Re: [dns-privacy] Fwd: Fwd: New Version Notification for draft-huitema-quic-dnsoquic-00.txt
Christian Huitema <huitema@huitema.net> Tue, 11 April 2017 17:52 UTC
Return-Path: <huitema@huitema.net>
X-Original-To: dns-privacy@ietfa.amsl.com
Delivered-To: dns-privacy@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id ABEF512EB6D for <dns-privacy@ietfa.amsl.com>; Tue, 11 Apr 2017 10:52:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.4
X-Spam-Level:
X-Spam-Status: No, score=-5.4 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H2=-2.8, SPF_PASS=-0.001] autolearn=unavailable autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MqJjPp-5CcoE for <dns-privacy@ietfa.amsl.com>; Tue, 11 Apr 2017 10:52:12 -0700 (PDT)
Received: from mx43-out1.antispamcloud.com (mx43-out1.antispamcloud.com [138.201.61.189]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9D84312EB6E for <dns-privacy@ietf.org>; Tue, 11 Apr 2017 10:52:01 -0700 (PDT)
Received: from xsmtp12.mail2web.com ([168.144.250.177]) by mx43.antispamcloud.com with esmtps (TLSv1.2:AES128-SHA:128) (Exim 4.86) (envelope-from <huitema@huitema.net>) id 1cxzxK-00085d-Um for dns-privacy@ietf.org; Tue, 11 Apr 2017 19:51:59 +0200
Received: from internal.xmail04.myhosting.com ([10.5.2.14] helo=xmail04.myhosting.com) by xsmtp12.mail2web.com with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:256) (Exim 4.82) (envelope-from <huitema@huitema.net>) id 1cxzxH-00005C-9P for dns-privacy@ietf.org; Tue, 11 Apr 2017 13:51:52 -0400
Received: (qmail 20926 invoked from network); 11 Apr 2017 17:51:50 -0000
Received: from unknown (HELO [192.168.1.100]) (Authenticated-user:_huitema@huitema.net@[172.56.42.160]) (envelope-sender <huitema@huitema.net>) by xmail04.myhosting.com (qmail-ldap-1.03) with ESMTPA for <dns-privacy@ietf.org>; 11 Apr 2017 17:51:49 -0000
To: Alexander Mayrhofer <alexander.mayrhofer@nic.at>, "quic@ietf.org" <quic@ietf.org>, "dns-privacy@ietf.org" <dns-privacy@ietf.org>
References: <0b31dc15-3e13-ac36-5c09-056ea8f1b2e8@huitema.net> <cbdb51e1-7f5a-9ddf-a30e-6ca9c2b9c67d@huitema.net> <19F54F2956911544A32543B8A9BDE07598F48DC7@NICS-EXCH2.sbg.nic.at>
From: Christian Huitema <huitema@huitema.net>
Message-ID: <39db2dc5-bc88-4d65-afff-bacc97402fb9@huitema.net>
Date: Tue, 11 Apr 2017 10:51:45 -0700
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:45.0) Gecko/20100101 Thunderbird/45.8.0
MIME-Version: 1.0
In-Reply-To: <19F54F2956911544A32543B8A9BDE07598F48DC7@NICS-EXCH2.sbg.nic.at>
Content-Type: multipart/alternative; boundary="------------D776AC8F48E84B34AD3A6136"
X-Originating-IP: 168.144.250.177
X-SpamExperts-Domain: xsmtpout.mail2web.com
X-SpamExperts-Username: 168.144.250.0/24
Authentication-Results: antispamcloud.com; auth=pass smtp.auth=168.144.250.0/24@xsmtpout.mail2web.com
X-SpamExperts-Outgoing-Class: unsure
X-SpamExperts-Outgoing-Evidence: Combined (0.32)
X-Recommended-Action: accept
X-Filter-ID: s0sct1PQhAABKnZB5plbIVbU93hg6Kq00BjAzYBqWlVTHAar8Je/lORhy3PZJU8LERWeKKG4PAQY Nyavp7c49L/N1imVzxQGuMdyq1ILpVFTugiLDom8V25hond3K4RsO76XSTAwtV4mg4i2ouCDa4AU hvIWAV5xUW/+gAh4vXpYUUAfN/uHlsKUvyareoJVRcOb18WfxGyg6Om6u4YYm6YbEHJjOwFnlwY7 4BqyDH85hjoyEb9Oq0NWpyO3vrfYNrJwCbVSZviV1vzVlxiUlT3dKxLhoxcmaInYbR5vlqGudzLe k2TYFBStSOMccbr5Uz0sPgnpAk2KA2vJwMd1uWhCmLzOxTAcQmFWVARhgNqBNFD3an3wiMp49rVr ybSBe34TY+s3lj/RgDQoaICKQ3TFgIfDMShmlQFqCr5hA8xAXSGwpLGc/Znuh3MoIpK0ZLDOn82b cl2hf/mZzuAjP7bRF0J+AL6gRRwFcty0/RGJ+cv73CChOPjKA0/DVd83mzKXD5o/Ia+BqyQ7Q0nt IZ2PVtMHd8bHCmdzlxzVIEgwyGTHIAoNFX+jcW7DGmdE6eBVl9/A6GtGi+mfMSANmgQ9/T0zHbtC pLbhgZ6Z/Qhqxiuap5uKiBpffUsHYsfmrbtbs8GJuRKR6hnrta1usy6F/SOWlhnS7qkS/mOkSgD5 8bDUIriOSOQTK7vaz2jBsjp0rjSY76LAIHA6cW4Oax12d5xFluaUpdcIw0lU4eCXo/JDSYH6njpM EWxyzAPnxdwDV/LdQk4Dnvnv/o4ZpIN8Tfe43vaXKX/yihCEqxIlRZaHuAWSnHeK3PdSA6Q+2n/k rhIYlNMbfS0wdTtG+6TTOn8sE7YQgPmIwOMrYG7J2iKbNGCUng3Y2EXketiO
X-Report-Abuse-To: spam@quarantine5.antispamcloud.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/dns-privacy/QhVnRmRrskt-8qU6-12kPtvbjEY>
Subject: Re: [dns-privacy] Fwd: Fwd: New Version Notification for draft-huitema-quic-dnsoquic-00.txt
X-BeenThere: dns-privacy@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: <dns-privacy.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dns-privacy/>
List-Post: <mailto:dns-privacy@ietf.org>
List-Help: <mailto:dns-privacy-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 11 Apr 2017 17:52:15 -0000
On 4/10/2017 11:43 PM, Alexander Mayrhofer wrote: > > Hello Christian, > > > > great to see this – i remember when i mentioned QUIC as an option > during the DNS-over-HTTP Bar BoF in Seoul i got quite a few weird > looks :). I like this. It looks like a logical choice somewhere > „between“ TLS and DTLS. > > > > I have some background on Section 6.5 (Padding) – back when we > specified DNS over TLS, we had a similar discussion whether to pad on > the DNS or the transport (TLS, in that case) layer. We decided in that > case that padding on the DNS layer is preferred, since it allows for > greater control by the application. This was actually the reason RFC > 7830 was created in the first place. > > > > The situation might be different for QUIC as there’s a tighter > coupling between transport and application, though padding on the DNS > layer would allow re-using the ongoing research and specification work > in DPRIVE. (Disclaimer: I know little about the current state of such > research for QUIC). > > > The situation is different in QUIC, because a single QUIC packet may carry several DNS packets, using separate STREAM-DATA frames to carry the content of different streams. Of course, the DNS application does not know whether the QUIC transport will in fact pack data from several streams in a single packet, so what we need here is some kind of API contract. The efficient solution would be to instruct the transport to perform a particular padding strategy, similar to the padding strategies developed for DNS. This would cover many applications, not just DNS. Failing that, padding at the DNS layer has the advantage of being easy to implement. -- Christian Huitema
- [dns-privacy] Fwd: Fwd: New Version Notification … Christian Huitema
- Re: [dns-privacy] Fwd: Fwd: New Version Notificat… Stephen Farrell
- Re: [dns-privacy] Fwd: Fwd: New Version Notificat… Ray Bellis
- Re: [dns-privacy] Fwd: Fwd: New Version Notificat… Marco Davids (IETF IMAP)
- Re: [dns-privacy] Fwd: Fwd: New Version Notificat… Alexander Mayrhofer
- Re: [dns-privacy] Fwd: Fwd: New Version Notificat… Christian Huitema
- Re: [dns-privacy] Fwd: New Version Notification f… Mike Bishop
- Re: [dns-privacy] Fwd: New Version Notification f… Petr Špaček