Re: [dns-privacy] Working Group Last Call for draft-ietf-dprive-rfc7626-bis

Geoff Huston <gih@apnic.net> Wed, 21 August 2019 19:46 UTC

Return-Path: <gih@apnic.net>
X-Original-To: dns-privacy@ietfa.amsl.com
Delivered-To: dns-privacy@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 736B812081B for <dns-privacy@ietfa.amsl.com>; Wed, 21 Aug 2019 12:46:20 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=apnic.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1BGIrpr6eTjH for <dns-privacy@ietfa.amsl.com>; Wed, 21 Aug 2019 12:46:18 -0700 (PDT)
Received: from APC01-HK2-obe.outbound.protection.outlook.com (mail-eopbgr1300058.outbound.protection.outlook.com [40.107.130.58]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 08B79120955 for <dns-privacy@ietf.org>; Wed, 21 Aug 2019 12:46:18 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=YDPlNz/a6Pzww/azmQKy2Z/TZ4wyaymm1qihWH3wQpxWlB1B/RMbeu5WbkLVWt0lFoSrSkal3F+IIOi/vch/1+NCqwWvyWIW0IE7VA6jI2+l3AE3rZVReQESpLYZLdTBiTQIYvl9h+U+EDKE7tE+PiG5Hr2ppzDt+A6pwYsNFqYbeOcK3+bHjzoHVU3TlsmPxl0nHEPcd37Cvwq2eIDWdNmYpfeHOIjaDIpzPXc/QkvDk42FB9F/XbZFUWO3vhN2CvHC8HRewuG984QvZVGwX07ld2vS8hQcWghxb6zESqBeZl31clWTak0HiybZjzBEZNBxPh+uttL2Q7xF3adQ6w==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=sjetu4GdUoGscAfZMcHF+uR1t3mR1oymgAm6/89TYz0=; b=QTZHcT4aiFKBN8Gc0QAzahosSx80QA7hpKgJ4HbqV/pws9ofncKUnp1cpjh/AGYis65DwqeJK7Xsh4NQCfT9+kzVeTih6ifZtspRV/l9mTJxpKBs5MQNk89SkSRtwhCj+LaH4uu/Gan1Kdc13XjQHIG/AP5JCTvQfablc9A8U9AoW/hkPAlpfuGrZdrb4MWLuHg9xag4h9KwkMk4FOwxoe4at7cCXFJ99yIRcE5o32sQ7Py1cGiW2U/rBrYcH07qEV993G9yu4vTITnDOJ0rsIIRqxpTD5wOkmK7H/n94br7uoy+PwmzYnvkNlbQ/1/qH05shw0ONeTiRoTx/hafHg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=apnic.net; dmarc=pass action=none header.from=apnic.net; dkim=pass header.d=apnic.net; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=apnic.onmicrosoft.com; s=selector2-apnic-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=sjetu4GdUoGscAfZMcHF+uR1t3mR1oymgAm6/89TYz0=; b=GUz53Mt1vu034W7si97XQZY4SNLjGLWDiHcUkyaq40sKWdidC1qGVXBynIM/fxkh8lwpEq6JvndWkGxjdq4YkziX9YCVVbTc200FadIdkagrFZhwIF9ZWGeuV/uRZzFsRPjuz4swRCbGQ9BjBhQ+/1D6Q82LaEDhjFXVTCSnzps=
Received: from PS1PR04MB2839.apcprd04.prod.outlook.com (52.133.231.81) by PS1PR04MB2808.apcprd04.prod.outlook.com (20.177.133.137) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2178.16; Wed, 21 Aug 2019 19:46:14 +0000
Received: from PS1PR04MB2839.apcprd04.prod.outlook.com ([fe80::70cb:e5b5:a4a7:c61c]) by PS1PR04MB2839.apcprd04.prod.outlook.com ([fe80::70cb:e5b5:a4a7:c61c%7]) with mapi id 15.20.2178.020; Wed, 21 Aug 2019 19:46:14 +0000
From: Geoff Huston <gih@apnic.net>
To: =?utf-8?B?VmxhZGltw61yIMSMdW7DoXQ=?= <vladimir.cunat+ietf@nic.cz>
CC: "dns-privacy@ietf.org" <dns-privacy@ietf.org>
Thread-Topic: [dns-privacy] Working Group Last Call for draft-ietf-dprive-rfc7626-bis
Thread-Index: AQHVVCi2Zh52ULZtG0C64uUT9noo2qcCczcAgAOWnYA=
Date: Wed, 21 Aug 2019 19:46:13 +0000
Message-ID: <D54D399F-C362-4513-A7C6-2162B158E7F5@apnic.net>
References: <CADyWQ+EY14GdvEv7f0X6d=GNp6Kbdrkr6rNchszOgs_mf0zUXA@mail.gmail.com> <e43beb93-2c1d-13a2-38d1-f8b41cfb559e@nic.cz>
In-Reply-To: <e43beb93-2c1d-13a2-38d1-f8b41cfb559e@nic.cz>
Accept-Language: en-AU, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-clientproxiedby: SY3PR01CA0124.ausprd01.prod.outlook.com (2603:10c6:0:1a::33) To PS1PR04MB2839.apcprd04.prod.outlook.com (2603:1096:803:40::17)
x-originating-ip: [2001:44b8:110b:5100:7875:7471:7398:5c0]
authentication-results: spf=none (sender IP is ) smtp.mailfrom=gih@apnic.net;
x-ms-exchange-messagesentrepresentingtype: 1
x-mailer: Apple Mail (2.3445.104.11)
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 4b6514ca-3783-42e8-cd62-08d726703962
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(5600148)(711020)(4605104)(1401327)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(2017052603328)(7193020); SRVR:PS1PR04MB2808;
x-ms-traffictypediagnostic: PS1PR04MB2808:
x-ms-exchange-purlcount: 1
x-microsoft-antispam-prvs: <PS1PR04MB2808657A5874D7558E941861B8AA0@PS1PR04MB2808.apcprd04.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:9508;
x-forefront-prvs: 0136C1DDA4
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(4636009)(136003)(366004)(376002)(346002)(39830400003)(396003)(189003)(199004)(25786009)(50226002)(33656002)(7736002)(71200400001)(57306001)(71190400001)(52116002)(186003)(76176011)(305945005)(386003)(6506007)(53546011)(256004)(66446008)(64756008)(66556008)(66476007)(99286004)(6246003)(53936002)(66946007)(4326008)(6116002)(102836004)(36756003)(316002)(4744005)(2906002)(8936002)(6306002)(5660300002)(478600001)(966005)(6512007)(486006)(6436002)(66574012)(14454004)(46003)(476003)(446003)(2616005)(8676002)(81156014)(81166006)(6486002)(86362001)(11346002)(229853002); DIR:OUT; SFP:1101; SCL:1; SRVR:PS1PR04MB2808; H:PS1PR04MB2839.apcprd04.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: apnic.net does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: pW2eTx5e6w4+sCkbsmm0lzgSUPTkT6TxjyHo55N46bPFoMKViBpeYrZlL9Wv26QpCaTvJWUt0psg9VVHNr5S8oimHq/CBQsXBMOGftpfLKcGhn8mgXUg/BGz+KVUlEDvM/3f/6gcf96WcHfC6gCfXSgYxHEpTxs3m/5ZjK5+U48+3xAUmTRF0VKUSyUq/G5U+JJYe1Jq8IwUuS6oOxrg54VHKNndXpHWISIxefQMXtTBQ/ui+Qj1y5UhULkWzuqHNSEewd0GyueGwnU/BTPtP7kHdKU8kKrV8Uze2l/Ofu8IhHc1lUzjy93To2nqpqXjvSCA4sFak8JjuI0jA8Tswl7X/qn1lAGvEchgw4h8oHtBRmnCdQ/HbFRLM+4R9CHViekShQ9SrnCt65G5c5GaNe3+pkMeo1iGOuCHEotpafk=
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="utf-8"
Content-ID: <C4FF421C1C24BF469BD8558DB90B0CD0@apcprd04.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: apnic.net
X-MS-Exchange-CrossTenant-Network-Message-Id: 4b6514ca-3783-42e8-cd62-08d726703962
X-MS-Exchange-CrossTenant-originalarrivaltime: 21 Aug 2019 19:46:13.9472 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 127d8d0d-7ccf-473d-ab09-6e44ad752ded
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: 7K5E6jaMW7DEK6JAow8iilsuZa7mjRbnDkN5uYM4Ne8ayQa8mHFVaV5tIr0WIkQr
X-MS-Exchange-Transport-CrossTenantHeadersStamped: PS1PR04MB2808
Archived-At: <https://mailarchive.ietf.org/arch/msg/dns-privacy/TPebKwO2GJ5g6rVqCR3M5MdIFuU>
Subject: Re: [dns-privacy] Working Group Last Call for draft-ietf-dprive-rfc7626-bis
X-BeenThere: dns-privacy@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <dns-privacy.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dns-privacy/>
List-Post: <mailto:dns-privacy@ietf.org>
List-Help: <mailto:dns-privacy-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 21 Aug 2019 19:46:20 -0000


> On 19 Aug 2019, at 10:58 pm, Vladimír Čunát <vladimir.cunat+ietf@nic.cz>; wrote:
> 
> Hello,
> 
> I now read through the whole document, and I see one thing that might be
> a little bit confusing - the beginning of page three reads like QNAME
> minimization is not possible or at least never done, and contrary to
> rfc7626 itself it isn't even mentioned in the whole document.  I would
> suggest to at least reduce the strength of the wording ("always"),
> and/or mention rfc7816.  I don't have much data at hand, but I believe
> that some reduction of QNAMEs isn't as exotic as it used to be.

A recent measurement of the use of Qname minimisation can be found at:

   http://www.potaroo.net/ispcol/2019-08/qmin.html

tl;dr: A 3% of users were observed to use recursive resolvers that perform
qname minimisation in the Internet. Far higher levels of use of qname
minimisation are found in some national communities.

I have no idea if a use level of 3% of users is “exotic” or not.