Re: [dns-privacy] Murray Kucherawy's No Objection on draft-ietf-dprive-dnsoquic-10: (with COMMENT)
Sara Dickinson <sara@sinodun.com> Tue, 22 March 2022 09:41 UTC
Return-Path: <sara@sinodun.com>
X-Original-To: dns-privacy@ietfa.amsl.com
Delivered-To: dns-privacy@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5C0AE3A10B2; Tue, 22 Mar 2022 02:41:16 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.108
X-Spam-Level:
X-Spam-Status: No, score=-2.108 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H5=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=sinodun.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id x58i7AcDyJuJ; Tue, 22 Mar 2022 02:41:12 -0700 (PDT)
Received: from haggis.mythic-beasts.com (haggis.mythic-beasts.com [46.235.224.141]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5745B3A0E84; Tue, 22 Mar 2022 02:40:56 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sinodun.com ; s=mythic-beasts-k1; h=To:Date:From:Subject; bh=vaua8hzp7bgXiL3fK5KSNQDrQfF1wVevoNGKGeGP7EM=; b=hxMoQNsoJRM0yGgOtr3NFSR2FM 6joejOf0fY3KmKU4mnc/M8fJM5qF74VPvftMja/KtteJS46JNdD94eCpr+ZYbuywSbRtjdCkzG1Zo 7zLFeSAcKsQP82GzHilSe/hlWnrxVNlrlWnzKG3sgzAdfn7NeLCRnQ2FgjX+N9jcAfM0j7k34tN+r 8gESCsqih3/svadzcn22BXIBtZ/6xSrbMaKPFhKuOKaxD35AvZdJ50MvUdHYnUwzIgefXkaChXuV3 8WSorM2a0OprhHsawsNhfbCUnJO61Js6hTHj7D7cEo0UAJ04or7qcJU8eWTxjPP4Z1BO21YPpShKt q0LL8pzQ==;
Received: from 82-68-3-134.dsl.in-addr.zen.co.uk ([82.68.3.134]:19004 helo=smtpclient.apple) by haggis.mythic-beasts.com with esmtpsa (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92.3) (envelope-from <sara@sinodun.com>) id 1nWb0Y-0005yF-Lq; Tue, 22 Mar 2022 09:40:54 +0000
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 14.0 \(3654.120.0.1.13\))
From: Sara Dickinson <sara@sinodun.com>
In-Reply-To: <164688802361.27357.3045938985642915716@ietfa.amsl.com>
Date: Tue, 22 Mar 2022 09:40:52 +0000
Cc: The IESG <iesg@ietf.org>, draft-ietf-dprive-dnsoquic@ietf.org, dprive-chairs@ietf.org, dns-privacy@ietf.org, brian@innovationslab.net
Content-Transfer-Encoding: quoted-printable
Message-Id: <DFAABD83-F3D1-4B2A-AC90-7827B113D0F0@sinodun.com>
References: <164688802361.27357.3045938985642915716@ietfa.amsl.com>
To: Murray Kucherawy <superuser@gmail.com>
X-Mailer: Apple Mail (2.3654.120.0.1.13)
X-BlackCat-Spam-Score: 4
Archived-At: <https://mailarchive.ietf.org/arch/msg/dns-privacy/g4B8ip8QZmU3GZS6dbNliVz4Ibk>
Subject: Re: [dns-privacy] Murray Kucherawy's No Objection on draft-ietf-dprive-dnsoquic-10: (with COMMENT)
X-BeenThere: dns-privacy@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Addition of privacy to the DNS protocol <dns-privacy.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dns-privacy/>
List-Post: <mailto:dns-privacy@ietf.org>
List-Help: <mailto:dns-privacy-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 22 Mar 2022 09:41:23 -0000
> On 10 Mar 2022, at 04:53, Murray Kucherawy via Datatracker <noreply@ietf.org> wrote: > > Murray Kucherawy has entered the following ballot position for > draft-ietf-dprive-dnsoquic-10: No Objection > > When responding, please keep the subject line intact and reply to all > email addresses included in the To and CC lines. (Feel free to cut this > introductory paragraph, however.) > > > Please refer to https://www.ietf.org/about/groups/iesg/statements/handling-ballot-positions/ > for more information about how to handle DISCUSS and COMMENT positions. > > > The document, along with other ballot positions, can be found here: > https://datatracker.ietf.org/doc/draft-ietf-dprive-dnsoquic/ > > > > ---------------------------------------------------------------------- > COMMENT: > ---------------------------------------------------------------------- > > Now THAT is a well done shepherd writeup. > > Thanks for this work, which was an interesting read. It's great to see this so > quickly on the heels of QUIC itself. Many thanks for the comments - please see the updates in version -11 which was just published, which we hope address your comments. > > Just a couple of BCP 14 things to point out. In Section 5.4, we have this: > > Clients SHOULD monitor the idle time incurred on their connection to > the server, defined by the time spent since the last packet from the > server has been received. When a client prepares to send a new DNS > query to the server, it will check whether the idle time is > sufficiently lower than the idle timer. If it is, the client will > send the DNS query over the existing connection. If not, the client > will establish a new connection and send the query over that > connection. > > There's a blanket SHOULD, followed by two "will"s. I read those as normative > requirements, even though they don't use BCP 14 language. But that means they > conflict with the SHOULD. IMHO, this needs to be resolved. Agreed - we’ve updated the following ‘wills' to SHOULDs. > > In Section 5.5: > > Clients SHOULD consider potential privacy issues associated with > session resumption before deciding to use this mechanism. [...] > > I find "SHOULD consider" to be far too vague for this to be meaningful. If > I've thought about it, have I met my burden here? There are several things to evaluate here - we’ve updated this text to: “Clients SHOULD consider potential privacy issues associated with session resumption before deciding to use this mechanism and specifically evaluate the trade-offs presented in the various sections of this document. The privacy issues are detailed…" Does that address your concern or can you suggest text? All nits fixed - thanks! Sara. > > Thank you for including Section 7. > > And now, some nits. > > Abstract: > > * "... similar properties to that provided by ..." -- s/that/those/ > > Section 1: > > * "DNS over QUIC is referred here as ..." -- s/referred/referenced/ or > s/referred/referred to/ > > Section 5.2: > > * The second-last paragraph is missing a closing parenthesis. > > >
- [dns-privacy] Murray Kucherawy's No Objection on … Murray Kucherawy via Datatracker
- Re: [dns-privacy] Murray Kucherawy's No Objection… Sara Dickinson
- Re: [dns-privacy] Murray Kucherawy's No Objection… Murray S. Kucherawy