Return-Path: X-Original-To: ietfarch-dnsext-archive@core3.amsl.com Delivered-To: ietfarch-dnsext-archive@core3.amsl.com Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 72F9E3A6A37; Fri, 13 Nov 2009 13:42:43 -0800 (PST) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: 3.554 X-Spam-Level: *** X-Spam-Status: No, score=3.554 tagged_above=-999 required=5 tests=[AWL=-0.696, BAYES_00=-2.599, CHARSET_FARAWAY_HEADER=3.2, FH_RELAY_NODNS=1.451, HELO_EQ_DE=0.35, HELO_MISMATCH_DE=1.448, MIME_8BIT_HEADER=0.3, RDNS_NONE=0.1] Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id s8Y-qNk-ScQa; Fri, 13 Nov 2009 13:42:42 -0800 (PST) Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id 89F123A6830; Fri, 13 Nov 2009 13:42:42 -0800 (PST) Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1N93qK-000CwK-Di for namedroppers-data0@psg.com; Fri, 13 Nov 2009 21:38:08 +0000 Received: from [213.178.172.147] (helo=TR-Sys.de) by psg.com with esmtp (Exim 4.69 (FreeBSD)) (envelope-from ) id 1N93qF-000Cuf-T3 for namedroppers@ops.ietf.org; Fri, 13 Nov 2009 21:38:04 +0000 Received: from ZEUS.TR-Sys.de by w. with ESMTP ($Revision: 1.37.109.26 $/16.3.2) id AA131598223; Fri, 13 Nov 2009 22:37:03 +0100 Received: (from ah@localhost) by z.TR-Sys.de (8.9.3 (PHNE_25183)/8.7.3) id WAA13539; Fri, 13 Nov 2009 22:37:02 +0100 (MEZ) From: Alfred =?hp-roman8?B?SM5uZXM=?= Message-Id: <200911132137.WAA13539@TR-Sys.de> Subject: Re: [dnsext] Re: Building structured extensibility into EDNS0(bis) To: Bob.Halley@nominum.com Date: Fri, 13 Nov 2009 22:37:01 +0100 (MEZ) Cc: namedroppers@ops.ietf.org In-Reply-To: <3970352C-C35F-4886-BBF5-D5ECB84D53B3@nominum.com> from Bob Halley at Nov "13, " 2009 "12:35:30" pm X-Mailer: ELM [$Revision: 1.17.214.3 $] Mime-Version: 1.0 Content-Type: text/plain; charset=hp-roman8 Content-Transfer-Encoding: 8bit Sender: owner-namedroppers@ops.ietf.org Precedence: bulk List-ID: List-Unsubscribe: To unsubscribe send a message to namedroppers-request@ops.ietf.org with List-Unsubscribe: the word 'unsubscribe' in a single line as the message text body. List-Archive: > > On 13 Nov 2009, at 20:05, Alfred HÎnes wrote: > >> On 13 Nov 2009 08:58:44 +0100, W.C.A. Wijngaards wrote: >>> >>> On 11/13/2009 05:21 AM, Stephane Bortzmeyer wrote: >>>> Alfred HÎnes wrote >>>>> d) As a result of c), I suggest to assign two functional bits from >>>>> the most significant nibble of the EDNS OPTION-CODE for >>>>> "must understand" (M) and "echo" (E); two bits remain reserved >>>>> (res) for future sepcification and are set to zero currently. >>>> It seems a very good plan to me. >>> >>> I wonder how a resolver would detect that the other end supports M and E >>> bits. >>> >>> Best regards, >>> Wouter >> >> Admittedly, that's a dilemma. > > It's a real problem. If the M bit is to to be useful, you have to > know that an implementation supports it. Many implementations today > will simply ignore unknown options. ... If that can be consolidated/quantified, that rather good news! > ... So you're going to have to do one of: > > 1) probe for M support somehow (maybe using an option that > the server has to echo back if it understands) > > 2) require that any "M" option always causes an option to > be added to the response in an aware implementation > > 3) increment the EDNS version number > > IMO, #1 adds yet more latency and complexity and is best avoided. > #2 is equivalent to what the -bis draft recommends ("signaled > acknowledgement"), but adds noise M and E bits to the option type. > #3 could work, but I'd rather we didn't try EDNS1 until EDNS0 was > nearly universally understood. > > I favor the approach taken in the -bis draft over the idea of M & E bits. > > /Bob #2 is a good design principle anyway, and I would expect it to be used universally for future mandatory-to-understand (M=1) options. The benefits of the M bit should be twofold: - allow to more clearly signal what's wrong, from the responder side. - allow much more graceful treatment of cases with multiple options, in particular with mixed M=1 and M=0 options, where I see no means to achieve sensical server behavior otherwise, and probing indeed might become necessary otherwise if the querier wants to insist on at least some of the options as a fallback mechanism. The important detail I already pointed out, and which is relevant for the judgement of #3, is that the currently ramping up deployment phase for IPv6 and DNSSEC will push DNS software updates out, and fast action _now_ to enable flexibility for the future wrt ENDS will have a good chance to see rapid deployment -- independent on the specific details. BTW: I'd be particularly interested in the opinions of those who have drafts with an EDNS option in the pipeline (independent of the particular state). Alfred.