Re: [dns-privacy] [Technical Errata Reported] RFC9539 (7832)
Daniel Kahn Gillmor <dkg@fifthhorseman.net> Sat, 02 March 2024 03:36 UTC
Return-Path: <dkg@fifthhorseman.net>
X-Original-To: dns-privacy@ietfa.amsl.com
Delivered-To: dns-privacy@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F398CC14F6B4 for <dns-privacy@ietfa.amsl.com>; Fri, 1 Mar 2024 19:36:46 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.105
X-Spam-Level:
X-Spam-Status: No, score=-2.105 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=neutral reason="invalid (unsupported algorithm ed25519-sha256)" header.d=fifthhorseman.net header.b="zlkMBG8S"; dkim=pass (2048-bit key) header.d=fifthhorseman.net header.b="ecg/lBWQ"
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1aaRl7plXtPM for <dns-privacy@ietfa.amsl.com>; Fri, 1 Mar 2024 19:36:42 -0800 (PST)
Received: from che.mayfirst.org (che.mayfirst.org [IPv6:2001:470:1:116::7]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6209DC14F6BD for <dns-privacy@ietf.org>; Fri, 1 Mar 2024 19:36:42 -0800 (PST)
DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/simple; d=fifthhorseman.net; i=@fifthhorseman.net; q=dns/txt; s=2019; t=1709350600; h=from : to : cc : subject : in-reply-to : references : date : message-id : mime-version : content-type : from; bh=0J5nsr5htzF+jnxOD6miSLrHzlxtwgkjCiU9xdUAk+E=; b=zlkMBG8S6E6KCpBRmjL+dBo/FgX36QSzm0oyWaeyXFQAAZf3UZl+7sFXjzo3qSTRD/tUL jzO9iseWS7j+Gw6BA==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=fifthhorseman.net; i=@fifthhorseman.net; q=dns/txt; s=2019rsa; t=1709350600; h=from : to : cc : subject : in-reply-to : references : date : message-id : mime-version : content-type : from; bh=0J5nsr5htzF+jnxOD6miSLrHzlxtwgkjCiU9xdUAk+E=; b=ecg/lBWQue6woka2SOcd9c5IU9wbnWs9VHINOxYWT+6oRKlFVE3Ch7834tYWlo3V0hFu2 R981fFN2qAEu0DpidJZaV2bkWrFQTurJ4pSjmByLMVVAyQEXJ/tUiHdfNgwfVFCtdInBjy7 7wCdykPR0uCdce5OMGvSxCud4LMiWTT3222RRvnOnMUrUZzjZ/YJaqBAu9fcL8HXNbHdf6U PASfS45Jmpq4RYjHkFLSIkqfZMqJcGO2wsUKl57RkDRmPB8S+kNvTzQYC0xuBGS1PSQZrHC Tkpz0uojJg06kdboo0gd0kcRTRZN1B2f3QWnEOhHiC50F6s/oBykN5R326oQ==
Received: from fifthhorseman.net (lair.fifthhorseman.net [108.58.6.98]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1)) (No client certificate requested) by che.mayfirst.org (Postfix) with ESMTPSA id A477FF9DA; Fri, 1 Mar 2024 22:36:39 -0500 (EST)
Received: by fifthhorseman.net (Postfix, from userid 1000) id 2F6CB2058D; Fri, 1 Mar 2024 22:36:37 -0500 (EST)
From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
To: RFC Errata System <rfc-editor@rfc-editor.org>, joeygsal@gmail.com, paul.hoffman@icann.org, ek.ietf@gmail.com, evyncke@cisco.com, brian@innovationslab.net, tjw.ietf@gmail.com
Cc: ietf@kevin.km6g.us, dns-privacy@ietf.org, rfc-editor@rfc-editor.org
In-Reply-To: <20240229145340.3565B1A41EA5@rfcpa.amsl.com>
References: <20240229145340.3565B1A41EA5@rfcpa.amsl.com>
Autocrypt: addr=Daniel Kahn Gillmor; prefer-encrypt=mutual; keydata= xjMEZXEJyxYJKwYBBAHaRw8BAQdA5BpbW0bpl5qCng/RiqwhQINrplDMSS5JsO/YO+5Zi7HCi QQfFgoAMQWCZadnIAUJBdtHCwMLCQcDFQoIApsBAh4BFiEE1HcEDHDCFWpcKYVJu36RAUlea/ cACgkQu36RAUlea/edDQD+M2QjnoEyu/TjI+gRXBpXQ5jCsnnp9FdYhaSSUW/vZ8kBAJByWlj A9aMfVaVrmvgcYw7jzJz+gmZspBRB++5LZ20NzRc8ZGtnQGZpZnRoaG9yc2VtYW4ubmV0PsLA EQQTFgoAeQMLCQdHFAAAAAAAHgAgc2FsdEBub3RhdGlvbnMuc2VxdW9pYS1wZ3Aub3JnEu/CS CeyWwC6j4ihJr2u/z6delsF1pvYW3ufgf1L538DFQoIApsBAh4BFiEE1HcEDHDCFWpcKYVJu3 6RAUlea/cFAmWnX5AFCQXZ8EUACgkQu36RAUlea/cjVwD+ONjdHM74rAa6EEiiqaPjlptiaZx CVqFYXnib6EbZARkBAPnnR8pW8vCBnDXHKu65jNqwF3aH761NaOqqMFfppg8GzjMEZXEJyxYJ KwYBBAHaRw8BAQdAjX25Fq2Q9IUFeHy6yByIQPBnFOedFliuEiCIUzJsENDCwMUEGBYKAS1HF AAAAAAAHgAgc2FsdEBub3RhdGlvbnMuc2VxdW9pYS1wZ3Aub3JnwqKWsw56uoWVLIFcs7ZecJ gwpsSNevWCzbviKQ8yRLUCmwK+oAQZFgoAbwWCZXEJywkQdy0WHjXNS4FHFAAAAAAAHgAgc2F sdEBub3RhdGlvbnMuc2VxdW9pYS1wZ3Aub3JnEIJSOxuw2y/UJmg5M3BLpN0JYjODZpXiEVFu 1byARzMWIQR0vATEPYYIS+hnLAZ3LRYeNc1LgQAAsH8BAKg1C5LK/D7pSkXCD+jfTSP+CqM58 iHLjh4vKhpOKsTJAQCHldtEjxJ1ksPTFgG9HihHH7qc6/wvvLw77ETMpwlrAxYhBNR3BAxwwh VqXCmFSbt+kQFJXmv3BQJlp1+rBQkCF4lgAAoJELt+kQFJXmv3ydsA/2roQZ2Jm/7iUrg/2C5 ClWA/xbvPC31LyMkGGH2/rq8tAP9BgqLuCPnNTVPqeX9+9qqMmaFq7wmvjq5I+yycAw9CDc44 BGVxCcsSCisGAQQBl1UBBQEBB0BZMsRrRaaeFSYMF1ZdfRmVgBriDUIr99eDQ085BK14DgMBC AfCwAYEGBYKAG5HFAAAAAAAHgAgc2FsdEBub3RhdGlvbnMuc2VxdW9pYS1wZ3Aub3JnsazAWX tEHUPmSTmcRZAIsAsNiO8k0hdjsfRlRVipgJgCmwwWIQTUdwQMcMIValwphUm7fpEBSV5r9wU CZadfqwUJAheJYAAKCRC7fpEBSV5r90AjAPwLgY1iKiFJEj32SVD5f721929l79VxQB5FlQss x1n5kQEA6Uct2tPvbB6T7p5KG3Gl+tbi7oJAuxFmpkpW5/N2Owg=
Date: Fri, 01 Mar 2024 22:36:36 -0500
Message-ID: <874jdp8fuj.fsf@fifthhorseman.net>
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-="; micalg="pgp-sha512"; protocol="application/pgp-signature"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dns-privacy/wh86nj4vuPozbNuRK-vuYb1R54w>
X-Mailman-Approved-At: Sat, 02 Mar 2024 12:15:40 -0800
Subject: Re: [dns-privacy] [Technical Errata Reported] RFC9539 (7832)
X-BeenThere: dns-privacy@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Addition of privacy to the DNS protocol <dns-privacy.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dns-privacy/>
List-Post: <mailto:dns-privacy@ietf.org>
List-Help: <mailto:dns-privacy-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 02 Mar 2024 03:36:47 -0000
Erratum 7832 in RFC 9539 is correct and should be marked as Verified. The
"damping" parameter should indeed be characterized by the specific
encrypted transport it is associated with.
A recursive resolver that implements both DoT and DoQ may perfer to use
different `damping` parameters for each encrypted transport, for
example due to concerns about different resource consumption patterns
for each implementation.
Thank you Kevin P. Fleming for the close read of this document.
--dkg
On Thu 2024-02-29 06:53:40 -0800, RFC Errata System wrote:
> The following errata report has been submitted for RFC9539,
> "Unilateral Opportunistic Deployment of Encrypted Recursive-to-Authoritative DNS".
>
> --------------------------------------
> You may review the report below and at:
> https://www.rfc-editor.org/errata/eid7832
>
> --------------------------------------
> Type: Technical
> Reported by: Kevin P. Fleming <ietf@kevin.km6g.us>
>
> Section: 4.6.3
>
> Original Text
> -------------
> * E-status[X] is either fail or timeout and (T0 - E-completed[X]) >
> damping, or
>
> Corrected Text
> --------------
> * E-status[X] is either fail or timeout and (T0 - E-completed[X]) >
> E-damping, or
>
> Notes
> -----
> The formula should reference the damping value for the protocol in use.
>
> Instructions:
> -------------
> This erratum is currently posted as "Reported". (If it is spam, it
> will be removed shortly by the RFC Production Center.) Please
> use "Reply All" to discuss whether it should be verified or
> rejected. When a decision is reached, the verifying party
> will log in to change the status and edit the report, if necessary.
>
> --------------------------------------
> RFC9539 (draft-ietf-dprive-unilateral-probing-13)
> --------------------------------------
> Title : Unilateral Opportunistic Deployment of Encrypted Recursive-to-Authoritative DNS
> Publication Date : February 2024
> Author(s) : D. K. Gillmor, Ed., J. Salazar, Ed., P. Hoffman, Ed.
> Category : EXPERIMENTAL
> Source : DNS PRIVate Exchange
> Area : Internet
> Stream : IETF
> Verifying Party : IESG
- [dns-privacy] [Technical Errata Reported] RFC9539… RFC Errata System
- Re: [dns-privacy] [Technical Errata Reported] RFC… Daniel Kahn Gillmor