoLuPHJS4gbhw1Eij5LdQojj+cSMGskwNEGg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cisco.com; dmarc=pass action=none header.from=cisco.com; dkim=pass header.d=cisco.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.onmicrosoft.com; s=selector2-cisco-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=pVJfslvxgKgkJtakKNRRt6R0LawtqhW5Bw2vSpb/500=; b=RMLJqFh5uGebffJA9un0ov1VCuk/iu4U8zwM+sEEWv6lGQAkV3TRqPm7h7VzkIau7dgqRB8F3HgrdOJ+EjzCwN9+zDouNQVj+Ku/ipYw1jtUkmZRo9r+pe7r8XlboriyQd0SJ9AVzzXpTzCiXbfpAGtzBHkouDF3RWy0C5g9eKM=
Received: from PH0PR11MB4966.namprd11.prod.outlook.com (2603:10b6:510:42::21) by PH0PR11MB4968.namprd11.prod.outlook.com (2603:10b6:510:39::15) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4867.9; Fri, 7 Jan 2022 07:38:07 +0000
Received: from PH0PR11MB4966.namprd11.prod.outlook.com ([fe80::143c:310d:4a0:ce8c]) by PH0PR11MB4966.namprd11.prod.outlook.com ([fe80::143c:310d:4a0:ce8c%3]) with mapi id 15.20.4867.011; Fri, 7 Jan 2022 07:38:07 +0000
From: "Eric Vyncke (evyncke)" <evyncke@cisco.com>
To: Sara Dickinson <sara@sinodun.com>, "Eric Vyncke (evyncke)" <evyncke=40cisco.com@dmarc.ietf.org>
CC: "dns-privacy@ietf.org" <dns-privacy@ietf.org>
Thread-Topic: [dns-privacy] AD review of draft-ietf-dprive-dnsoquic
Thread-Index: AQHX7QJhDHN/GGpcbU2KFxb/RrwFqqwrWNOAgCrQB4CAAUDpAA==
Date: Fri, 07 Jan 2022 07:38:07 +0000
Message-ID: <5AE859D2-64BA-43E0-99DB-B137D03D3FFF@cisco.com>
References: <1B3BFBC8-89BC-4A30-88FE-4980E8BD3461@cisco.com> <8166E748-37F0-45EB-9353-6C1417B43FF5@cisco.com> <86C3E1C6-3374-4D99-B0E8-AB6FC74A1889@sinodun.com>
In-Reply-To: <86C3E1C6-3374-4D99-B0E8-AB6FC74A1889@sinodun.com>
Accept-Language: fr-BE, en-US
Content-Language: en-GB
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/16.56.21121100
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=cisco.com;
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 389c37fa-599d-400d-9cec-08d9d1b0a5bd
x-ms-traffictypediagnostic: PH0PR11MB4968:EE_
x-microsoft-antispam-prvs: <PH0PR11MB4968DFCF19EDF759CDEADCD7A94D9@PH0PR11MB4968.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:9508;
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: JWba6n4Dd3NipAxr+PUdamQTddBtkvgKG3/p+d1ggbb+loQyhmew/EtaQ8dd0ug0VAoba8JEkfFjbXLQtg3AMFHaj8fQICpc/D3vfIPonl0WLG5L+SmpFXfEMzEmFl1Hh3rK0Cza9DOk6Ar37SOXb+65OXMPjx/R05ZHEMR/63t7tAjoLSXNVbhlqYJhdjhavk11TZzI3mb3hVRGJb227qEAy3e2eoj46THKDEzXk41Tj+ynnqmdOiZD0rqe07FC84m/Db4v2js+s+NYNinW1NDTLdeSt9zFP7588n6pCgLdsiBjunBgtr6xOSJS6i/WzQa76AFqz3p/NLb6bzCX6ahHioGZIfG2eJgzJW/usZDCXvo1DbPLFVVQnyGVqRS42x0xPBjNPJ4geauwPZXfy1lxNRtvJiug12Wnx/YBf5oIMAcPcbmDjaq2HYkpEIKFpT0Hemq1O4Mm3ka3H4YYZXFJrKWiF6QcAZaTQOFh6vvyXurVeu5qCC1TUxp1Bt2kGFa9/7NCS+UTKd86nhfhsPHu9si2pp/6/PAX/ua5L/JTeaCA87ibruprs83dYCCz2/b/tGu/PGISNQslZK1gvoPKx0bJAqbEEi0u2oCM2rGsu6Clv9n4hCl6COvkQcoge1ZFRYJQYh9nWVrGJtNs10u3MM8Jqw15RfRERcrilXJIdCb0HGBjoEmlpoCNL68zGB1LRKMIM565dQmwHGz+/ee1j7LVkbcq5F9RFcvsoy4860Kpd6+qNbkKpENAYmKfL7eU3lQpvY0EH1HMjLaBlyCUFOWrvfOQeSwYKdL/bqcSiaQ77p0jV+QqgWhsgvkoVQl+EG61TdmCyMmfURJ39/anwxNvEwuAWR9u2VhbS/Q=
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:PH0PR11MB4966.namprd11.prod.outlook.com; PTR:; CAT:NONE; SFS:(366004)(8936002)(186003)(8676002)(6512007)(33656002)(4326008)(38070700005)(38100700002)(110136005)(36756003)(122000001)(66476007)(86362001)(66556008)(6506007)(91956017)(45080400002)(66446008)(71200400001)(6486002)(64756008)(2906002)(83380400001)(5660300002)(316002)(2616005)(76116006)(508600001)(966005)(53546011)(66946007)(45980500001); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: IRbmCfA67bpEkPIqXrTPR9SKafEOFESbcwj2EnEK/FCqBpZwmhIZ1PPjMkzq49Co42uij+TP2OCYb998kABYlpN8+N1nv+rw112a7mTqK0yruPyPRYgiIbkdvUvB9/EfM7zYEa+xDw/5DHpLbiPY6OTPTTD2kpITfriwNG5YWT9OFAIF/MH4/Km6Lx85Sh6ke4tH/jTQLK87jnL2QN3KS9THUoGpovDinL1nLIJp5Mc93BPXEWXbaVjQERPPeIWu07V5Kl2BGb1oXdUIShC/8dEzr2IUMIxkJOqyY7DDByZlw8wxP2Vym2tUj+BWupGsFfAQfCabg4s8pO0mftgvNMWYa6LFJyDf0RGn4MxomB7/0cv0o8LgFuts4eBGXkTpvKiR+z9TAj+jHMqQRTxyHRXDNx30ZXN7WjZXMWIRYrenqc4H6RiTEfCFF0r9tED8tXSXeGRrbZUZPa9+5Qo4+J11kMkjMtwo5pO2yPyICs+CYKf2JoloR/eV0jpHJUMQApawRvwa/cg8gDLJIoVWxJ/BCpTgh2LTD7Kn2sOBYgVE9rQO9LQSJwXZmAXzrAE93IZcnwGfFuIHk0+sxkv7A1cf5t94kajXl9BfWlOs0onHXNBQIOjHYldSAQBnKoXyg+3AIXibVf9Kkt7ehaBwqnjtavaHLsdozE4E4xDtPfsoTCp6Gb1xW9bAJnNzO+6CYX7QBHFxxK+TxOWfiIy5N7M5nahrz4eoG7eeHU3cOGOIJrGHd2PUj5UJNJQWHubiQHcPW+A4BjZ9Ezd5vttdHH0GQkdhn0gYVyCP9bH6C0EPZx5M9EpH2QIetKGfOvi4MlDh7NAQxbzQhqgydT2vdGq2aNWmwO/7W0anUW9napci8GUVQBEUso4vSNT8HQYvDSVvyNOhx+h7eGeQn0haCKi8pFbl5ZeDDdyQIHix4ivXuiWz9DXiCyDSs+6owmk2/JKQSTHQbgxkF3+NWKf9P5V+1gXZCk308YewOepyqXDD8vXFkAVDpnIhvwGZuxCnDqSKWDKYHh/0UIlwHW+A09MrUgTlQHVyJjQkUtyJSeTln900kuO4OhjLGPJJdyfMUp69GdJVY863rFGaR1TlPdqgYS0dIO6M1pqhySG0maieqhCSbMQ9lfpA0/ZQfOIdLrOyjNw2jwadBjEgwL9q024v2xcMdHk5cVGOktBOwb7GGdBU9/QrfgxmOtMVS67PkK3jbSMsZpIASgDBUqug5+wUcia+jS/M9Tg9slM93xEq4WugpUelQNSEiGBnNH733029Y9yjuaBoh3VNjq8kBHc8mfam2DtN/STDMUrAdZlTP9iVA5ayXbdax659UM023GFE5/Djy6513qQ3pzieq5Ay2Gra/A1vBJpIzSpkkltf9cQO4318PNwU4Bd1iDJ3Rql4IKwKrDWhJbc8uol1AMorlezi6j17GLa9x3+PRW+9i1K5huJAiYFGho1F+xQset/8JeCRovodqM+nuMjzw7y7Ie+hVoViRk3V1JB1PiEMyuqysB3ZC3NPf/MuysozIBavl8lVDqkD2RaV6eUkTKqJKu79FIIU43kahfRmOtol8fpTyD46hgTLqVU0BV1ZOl8mUY4/pn6qaz/k8+cnE1uD6Qseoj+/tEYDF2EyL22tZcKlaEn9GRHKq7HBFQA7ixIds7RikzDCLzujDei+yVcuUKEN1Hx+p5Lsdu1HA2E=
Content-Type: text/plain; charset="utf-8"
Content-ID: <20D1691C3F599B4C89F75780393436C9@namprd11.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: PH0PR11MB4966.namprd11.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 389c37fa-599d-400d-9cec-08d9d1b0a5bd
X-MS-Exchange-CrossTenant-originalarrivaltime: 07 Jan 2022 07:38:07.3502 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: lD1kLRtg0Cs+lTjsItvWTQ3LIVr2C5EZ+FAIpYLBdo+a6k+ucXZF/QfJbgvbC3g83iY3bCw4O4NwZNQvfNgsyw==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH0PR11MB4968
X-OriginatorOrg: cisco.com
X-Outbound-SMTP-Client: 173.37.102.18, xbe-rcd-003.cisco.com
X-Outbound-Node: rcdn-core-5.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/dns-privacy/PffizNSWfmvJBMw54KmnytMiRiA>
Subject: Re: [dns-privacy] AD review of draft-ietf-dprive-dnsoquic
X-BeenThere: dns-privacy@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Addition of privacy to the DNS protocol <dns-privacy.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dns-privacy/>
List-Post: <mailto:dns-privacy@ietf.org>
List-Help: <mailto:dns-privacy-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 07 Jan 2022 07:38:18 -0000

Hi Sara

Thank you for your reply and the PRs.

Some more comments below, look for EV> 

Regards

-éric


On 06/01/2022, 14:30, "dns-privacy on behalf of Sara Dickinson" <dns-privacy-bounces@ietf.org on behalf of sara@sinodun.com> wrote:

    Hi Eric, 

    Many thanks for the review. I’ve created PR https://github.com/huitema/dnsoquic/pull/134 with proposed updates from your comments.

    > On 10 Dec 2021, at 06:42, Eric Vyncke (evyncke) <evyncke=40cisco.com@dmarc.ietf.org> wrote:
    > 
    > Dear authors,
    > 
    > In the revised I-D, please also consider Martin Duke (the transport AD)'s WGLC comments, see the thread at
    > https://mailarchive.ietf.org/arch/msg/dns-privacy/F35q1jpUEPPqaq5gYVM8aYFoQUQ/
    > 
    > Especially around section 10.2 and the demux of DTLS & QUIC if both protocols run on the same port. Martin has suggested some text for this part, let's use it and remove any potential friction in the publication process.

    PR for this approved and merged (thanks Martin!)

    > 
    > Regards
    > 
    > -éric
    > 
    > 
    > 
    > On 09/12/2021, 14:40, "Eric Vyncke (evyncke)" <evyncke@cisco.com> wrote:
    > 
    >   As usual, when a document is submitted for publication, as the responsible AD, I do my own review of the draft before going to the IETF Last Call.
    > 
    >   First, thank you Brian for a detailed doc shepherd write-up. Your points about the 'down-ref' are valid and for now I would leave them like they are.

    Yes - thank you Brian. 

    FYI: 
    - PR https://github.com/huitema/dnsoquic/pull/135 includes a change to make RFC8094 informative and 
    - PR https://github.com/huitema/dnsoquic/pull/132 provides updated text based on Alex’s review also making RFC8467 informative.

    > 
    >   Thanks, as well to the WG and the authors Christian, Sara, and Alisson for their work. The document is well written and easy to read: congratulations !
    > 
    >   Please find below my review comments:
    > 
    >   Abstract: should it state where DoQ could be used (i.e., between which DNS functions notably by citing XFR) ?

    Yes - good point. I’ve added text.

    > 
    >   Section 1: s/ this document is intended to specify/ this document specifies/ ?
    > 
    >   Section 2: please use the real template from BCP14 (section 2 of RFC 8174)

    Ack to both. 

    > 
    >   Section 5: should there be a sentence "this section is normative" to be consistent with a similar sentence in section 4 ?

    Would it be better to clarify the text in section 4?

    “Whilst all other sections in this document are normative, this section is informative in nature."

EV> good suggestion, this is better with your text above

    > 
    >   Section 5.1.2: isn't the 3rd § obvious ? Hence could it be removed ?

    Yes - I suppose it is an implementation detail, removed.

    > Unsure whether there is value in the last §, especially as it appears to contradict the previous ones.

    This was added in response to having read *multiple* papers/presentations on DoT vs DoH where a statement like ‘DoT must run on port 853 whereas DoH runs on port 443’ is made regarding deployment obstacles for DoT. For a wider audience it does seem useful to point out that 443 is a possibility for DoQ deployments.

EV> fair enough

    > 
    >   Section 5.3: should DOQ_REQUEST_CANCELLED also be available when the server wants to close a transaction (e.g., when there are multiple responses/XFR) ?

    Well, section 5.3.2 really deals with the server side having issues and using a stream reset + DOQ_INTERNAL_ERROR to signal this. I’m not sure when a server would choose to send DOQ_REQUEST_CANCELLED as the error here as opposed to DOQ_INTERNAL_ERROR since the only reason to not send all the responses would be an error of some kind (even for XFR)… or is there another use case I’m missing?

EV> you are not missing anything, my bad on my comment :-O

    > 
    >   Section 6.3: contains two SHOULD, the general expectation is that the document describes when it is acceptable not to follow the SHOULD. Or perhaps should RECOMMENDED be used ?

    The kind of reasons I always assume are behind these kind of SHOULDs are: is an API for this exposed, does it increase code complexity too much or does it add too much performance overhead, etc. I’m not sure we have a specific case for section 6.3 but Christian may be able to point to one.

EV> you and Christian will have the final say on this comment.

    > 
    >   Section 6.4: same comment as above and also in other places.

    6.4 is proposed to change to a MUST for the use of padding in PR https://github.com/huitema/dnsoquic/pull/132. The main reason I can see for not using a QUIC padding API if it existed would be code complexity e.g. the implementation may choose to re-use padding logic already implemented in the DNS layer for DoT/DoH. I can add text about this if you think it is useful?

EV> adding some text about this would be helpful IMHO but not mandatory

    > 
    >   Section 6.7: should this document formally update RFC 1995, 5936, 7766 ? I think so as it is similar to RFC 9103, which updates those 3 RFCs.

    Good question but I don’t think so - all of those documents are specific to DNS over TCP. This document doesn’t define any new behaviour for XFR that changes how XFR over TCP behaves (which RFC9103 did) nor does it update anything in RFC7766.

EV> OK, let's wait and see whether IETF Last Call / IESG evaluation bring this topic back

    > 
    >   Section 7.1: s/ To our knowledge/To the authors' knowledge/ ?

    Agreed.

    >   Also in " it performs well compared" does it mean "better" or "similar" ?

    Adguard haven’t published exact data yet but did say in a presentation  “it seems that…. it does provide advantage over DoH in cellular data networks, as expected” and their user feedback "ranges from very positive to neutral”.  I’m reluctant to declare it ‘better’ without more raw data….

EV> in this case "better" would be wrong indeed but doesn't "well" imply 'good' ? I.e., "similar" could be better ? On this one, you are the native English speaker so I let you decide ;-)

    > 
    >   Section 9.3: " due to the prevalence of NAT" is not the only cause as IPv6 nodes often change their IPv6 addresses. Please extend the text here as the DoQ may not have an API to check whether the IPv6 address has changed.

    Text added. 

    > 
    >   Finally, while I am not a native English speaker (but I relied on the Microsoft Word spell-checker on the attached document), I think that there are some nits in the text:
    >   - Missing a lot of '-' in some constructions: "general purpose transport", "server initiated transactions", "long term state ", ...
    >   - "however" should be followed by a comma
    >   - No "n" in "an" in " an unidirectional QUIC stream"
    >   - "acknowledgeemnts"
    >   - "Provisonal"

    All fixed, I hope (but please check as I had to use a different checker tool).

    Best regards

    Sara.


    _______________________________________________
    dns-privacy mailing list
    dns-privacy@ietf.org
    https://www.ietf.org/mailman/listinfo/dns-privacy

v2.23.0 | Report a Bug | By Email