IETF Logo Mail Archive

Re: [dnsext] Re: need new flag bit in EDNS, "do me no favours" (DMNF)

Paul Wouters <paul@xelerance.com> Tue, 26 October 2010 16:27 UTC

Return-Path: <owner-namedroppers@ops.ietf.org>
X-Original-To: ietfarch-dnsext-archive@core3.amsl.com
Delivered-To: ietfarch-dnsext-archive@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id C09443A68C6; Tue, 26 Oct 2010 09:27:43 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.401
X-Spam-Level:
X-Spam-Status: No, score=-2.401 tagged_above=-999 required=5 tests=[AWL=0.198, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1m4N8h-reA5l; Tue, 26 Oct 2010 09:27:43 -0700 (PDT)
Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id D6EB83A689F; Tue, 26 Oct 2010 09:27:42 -0700 (PDT)
Received: from majordom by psg.com with local (Exim 4.72 (FreeBSD)) (envelope-from <owner-namedroppers@ops.ietf.org>) id 1PAmIL-000CMO-2B for namedroppers-data0@psg.com; Tue, 26 Oct 2010 16:22:41 +0000
Received: from newtla.xelerance.com ([193.110.157.143]) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.72 (FreeBSD)) (envelope-from <paul@xelerance.com>) id 1PAmII-000CLq-3L for namedroppers@ops.ietf.org; Tue, 26 Oct 2010 16:22:38 +0000
Received: from tla.xelerance.com (tla.xelerance.com [193.110.157.130]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by newtla.xelerance.com (Postfix) with ESMTP id C4239C3F5; Tue, 26 Oct 2010 12:22:34 -0400 (EDT)
Date: Tue, 26 Oct 2010 12:22:34 -0400
From: Paul Wouters <paul@xelerance.com>
To: Paul Vixie <vixie@isc.org>
cc: namedroppers@ops.ietf.org
Subject: Re: [dnsext] Re: need new flag bit in EDNS, "do me no favours" (DMNF)
In-Reply-To: <79152.1288064704@nsa.vix.com>
Message-ID: <alpine.LFD.1.10.1010261218000.29025@newtla.xelerance.com>
References: <59023.1287939121@nsa.vix.com> <20101025094523.GA5187@nic.fr> <41281.1288025835@nsa.vix.com> <20101025233215.4A495606495@drugs.dv.isc.org> <72674.1288058394@nsa.vix.com> <AANLkTikVzwCf7Ti-6G8hOYaHXHJ3+dy9_nRszb2iVFZk@mail.gmail.com> <79152.1288064704@nsa.vix.com>
User-Agent: Alpine 1.10 (LFD 962 2008-03-14)
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset="US-ASCII"; format="flowed"
Sender: owner-namedroppers@ops.ietf.org
Precedence: bulk
List-ID: <namedroppers.ops.ietf.org>
List-Unsubscribe: To unsubscribe send a message to namedroppers-request@ops.ietf.org with
List-Unsubscribe: the word 'unsubscribe' in a single line as the message text body.
List-Archive: <http://ops.ietf.org/lists/namedroppers/>

On Tue, 26 Oct 2010, Paul Vixie wrote:

> moreover, i'd like to open-and-shut this case.  please let's not innovate
> beyond the small desire i began with, which is to add opt-out.

I'm still unsure how this would work when users with a mix of preference
for opt-in/opt-out for dns-rewrites connect to the same cache. Will caches
now keep multiple answers based on the new RD EDNS DMNF bit? How would this
work together with DNSSEC? And with the business model of TTL=0

I do think the standard should be "do me no favours" and any mechanism
for "doing me favours" should be done by the user. Possible a nice gui to
enable such services might help those services, but I'm still unconvinced
this needs to be addressed at the protocol layer. I kind of feel along
the lines of RFC-1984.

Paul

v2.23.0 | Report a Bug | By Email