IETF Logo Mail Archive

Re: [dns-privacy] Call For Adoption: draft-wing-dprive-dnsodtls

"Guangqing Deng" <dengguangqing@cnnic.cn> Tue, 26 May 2015 01:55 UTC

Return-Path: <dengguangqing@cnnic.cn>
X-Original-To: dns-privacy@ietfa.amsl.com
Delivered-To: dns-privacy@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 86D171A87AC for <dns-privacy@ietfa.amsl.com>; Mon, 25 May 2015 18:55:25 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.79
X-Spam-Level:
X-Spam-Status: No, score=0.79 tagged_above=-999 required=5 tests=[BAYES_50=0.8, HTML_FONT_LOW_CONTRAST=0.001, HTML_MESSAGE=0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Bmfq1IeUWfkt for <dns-privacy@ietfa.amsl.com>; Mon, 25 May 2015 18:55:22 -0700 (PDT)
Received: from cnnic.cn (smtp13.cnnic.cn [218.241.118.13]) by ietfa.amsl.com (Postfix) with ESMTP id 625F81A877C for <dns-privacy@ietf.org>; Mon, 25 May 2015 18:55:20 -0700 (PDT)
Received: from Foxmail (unknown [218.241.103.77]) by ocmail02.zx.nicx.cn (Coremail) with SMTP id AQAAf0ApMZV+0mNV+xBZBw--.2544S2; Tue, 26 May 2015 09:55:10 +0800 (CST)
Date: Tue, 26 May 2015 09:54:07 +0800
From: Guangqing Deng <dengguangqing@cnnic.cn>
To: dns-privacy <dns-privacy@ietf.org>
References: <555C942F.2090007@gmail.com>, <CA+nkc8DK8320KAq8xWRbm4B8BLqPSErzyHxYZ6EPk1Uz4Mc6Og@mail.gmail.com>, <8F5C00A9-C218-4470-89C5-3A84DCBF1FA3@cisco.com>
X-Priority: 3
X-Has-Attach: no
X-Mailer: Foxmail 7, 2, 6, 42[cn]
Mime-Version: 1.0
Message-ID: <2015052609540607241511@cnnic.cn>
Content-Type: multipart/alternative; boundary="----=_001_NextPart704026562665_=----"
X-CM-TRANSID: AQAAf0ApMZV+0mNV+xBZBw--.2544S2
X-Coremail-Antispam: 1UD129KBjvJXoW7Zr15tryDGF45ZFWDKF1ftFb_yoW8ZFyfpF WxWr4jyF4vva1UAwn7Jw4vvr1SgryfGrW7JasYkrWxZFn8AF1IgryFya1Fva429rs5W34Y vr4qywn2kr15AFJanT9S1TB71UUUUUUqnTZGkaVYY2UrUUUUjbIjqfuFe4nvWSU5nxnvy2 9KBjDU0xBIdaVrnRJUUUPEb7Iv0xC_tr1lb4IE77IF4wAFF20E14v26r1j6r4UM7CY07I2 0VC2zVCF04k26cxKx2IYs7xG6rWj6s0DM7CIcVAFz4kK6r1j6r18M28lY4IEw2IIxxk0rw A2F7IY1VAKz4vEj48ve4kI8wA2z4x0Y4vE2Ix0cI8IcVAFwI0_Ar0_tr1l84ACjcxK6xII jxv20xvEc7CjxVAFwI0_Cr0_Gr1UM28EF7xvwVC2z280aVAFwI0_Gr1j6F4UJwA2z4x0Y4 vEx4A2jsIEc7CjxVAFwI0_Cr1j6rxdM2AIxVAIcxkEcVAq07x20xvEncxIr21l5I8CrVAq jxCE14ACF2xKxwAqx4xG6xAIxVCFxsxG0wAqx4xG6I80eVA0xI0YY7vIx2IE14AGzxvEb7 x7McIj6xIIjxv20xvE14v26r1j6r18McIj6I8E87Iv67AKxVWUJVW8JwAm72CE4IkC6x0Y z7v_Jr0_Gr1lF7xvr2IYc2Ij64vIr41lFcxC0VAYjxAxZF0Ew4CEw7xC0wCY02Avz4vE14 v_KwCF04k20xvY0x0EwIxGrwCFx2IqxVCFs4IE7xkEbVWUJVW8JwC20s026c02F40E14v2 6r106r1rMI8I3I0E7480Y4vE14v26r106r1rMI8E67AF67kF1VAFwI0_Jrv_JF1lIxkGc2 Ij64vIr41lIxAIcVC0I7IYx2IY67AKxVWUJVWUCwCI42IY6xIIjxv20xvEc7CjxVAFwI0_ Jr0_Gr1lIxAIcVCF04k26cxKx2IYs7xG6rWUJVWrZr1UMIIF0xvEx4A2jsIE14v26r1j6r 4UMIIF0xvEx4A2jsIEc7CjxVAFwI0_Jr0_Gr1l6VACY4xI67k04243AbIYCTnIWIevJa73 UjIFyTuYvjxU2cdbUUUUU
X-CM-SenderInfo: 5ghqww5xdqw1xlqjqupqqluhdfq/
Archived-At: <http://mailarchive.ietf.org/arch/msg/dns-privacy/vr0CkgJOSYWGg3n91C_xOh-MAeA>
Cc: Tim Wicinski <tjw.ietf@gmail.com>, Dan Wing <dwing@cisco.com>
Subject: Re: [dns-privacy] Call For Adoption: draft-wing-dprive-dnsodtls
X-BeenThere: dns-privacy@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: <dns-privacy.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dns-privacy/>
List-Post: <mailto:dns-privacy@ietf.org>
List-Help: <mailto:dns-privacy-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 26 May 2015 01:55:25 -0000

Resolution latency is very crucial for DNS system and the latency of DNS-over-DTLS is relatively low compared with DNS-over-TLS. I support adoption, and BTW is there any public software library of DTLS for doing DNS-over-DTLS  evaluation?
 


Guangqing Deng
CNNIC 
 
From: Dan Wing
Date: 2015-05-23 00:13
To: Bob Harold
CC: Tim Wicinski; dns-privacy@ietf.org
Subject: Re: [dns-privacy] Call For Adoption: draft-wing-dprive-dnsodtls

On 20-May-2015 07:40 am, Bob Harold <rharolde@umich.edu> wrote: 


On Wed, May 20, 2015 at 10:03 AM, Tim Wicinski <tjw.ietf@gmail.com> wrote:
During the previous Call for Adoption a number of participants expressed interest in adopting this work.  WG members felt it needed some improvements, but thought it had potential. The authors addressed the issues and feel it meets what the working group was seeking, and have requested that we initiate a call for adoption.

If the working group adopts this document, it only means it wishes to study this solution more carefully.  The working group may still determine to not move forward with it.

The draft is available here: https://datatracker.ietf.org/doc/draft-wing-dprive-dnsodtls/
Please review this draft to see if you think it is suitable for adoption by , and comments to the list, clearly stating your view.

Please also indicate if you are willing to contribute text, review, etc.

 
I support adoption, and I will review.

I am unclear on Page 5
6.  Demultiplexing, Polling, Port Usage, and Discovery

"After performing the above steps, the host should determine if the
   DNS server supports DNSoD by sending a DTLS ClientHello message."

It is unclear to me what the "above steps" actually refers to.  Can you clarify?

Section 6 suggests how a DNSoDTLS client can determine that its connected network will work with DNSoDTLS.  The exact method and algorithm will require more discussion in the WG, especially to balance the needs for security and interoperability against implementation flexibility.

-d

v2.23.0 | Report a Bug | By Email