Re: [dns-privacy] Possible use case: Opportunistic encryption for recursive to authoritative

Puneet Sood <puneets@google.com> Sat, 08 August 2020 01:28 UTC

Return-Path: <puneets@google.com>
X-Original-To: dns-privacy@ietfa.amsl.com
Delivered-To: dns-privacy@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 394733A0778 for <dns-privacy@ietfa.amsl.com>; Fri, 7 Aug 2020 18:28:57 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -17.6
X-Spam-Level:
X-Spam-Status: No, score=-17.6 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, ENV_AND_HDR_SPF_MATCH=-0.5, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5, USER_IN_DEF_SPF_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=google.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7Nb7remQCOiu for <dns-privacy@ietfa.amsl.com>; Fri, 7 Aug 2020 18:28:56 -0700 (PDT)
Received: from mail-vs1-xe30.google.com (mail-vs1-xe30.google.com [IPv6:2607:f8b0:4864:20::e30]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E3A413A0743 for <dprive@ietf.org>; Fri, 7 Aug 2020 18:28:55 -0700 (PDT)
Received: by mail-vs1-xe30.google.com with SMTP id n4so1622354vsl.10 for <dprive@ietf.org>; Fri, 07 Aug 2020 18:28:55 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=TzgKRiB/LPPsl1UsPdLTX1JMzkgbHmlriQIqxm89Ioo=; b=HKJVeKrROvpa0jrwDNTojQETuus1eyb5zP+y83HJupw93XTWchbscsoBJR8DT7871r Xrsd6DAXB8x6GndSK3m2sX1XhTvKQzXUkd8NNYyWcYLgZJPwjX7nrTkGZxavshp9/TOQ 2nn/zEVSk5GdXpqFRCgnpG2VKONHqmOKJD0EjdbU+dqqXd+MgTpsDUspHxLj/f3T3P5G i39wNElBUfH6Aivi3Rnh4snZ5Mu+Pg7h8ofjtUmiIWXwNK8CuGljNXkNykdidI2lOarD gFGkYP40zEKnaIluvc+HhtWOVgvxC3nzTjT1zfhbUOTbxm+H+R0BVHERi875rMRXnfbr Tmvg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=TzgKRiB/LPPsl1UsPdLTX1JMzkgbHmlriQIqxm89Ioo=; b=qFacB7yakHO4ca3PxlAlGjLqszaV7HKN87tIHOXPnrAv8zlGlnjan9flXTeRf+JW+z 4zbcoPhGSiipgbRY/n0Y0OTXA7ptXRmCFRZkNYOJOXIsxp8iqTKtP2UJ/8tKmsBPLOdD VeJsOUwsN+YcwS/ZIz90ovPnDic4d1IhC6d/BGHY2fv2uIEMxcEGYxj/xutC+CPkJYcB RBD2P1hCB8s0nUcmPFN7Q8Z/hU9I5Jrh5jUsUNhytLkrRu2+iy4w3pxWhPHt0vmLwaNz cvBm22+1USzeH5Esev74s81SVqDYye4ZRx8Ks92hg3w9I4F4foiU4uA8MfEA/0net0BC UGJA==
X-Gm-Message-State: AOAM533roMTcJsg9NSdTL6vP+LBfnFkZzsptBTlWMMmMCnHYr/bbzoyN UVRc+35mMAwMdDeKIirizIzu5f2hutBwfmv1f9nCWw==
X-Google-Smtp-Source: ABdhPJy0DgQUtNGKYqES2owhsagnFwaziLy643Md5gqP+/rmtWrYMmmJK3VZcw4zD4GvLMckq8COu87o1FwAO1B1EcU=
X-Received: by 2002:a05:6102:310c:: with SMTP id e12mr1400641vsh.85.1596850134764; Fri, 07 Aug 2020 18:28:54 -0700 (PDT)
MIME-Version: 1.0
References: <3BA75997-3DE4-4DF5-B1F5-C57DBC423288@icann.org> <CA+9_gVvMWeZyWv3cXgtZwO6xhwNykPN85iadnGPHFkJ3ngqafg@mail.gmail.com> <CAChr6Sz8psTwmnkE6SJrCyG3TXXQcpO=mg2g6f6zk02Y-LZc+w@mail.gmail.com>
In-Reply-To: <CAChr6Sz8psTwmnkE6SJrCyG3TXXQcpO=mg2g6f6zk02Y-LZc+w@mail.gmail.com>
From: Puneet Sood <puneets@google.com>
Date: Fri, 07 Aug 2020 21:28:43 -0400
Message-ID: <CA+9_gVtX1b21-eW4c5VC7OaQ1z+0Uj6vH0z9SaXs23U5cQT7+w@mail.gmail.com>
To: Rob Sayre <sayrer@gmail.com>
Cc: Puneet Sood <puneets=40google.com@dmarc.ietf.org>, Paul Hoffman <paul.hoffman@icann.org>, "dprive@ietf.org" <dprive@ietf.org>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dns-privacy/S_KrvUBQgx0-p8pNO3yXLSpWOos>
Subject: Re: [dns-privacy] Possible use case: Opportunistic encryption for recursive to authoritative
X-BeenThere: dns-privacy@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <dns-privacy.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dns-privacy/>
List-Post: <mailto:dns-privacy@ietf.org>
List-Help: <mailto:dns-privacy-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 08 Aug 2020 01:28:57 -0000

On Fri, Aug 7, 2020 at 9:22 PM Rob Sayre <sayrer@gmail.com> wrote:
>
> On Fri, Aug 7, 2020 at 6:18 PM Puneet Sood <puneets=40google.com@dmarc.ietf.org> wrote:
>>
>> I think this is worth doing.
>
>
> I agree. The part that I worry about is the computational cost of reestablishing links after an outage. Is there a way to model this? (Perhaps this work has already been done)

Outage of the authoritative or resolver? Can you explain your concern
in more detail?

For a resolver an outage is similar to a cold start - the cost of
connection setup will be amortized over all the queries done during
the lifetime of the sessions.

-Puneet

>
> thanks,
> Rob
>
> _______________________________________________
> dns-privacy mailing list
> dns-privacy@ietf.org
> https://www.ietf.org/mailman/listinfo/dns-privacy