Re: [dnsext] loads of TXT records for fun and profit
Phillip Hallam-Baker <hallam@gmail.com> Fri, 03 May 2013 17:26 UTC
Return-Path: <hallam@gmail.com>
X-Original-To: dnsext@ietfa.amsl.com
Delivered-To: dnsext@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9D8C121F9729 for <dnsext@ietfa.amsl.com>; Fri, 3 May 2013 10:26:21 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.2
X-Spam-Level:
X-Spam-Status: No, score=0.2 tagged_above=-999 required=5 tests=[AWL=0.200, HTML_MESSAGE=0.001, NO_RELAYS=-0.001]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id w8nVkOFr2kWj for <dnsext@ietfa.amsl.com>; Fri, 3 May 2013 10:26:20 -0700 (PDT)
Received: from mail-we0-x22b.google.com (mail-we0-x22b.google.com [IPv6:2a00:1450:400c:c03::22b]) by ietfa.amsl.com (Postfix) with ESMTP id 774F521F991F for <dnsext@ietf.org>; Fri, 3 May 2013 09:17:10 -0700 (PDT)
Received: by mail-we0-f171.google.com with SMTP id u7so1482973wey.16 for <dnsext@ietf.org>; Fri, 03 May 2013 09:17:09 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:x-received:in-reply-to:references:date:message-id :subject:from:to:cc:content-type; bh=z+ADQPaTPUq4B8ik5t4V6vZkKrV40TH7/3aB5mQtyDA=; b=OE99YHlnY1D/zbW+J5kAVE3QCHhdDOngrUugZEklcXaQZoQOFVYQkJ1N0/ZZJrizV3 gpfkmzFwR+eQeGsy4djr2mwx0b9h+eiKFsfzX9KGIJQDzvdD95aaZbe2X2u71cPMoQfM augCrT+dmWlsd+tnwiZV+o+/dV4qTv+0RHIA3k8upZfzJ1bPtiVKCVGRH8lL+KIaqJKS cMIjGfeXLiDOA600hFhGLtbVRIt6YUxwRhIEg7daNPglf4ta87F8xquvOcfUY20LUq25 7WJeo3CxA/BzirmObm9C5YRTHmzpFwp3BbBd9rylyYPvMbKoXpsrNUb+6gU95X6Za48N 1qyg==
MIME-Version: 1.0
X-Received: by 10.180.86.230 with SMTP id s6mr14328240wiz.6.1367597829383; Fri, 03 May 2013 09:17:09 -0700 (PDT)
Received: by 10.194.121.161 with HTTP; Fri, 3 May 2013 09:17:09 -0700 (PDT)
In-Reply-To: <B72B7DF7-E52F-4B44-B7E3-67DCC5DD747F@hopcount.ca>
References: <20130425013317.36729.qmail@joyce.lan> <80ADB3EE-17FD-4628-B818-801CB71BCBFE@virtualized.org> <alpine.BSF.2.00.1304242309150.38677@joyce.lan> <46778ED3-35A2-44B4-BE3C-AAC4F7B314FF@virtualized.org> <92BBD83F-676D-4B05-B927-4101DD5CAD3E@neustar.biz> <DC121025-A014-492B-AFAD-22CDE49D866E@rfc1035.com> <CAMm+Lwi4MAjX8BAk_ro9usf6AJo=1UERhGBJ1rUa-AbrX09dqg@mail.gmail.com> <E5E3F801-6490-48A8-A12F-A6561893D78A@icsi.berkeley.edu> <CAMm+LwhqwT+9sqH5K4fJP3sUhmaTuPBMq8zE+4BdaTgBem9QDw@mail.gmail.com> <B72B7DF7-E52F-4B44-B7E3-67DCC5DD747F@hopcount.ca>
Date: Fri, 03 May 2013 12:17:09 -0400
Message-ID: <CAMm+LwjoJjGi9PdRON=Ft=eFbkQsiDzFaKC9hEu2zA77G2H4Yw@mail.gmail.com>
From: Phillip Hallam-Baker <hallam@gmail.com>
To: Joe Abley <jabley@hopcount.ca>
Content-Type: multipart/alternative; boundary="f46d04428624d0ecbc04dbd2ae37"
Cc: "dnsext@ietf.org" <dnsext@ietf.org>
Subject: Re: [dnsext] loads of TXT records for fun and profit
X-BeenThere: dnsext@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: DNS Extensions working group discussion list <dnsext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsext>, <mailto:dnsext-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dnsext>
List-Post: <mailto:dnsext@ietf.org>
List-Help: <mailto:dnsext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsext>, <mailto:dnsext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 03 May 2013 17:26:22 -0000
My point on TXT records and the 500 byte limit is that when you make a query for an unprefixed TXT record you are going to get ALL the records for all hacks that are overloading TXT with additional semantics. So the approach is not scalable which I think you agree with. Getting a RR assignment isn't the pain point. The only reason for getting an assignment is to make it more likely we will get decent support in BIND etc. I know all about the unknown RR coding. But that is second best support. What I am proposing is that we cut off a chunk of RR space that allows it to be used in a useful fashion without waiting for new deployments of BIND etc. Having to update BIND is second best in any case. The fewer updates and the fewer code paths to be verified, the better. Adding a new RR type to BIND only takes me a few hours. But writing the regression tests and the support infrastructure would be a lot more work and that is what it would be necessary to consider the code to be 'production'. On Fri, May 3, 2013 at 11:46 AM, Joe Abley <jabley@hopcount.ca> wrote: > > On 2013-05-03, at 09:57, Phillip Hallam-Baker <hallam@gmail.com> wrote: > > > DNS has an effective hard limit on the total size of all the records in > a RR set of 500 bytes. > > > > It is theoretically possible to go over that limit but bad things start > to happen and TCP fallback does not work any more reliably than new RR > types do. > > I don't think we necessarily see widespread problems with large responses. > > I realise that large responses are a reasonable concern, and there is much > scope for actual measurement to better characterise the landscape with > facts and science, but I don't think it's sensible to work from the basis > that the non-EDNS0-capable UDP-only DNS client sets an effective hard limit. > > This is a very general comment with no science behind it, of course, so it > doesn't really say anything beyond "here be dragons, or maybe not, who > knows". > > > Now what could make the whole process a lot easier would be to allocate > a band of DNS RR codes for records that would all have TXT syntax. That > would allow BIND etc. to make one change to support the new syntax. > Alternatively we could extend the handling of unknown RR syntax so that > there was a string presentation option. > > Recent experience suggests it's possible to apply for a new RRType and > have code-points assigned in less than a week. > > It also seems possible (with only the effort involved in opening a couple > of trouble tickets to make the feature request) to get the code-points > implemented in multiple major authoritative servers in less than three > weeks. > > Most deployed DNS authority servers (I have no numbers, but given the > purported market share of BIND9 I'll say "most") follow RFC3597 and hence > are able to understand (for example) > > krill.hopcount.ca. 86400 IN TYPE108 \# 6 7c d1 c3 e8 10 2f > > even if they can't understand > > krill.hopcount.ca. 86400 IN EUI48 7c-d1-c3-e8-10-2f > > The fact that EUI48 has a conveniently-hexadecimal RDATA payload makes > this an over-simple example, but it's not that hard to convert RRs with > textual data into the same format for provisioning purposes if your > nameserver doesn't understand the new RRType's presentation format ("not > hard" used here to mean "possible in less than 20 lines of awk"). > > Given all of this, I don't really understand the benefits of pre-assigning > TXT-like RRTypes for future use. The barrier to entry (today!) does not > seem high, and having RRTypes defined with meaningful canonical > representations and stable references for use seems beneficial. > > > Joe -- Website: http://hallambaker.com/
- Re: [dnsext] Obsoleting SPF RRTYPE Masataka Ohta
- [dnsext] Obsoleting SPF RRTYPE S Moonesamy
- Re: [dnsext] Obsoleting SPF RRTYPE David Conrad
- Re: [dnsext] Obsoleting SPF RRTYPE Mark Andrews
- Re: [dnsext] Obsoleting SPF RRTYPE John Levine
- Re: [dnsext] Obsoleting SPF RRTYPE David Conrad
- Re: [dnsext] Obsoleting SPF RRTYPE Masataka Ohta
- Re: [dnsext] Obsoleting SPF RRTYPE John R Levine
- Re: [dnsext] Obsoleting SPF RRTYPE David Conrad
- Re: [dnsext] Obsoleting SPF RRTYPE Måns Nilsson
- Re: [dnsext] Obsoleting SPF RRTYPE and deprecate … Douglas Otis
- Re: [dnsext] Obsoleting SPF RRTYPE Andrew Sullivan
- Re: [dnsext] Obsoleting SPF RRTYPE Ted Lemon
- Re: [dnsext] Obsoleting SPF RRTYPE Andrew Sullivan
- Re: [dnsext] Obsoleting SPF RRTYPE Dave Lawrence
- Re: [dnsext] Obsoleting SPF RRTYPE Paul Hoffman
- Re: [dnsext] Obsoleting SPF RRTYPE Andrew Sullivan
- Re: [dnsext] Obsoleting SPF RRTYPE Patrik Fältström
- Re: [dnsext] Obsoleting SPF RRTYPE John R Levine
- Re: [dnsext] Obsoleting SPF RRTYPE Patrik Fältström
- Re: [dnsext] Obsoleting SPF RRTYPE John R Levine
- Re: [dnsext] Obsoleting SPF RRTYPE Måns Nilsson
- Re: [dnsext] Obsoleting SPF RRTYPE Ted Lemon
- Re: [dnsext] Obsoleting SPF RRTYPE John Levine
- Re: [dnsext] Obsoleting SPF RRTYPE Paul Hoffman
- Re: [dnsext] Obsoleting SPF RRTYPE Jim Reid
- Re: [dnsext] Obsoleting SPF RRTYPE Warren Kumari
- Re: [dnsext] Obsoleting SPF RRTYPE S Moonesamy
- Re: [dnsext] [spfbis] Obsoleting SPF RRTYPE Dotzero
- Re: [dnsext] Obsoleting SPF RRTYPE Joe Abley
- Re: [dnsext] Obsoleting SPF RRTYPE Joe Abley
- Re: [dnsext] Obsoleting SPF RRTYPE Doug Barton
- Re: [dnsext] Obsoleting SPF RRTYPE Warren Kumari
- Re: [dnsext] [spfbis] Obsoleting SPF RRTYPE Pete Resnick
- Re: [dnsext] Obsoleting SPF RRTYPE John R Levine
- Re: [dnsext] [spfbis] Obsoleting SPF RRTYPE Warren Kumari
- Re: [dnsext] [spfbis] Obsoleting SPF RRTYPE Warren Kumari
- Re: [dnsext] Obsoleting SPF RRTYPE David Conrad
- Re: [dnsext] Obsoleting SPF RRTYPE Ted Lemon
- Re: [dnsext] Obsoleting SPF RRTYPE Pete Resnick
- Re: [dnsext] Obsoleting SPF RRTYPE Ted Lemon
- Re: [dnsext] Obsoleting SPF RRTYPE Pete Resnick
- Re: [dnsext] [spfbis] Obsoleting SPF RRTYPE Patrik Fältström
- Re: [dnsext] [spfbis] Obsoleting SPF RRTYPE Patrik Fältström
- Re: [dnsext] [spfbis] Obsoleting SPF RRTYPE Doug Barton
- Re: [dnsext] [spfbis] Obsoleting SPF RRTYPE Murray S. Kucherawy
- Re: [dnsext] Obsoleting SPF RRTYPE John Levine
- Re: [dnsext] Obsoleting SPF RRTYPE John Levine
- Re: [dnsext] [spfbis] Obsoleting SPF RRTYPE Doug Barton
- Re: [dnsext] [spfbis] Obsoleting SPF RRTYPE Hector Santos
- Re: [dnsext] [spfbis] Obsoleting SPF RRTYPE Pete Resnick
- Re: [dnsext] Obsoleting SPF RRTYPE David Conrad
- Re: [dnsext] [spfbis] Obsoleting SPF RRTYPE Doug Barton
- Re: [dnsext] [spfbis] Obsoleting SPF RRTYPE Doug Barton
- Re: [dnsext] [spfbis] Obsoleting SPF RRTYPE S Moonesamy
- Re: [dnsext] [spfbis] Obsoleting SPF RRTYPE Doug Barton
- Re: [dnsext] [spfbis] Obsoleting SPF RRTYPE Murray S. Kucherawy
- Re: [dnsext] Obsoleting SPF RRTYPE David Conrad
- Re: [dnsext] [spfbis] Obsoleting SPF RRTYPE David Conrad
- Re: [dnsext] Obsoleting SPF RRTYPE Noel David Torres Taño
- Re: [dnsext] [spfbis] Obsoleting SPF RRTYPE Murray S. Kucherawy
- Re: [dnsext] [spfbis] Obsoleting SPF RRTYPE Mark Andrews
- Re: [dnsext] [spfbis] Obsoleting SPF RRTYPE S Moonesamy
- Re: [dnsext] [spfbis] Obsoleting SPF RRTYPE Ted Lemon
- Re: [dnsext] [spfbis] Obsoleting SPF RRTYPE Ted Lemon
- Re: [dnsext] [spfbis] Obsoleting SPF RRTYPE Murray S. Kucherawy
- Re: [dnsext] [spfbis] Obsoleting SPF RRTYPE Nicholas Weaver
- Re: [dnsext] [spfbis] Obsoleting SPF RRTYPE Ted Lemon
- Re: [dnsext] [spfbis] Obsoleting SPF RRTYPE Nicholas Weaver
- Re: [dnsext] [spfbis] Obsoleting SPF RRTYPE Ted Lemon
- Re: [dnsext] [spfbis] Obsoleting SPF RRTYPE Barry Leiba
- Re: [dnsext] [spfbis] Obsoleting SPF RRTYPE Mark Andrews
- Re: [dnsext] Obsoleting SPF RRTYPE Havard Eidnes
- Re: [dnsext] [spfbis] Obsoleting SPF RRTYPE S Moonesamy
- Re: [dnsext] [spfbis] Obsoleting SPF RRTYPE Hector Santos
- Re: [dnsext] [spfbis] Obsoleting SPF RRTYPE Patrik Fältström
- Re: [dnsext] [spfbis] Obsoleting SPF RRTYPE Ted Lemon
- Re: [dnsext] [spfbis] Obsoleting SPF RRTYPE Doug Barton
- Re: [dnsext] [spfbis] Obsoleting SPF RRTYPE Dave Crocker
- Re: [dnsext] [spfbis] Obsoleting SPF RRTYPE David Conrad
- Re: [dnsext] [spfbis] Obsoleting SPF RRTYPE Dave Crocker
- Re: [dnsext] [spfbis] Obsoleting SPF RRTYPE Murray S. Kucherawy
- Re: [dnsext] Obsoleting SPF RRTYPE Mark Andrews
- Re: [dnsext] [spfbis] Obsoleting SPF RRTYPE Noel David Torres Taño
- Re: [dnsext] [spfbis] Obsoleting SPF RRTYPE Dave Crocker
- Re: [dnsext] [spfbis] Obsoleting SPF RRTYPE Hector Santos
- Re: [dnsext] [spfbis] Obsoleting SPF RRTYPE Scott Kitterman
- Re: [dnsext] [spfbis] Obsoleting SPF RRTYPE Scott Kitterman
- Re: [dnsext] [spfbis] Obsoleting SPF RRTYPE Hector Santos
- Re: [dnsext] Obsoleting SPF RRTYPE David Conrad
- Re: [dnsext] Obsoleting SPF RRTYPE John R Levine
- Re: [dnsext] Obsoleting SPF RRTYPE Doug Barton
- Re: [dnsext] Obsoleting SPF RRTYPE John Levine
- Re: [dnsext] Obsoleting SPF RRTYPE Doug Barton
- Re: [dnsext] Obsoleting SPF RRTYPE Edward Lewis
- [dnsext] loads of TXT records for fun and profit Jim Reid
- Re: [dnsext] Obsoleting SPF RRTYPE David Conrad
- Re: [dnsext] Obsoleting SPF RRTYPE Patrik Fältström
- Re: [dnsext] Obsoleting SPF RRTYPE Phillip Hallam-Baker
- Re: [dnsext] loads of TXT records for fun and pro… Phillip Hallam-Baker
- Re: [dnsext] loads of TXT records for fun and pro… Nicholas Weaver
- Re: [dnsext] loads of TXT records for fun and pro… Mark Andrews
- Re: [dnsext] loads of TXT records for fun and pro… Phillip Hallam-Baker
- Re: [dnsext] loads of TXT records for fun and pro… Ted Lemon
- Re: [dnsext] loads of TXT records for fun and pro… Phillip Hallam-Baker
- Re: [dnsext] loads of TXT records for fun and pro… Joe Abley
- Re: [dnsext] loads of TXT records for fun and pro… David Conrad
- Re: [dnsext] loads of TXT records for fun and pro… Phillip Hallam-Baker
- [dnsext] SPF, a cautionary tale John Levine
- Re: [dnsext] loads of TXT records for fun and pro… Nicholas Weaver
- Re: [dnsext] loads of TXT records for fun and pro… David Conrad
- Re: [dnsext] loads of TXT records for fun and pro… David Conrad
- Re: [dnsext] loads of TXT records for fun and pro… Doug Barton
- Re: [dnsext] loads of TXT records for fun and pro… Murray S. Kucherawy
- Re: [dnsext] loads of TXT records for fun and pro… Doug Barton
- Re: [dnsext] loads of TXT records for fun and pro… Phil Pennock
- Re: [dnsext] loads of TXT records for fun and pro… Phil Pennock
- Re: [dnsext] loads of TXT records for fun and pro… John Levine
- Re: [dnsext] loads of TXT records for fun and pro… David Miller
- Re: [dnsext] loads of TXT records for fun and pro… John Levine
- Re: [dnsext] SPF, a cautionary tale bmanning
- Re: [dnsext] SPF, a cautionary tale John R Levine
- Re: [dnsext] SPF, a cautionary tale Douglas Otis
- Re: [dnsext] SPF, a cautionary tale bmanning
- Re: [dnsext] SPF, a cautionary tale Douglas Otis
- Re: [dnsext] SPF, a cautionary tale bmanning
- Re: [dnsext] SPF, a cautionary tale Mark Andrews
- Re: [dnsext] SPF, a cautionary tale Murray S. Kucherawy
- Re: [dnsext] SPF, a cautionary tale Murray S. Kucherawy
- Re: [dnsext] SPF, a cautionary tale Mark Andrews
- Re: [dnsext] SPF, a cautionary tale Murray S. Kucherawy
- Re: [dnsext] SPF, a cautionary tale Doug Barton
- Re: [dnsext] SPF, a cautionary tale bmanning
- Re: [dnsext] SPF, a cautionary tale Murray S. Kucherawy
- Re: [dnsext] SPF, a cautionary tale Mark Andrews
- Re: [dnsext] SPF, a cautionary tale Phillip Hallam-Baker
- Re: [dnsext] SPF, a cautionary tale Mark Andrews
- Re: [dnsext] loads of TXT records for fun and pro… Florian Weimer