Re: [dns-privacy] [DNSOP] Next steps: draft-ietf-core-dns-over-coap
Christian Amsüss <christian@amsuess.com> Wed, 05 July 2023 16:18 UTC
Return-Path: <christian@amsuess.com>
X-Original-To: dns-privacy@ietfa.amsl.com
Delivered-To: dns-privacy@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E815DC15109D; Wed, 5 Jul 2023 09:18:19 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.895
X-Spam-Level:
X-Spam-Status: No, score=-1.895 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pjt-mYyeHhXq; Wed, 5 Jul 2023 09:18:16 -0700 (PDT)
Received: from smtp.akis.at (smtp.akis.at [IPv6:2a02:b18:500:a515::f455]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CE079C14CE2C; Wed, 5 Jul 2023 09:18:10 -0700 (PDT)
Received: from poseidon-mailhub.amsuess.com (095129206250.cust.akis.net [95.129.206.250]) by smtp.akis.at (8.17.1/8.17.1) with ESMTPS id 365GHlMY031736 (version=TLSv1.2 cipher=ECDHE-ECDSA-AES256-GCM-SHA384 bits=256 verify=NOT); Wed, 5 Jul 2023 18:17:48 +0200 (CEST) (envelope-from christian@amsuess.com)
X-Authentication-Warning: smtp.akis.at: Host 095129206250.cust.akis.net [95.129.206.250] claimed to be poseidon-mailhub.amsuess.com
Received: from poseidon-mailbox.amsuess.com (unknown [IPv6:2a02:b18:c13b:8010:a800:ff:fede:b1bf]) by poseidon-mailhub.amsuess.com (Postfix) with ESMTP id 1C885245B0; Wed, 5 Jul 2023 18:17:47 +0200 (CEST)
Received: from hephaistos.amsuess.com (hephaistos.lan [IPv6:2a02:b18:c13b:8010::d5b]) by poseidon-mailbox.amsuess.com (Postfix) with ESMTPSA id B7E7025459; Wed, 5 Jul 2023 18:17:46 +0200 (CEST)
Received: (nullmailer pid 13369 invoked by uid 1000); Wed, 05 Jul 2023 16:17:46 -0000
Date: Wed, 05 Jul 2023 18:17:46 +0200
From: Christian Amsüss <christian@amsuess.com>
To: Ben Schwartz <bemasc@meta.com>
Cc: Martine Sophie Lenders <m.lenders@fu-berlin.de>, "core@ietf.org" <core@ietf.org>, "draft-ietf-core-dns-over-coap@ietf.org" <draft-ietf-core-dns-over-coap@ietf.org>, dnsop <dnsop@ietf.org>, DNS Privacy Working Group <dns-privacy@ietf.org>
Message-ID: <ZKWXqqaQ5KubrM2Q@hephaistos.amsuess.com>
References: <2490fd32-437d-8182-ec2e-9e5058d9bf5a@fu-berlin.de> <BN8PR15MB3281BDC22008FF7D94076A1CB323A@BN8PR15MB3281.namprd15.prod.outlook.com> <53c93af2-8b37-ad11-f12d-428f47a515ac@fu-berlin.de> <BN8PR15MB32819C4B4258AF2B14F29BB3B325A@BN8PR15MB3281.namprd15.prod.outlook.com>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg="pgp-sha256"; protocol="application/pgp-signature"; boundary="kY/U8LpimJbJp5ic"
Content-Disposition: inline
In-Reply-To: <BN8PR15MB32819C4B4258AF2B14F29BB3B325A@BN8PR15MB3281.namprd15.prod.outlook.com>
Archived-At: <https://mailarchive.ietf.org/arch/msg/dns-privacy/e6GcdTpmYMPcA5FqGtQvijrdK9g>
Subject: Re: [dns-privacy] [DNSOP] Next steps: draft-ietf-core-dns-over-coap
X-BeenThere: dns-privacy@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Addition of privacy to the DNS protocol <dns-privacy.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dns-privacy/>
List-Post: <mailto:dns-privacy@ietf.org>
List-Help: <mailto:dns-privacy-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 05 Jul 2023 16:18:20 -0000
Hello Ben, picking one of the points in the thread and leaving the rest to another subthread: > > We have a paper on the performance benefits just accepted for CoNEXT, > > which we will cite once it is published. An early pre-print (the final > > paper underwent some major revisions though) is available on arXiv [5]. > > This paper appears to be focused on DNS performance, but DNS is > usually only a small component of overall system performance. In this context, I think a relevant performance metric is firmware size (or, equivalently, network load from firmware updates) -- a metric that is covered in the latest preprint[1] of the same work. While a CoAP plus OSCORE stack is marginally larger in firmware that a DNS plus DTLS stack (and admittedly that's not even accounting for EDHOC that'd also be needed if the DNS server is authenticated with public key cryptography), that is text the application already pulls in, whereas the DTLS component of DNS over DTLS alone already weighs another 20KiB of firmware size. That represents a significant portion of the flash memory available on the relevant microcontrollers. Software complexity (both in terms of LoC and in terms of items on an SBOM) is a factor that improves in parallel to the binary size savings. BR Christian [1]: https://arxiv.org/abs/2207.07486v2 -- To use raw power is to make yourself infinitely vulnerable to greater powers. -- Bene Gesserit axiom
- [dns-privacy] Next steps: draft-ietf-core-dns-ove… Martine Sophie Lenders
- Re: [dns-privacy] [DNSOP] Next steps: draft-ietf-… Ben Schwartz
- Re: [dns-privacy] [core] Next steps: draft-ietf-c… mohamed.boucadair
- Re: [dns-privacy] [DNSOP] Next steps: draft-ietf-… Martine Sophie Lenders
- Re: [dns-privacy] [DNSOP] Next steps: draft-ietf-… Ben Schwartz
- Re: [dns-privacy] [DNSOP] Next steps: draft-ietf-… Christian Amsüss
- Re: [dns-privacy] [DNSOP] Next steps: draft-ietf-… Ben Schwartz
- Re: [dns-privacy] [DNSOP] Next steps: draft-ietf-… Esko Dijk
- Re: [dns-privacy] [core] [DNSOP] Next steps: draf… Carsten Bormann