IETF Logo Mail Archive

Re: [dns-privacy] [Ext] Next steps : draft-ietf-dprive-unilateral-probing

Paul Hoffman <paul.hoffman@icann.org> Mon, 26 June 2023 15:45 UTC

Return-Path: <paul.hoffman@icann.org>
X-Original-To: dns-privacy@ietfa.amsl.com
Delivered-To: dns-privacy@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 180CFC14CE24 for <dns-privacy@ietfa.amsl.com>; Mon, 26 Jun 2023 08:45:48 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id GSOWItdNdbOx for <dns-privacy@ietfa.amsl.com>; Mon, 26 Jun 2023 08:45:43 -0700 (PDT)
Received: from ppa5.dc.icann.org (ppa5.dc.icann.org [192.0.46.78]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C3E72C151070 for <dns-privacy@ietf.org>; Mon, 26 Jun 2023 08:45:43 -0700 (PDT)
Received: from MBX112-E2-CO-1.pexch112.icann.org (out.mail.icann.org [64.78.33.7]) by ppa5.dc.icann.org (8.17.1.19/8.17.1.19) with ESMTPS id 35QFjgtl025573 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 26 Jun 2023 15:45:42 GMT
Received: from MBX112-W2-CO-1.pexch112.icann.org (10.226.41.128) by MBX112-W2-CO-1.pexch112.icann.org (10.226.41.128) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1118.26; Mon, 26 Jun 2023 08:45:41 -0700
Received: from MBX112-W2-CO-1.pexch112.icann.org ([10.226.41.128]) by MBX112-W2-CO-1.pexch112.icann.org ([10.226.41.128]) with mapi id 15.02.1118.026; Mon, 26 Jun 2023 08:45:41 -0700
From: Paul Hoffman <paul.hoffman@icann.org>
To: Brian Haberman <brian@innovationslab.net>
CC: "dns-privacy@ietf.org" <dns-privacy@ietf.org>
Thread-Topic: [Ext] [dns-privacy] Next steps : draft-ietf-dprive-unilateral-probing
Thread-Index: AQHZqEHg/otOZxOlgUG2M8rwLTEiPa+dr1kA
Date: Mon, 26 Jun 2023 15:45:41 +0000
Message-ID: <46BB91BC-4385-4280-BCE3-0456025F56B3@icann.org>
References: <abc2826b-9e2b-6cea-85f9-b2060408105b@innovationslab.net>
In-Reply-To: <abc2826b-9e2b-6cea-85f9-b2060408105b@innovationslab.net>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [192.0.32.234]
x-source-routing-agent: True
Content-Type: text/plain; charset="utf-8"
Content-ID: <FF7ABEE79310C540A3C6C8B4A7A364EB@pexch112.icann.org>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.254,Aquarius:18.0.957,Hydra:6.0.591,FMLib:17.11.176.26 definitions=2023-06-26_12,2023-06-26_02,2023-05-22_02
Archived-At: <https://mailarchive.ietf.org/arch/msg/dns-privacy/UmdhB6vgMy1a6C88bgwZAVtQpsk>
Subject: Re: [dns-privacy] [Ext] Next steps : draft-ietf-dprive-unilateral-probing
X-BeenThere: dns-privacy@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Addition of privacy to the DNS protocol <dns-privacy.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dns-privacy/>
List-Post: <mailto:dns-privacy@ietf.org>
List-Help: <mailto:dns-privacy-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 26 Jun 2023 15:45:48 -0000

On Jun 26, 2023, at 8:20 AM, Brian Haberman <brian@innovationslab.net> wrote:
> 
> Hi all,
>     Tim, Éric, and I have chatted about the next steps for the unilateral probing draft. Here is the proposed plan for moving the draft forward as Experimental:
> 
> 1. The authors verify that the implementations listed in Appendix A is up-to-date. The chairs will request that this list be retained in the published RFC.
> 
> 2. The authors capture the key metrics submitted to the mailing list for assessing the experiment in a new appendix. The chairs believe that the below metrics proposed by Scott Hollenbeck are a good starting point but other WG participants may have other proposed metrics:
> 
>     A. Measurement of CPU and memory use between Do53 and DoT or DoQ.
>     B. Measurement of query response rates between Do53 and DoT or DoQ.
>     C. Measurement of server authentication successes and failures.
>     D. Measurement and descriptions of observed attack traffic, if any.
> 
> 3. The chairs will solicit a volunteer (or volunteers) to collect information on any interoperability testing that has been carried out between implementations that support this specification.

That all seems fine with me (not sure about my co-authors, but I'll speak for them unless they yarp about it).

> Once the WG is comfortable with the experimentation section and the metrics, the chairs will submit the draft to the IESG for publication. We will propose to revisit the status of the document twelve (12) months after publication as an RFC.
> 
> Any concerns or suggestions on the above plan?

Please see the messages I sent to the list over the weekend. Florian has a major concern (responses from encrypting authoritative servers that are also acting as recursive resolvers), and I don't know how to deal with that in the draft because I don't see the differences from non-encrypting authoritative servers that are also acting as recursive resolvers. 

Beyond that, we have a stack of editorial comments already in the repo, and can put out a new draft with all the current text, then one final one with the results of the steps above.

--Paul Hoffman

v2.23.0 | Report a Bug | By Email