Some observations on dns-0x20
"George Barwood" <george.barwood@blueyonder.co.uk> Tue, 19 August 2008 20:55 UTC
Return-Path: <owner-namedroppers@ops.ietf.org>
X-Original-To: ietfarch-dnsext-archive@core3.amsl.com
Delivered-To: ietfarch-dnsext-archive@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 5003F3A68E0; Tue, 19 Aug 2008 13:55:37 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 4.702
X-Spam-Level: ****
X-Spam-Status: No, score=4.702 tagged_above=-999 required=5 tests=[BAYES_50=0.001, FH_RELAY_NODNS=1.451, HELO_EQ_BLUEYON=1.4, HELO_MISMATCH_UK=1.749, HTML_MESSAGE=0.001, RDNS_NONE=0.1]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id VK91bOOBOPj4; Tue, 19 Aug 2008 13:55:36 -0700 (PDT)
Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id 0B75C3A6767; Tue, 19 Aug 2008 13:55:36 -0700 (PDT)
Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from <owner-namedroppers@ops.ietf.org>) id 1KVY14-000JeI-HR for namedroppers-data@psg.com; Tue, 19 Aug 2008 20:41:22 +0000
Received: from [195.188.213.6] (helo=smtp-out3.blueyonder.co.uk) by psg.com with esmtp (Exim 4.69 (FreeBSD)) (envelope-from <george.barwood@blueyonder.co.uk>) id 1KVY10-000Jdm-49 for namedroppers@ops.ietf.org; Tue, 19 Aug 2008 20:41:20 +0000
Received: from [172.23.170.147] (helo=anti-virus03-10) by smtp-out3.blueyonder.co.uk with smtp (Exim 4.52) id 1KVY0z-0008Dt-FG for namedroppers@ops.ietf.org; Tue, 19 Aug 2008 21:41:17 +0100
Received: from [82.46.70.191] (helo=GeorgeLaptop) by asmtp-out4.blueyonder.co.uk with esmtpa (Exim 4.52) id 1KVY0y-0003el-QN for namedroppers@ops.ietf.org; Tue, 19 Aug 2008 21:41:16 +0100
Message-ID: <01c201c9023b$ee1cca40$0302a8c0@localhost>
From: George Barwood <george.barwood@blueyonder.co.uk>
To: namedroppers@ops.ietf.org
Subject: Some observations on dns-0x20
Date: Tue, 19 Aug 2008 21:41:16 +0100
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="----=_NextPart_000_01BF_01C90244.4F5964A0"
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2900.3138
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.3350
Sender: owner-namedroppers@ops.ietf.org
Precedence: bulk
List-ID: <namedroppers.ops.ietf.org>
I have been experimenting with the technique described ( Google for GbDns if interested ), and have a few observations. (1) A simple way of dealing with case sensitivity when parsing a string in a DNS requests is to preserve case if and only if the section is the Question section. For other sections I believe that simply reducing to lower case will not cause any problems, at least in a recursive context, and is the simplest and best solution. (2) When checking a response, a good model is to estimate the number of bits of entropy (random bits) that have been retained from the original request ( I will refer to this as the Confidence value ). The port number entropy should be discounted if the program may be behind a NAT device, unless it is known that the device preserves port randomization. I think this might be mentioned somewhere in the standard. If unusual responses are detected ( for example incorrect IP, Question not copied, Question case not preserved ), the response need not be entirely ignored, rather a suitable discount can be applied in the entropy computation. (3) A possible implementation technique is to maintain a Confidence field for each cache entry. When processing a response, the Confidence value computed in (2) can be added in when an exactly matching cache element ( normally with expired TTL ) is found. A valid cache entry is thus one which has valid TTL and valid Confidence value ( say 50 bits ). The resolver loop can iterate until either a valid cache entry is found, or an iteration occurs in which the cache is not updated ( this includes updates to TTL or Confidence values ). Non-existence and error conditions can also be cached, with confidence values. Lastly, I would like to say that I strongly support dns-0x20, and have communicated a couple of suggested changes privately to Paul, which he has graciously agreed to make, viz. (a) In section 7.4, to drop the words "by a factor of "several". (b) In section 5.2 to change "MUST" to "SHOULD". George Barwood
- Some observations on dns-0x20 George Barwood
- Some observations on dns-0x20 George Barwood
- Some Observations on Entropy Re: Some observation… Nicholas Weaver
- Re: Some Observations on Entropy Re: Some observa… George Barwood
- Re: Some Observations on Entropy Re: Some observa… Nicholas Weaver
- Re: Some Observations on Entropy Re: Some observa… George Barwood
- Re: Some Observations on Entropy Re: Some observa… Nicholas Weaver
- Re: Some Observations on Entropy Re: Some observa… Mark Andrews
- Re: Some Observations on Entropy Re: Some observa… Ray.Bellis
- Re: Some Observations on Entropy Re: Some observa… Mark Andrews
- Re: Some Observations on Entropy Re: Some observa… Nicholas Weaver
- Re: Some Observations on Entropy Re: Some observa… Mark Andrews
- Re: Some Observations on Entropy Re: Some observa… Paul Vixie
- Re: Some Observations on Entropy Re: Some observa… Ray.Bellis
- Re: Some Observations on Entropy Re: Some observa… list-namedroppers