IETF Logo Mail Archive

Re: [dnsext] loads of TXT records for fun and profit

Phillip Hallam-Baker <hallam@gmail.com> Fri, 03 May 2013 13:58 UTC

Return-Path: <hallam@gmail.com>
X-Original-To: dnsext@ietfa.amsl.com
Delivered-To: dnsext@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B1E8E21F8766 for <dnsext@ietfa.amsl.com>; Fri, 3 May 2013 06:58:09 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.953
X-Spam-Level:
X-Spam-Status: No, score=-1.953 tagged_above=-999 required=5 tests=[AWL=-0.646, BAYES_00=-2.599, HTML_MESSAGE=0.001, MISSING_HEADERS=1.292, NO_RELAYS=-0.001]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id s2EjYhXX4pHS for <dnsext@ietfa.amsl.com>; Fri, 3 May 2013 06:58:08 -0700 (PDT)
Received: from mail-wg0-x235.google.com (mail-wg0-x235.google.com [IPv6:2a00:1450:400c:c00::235]) by ietfa.amsl.com (Postfix) with ESMTP id 3E64B21F965E for <dnsext@ietf.org>; Fri, 3 May 2013 06:57:59 -0700 (PDT)
Received: by mail-wg0-f53.google.com with SMTP id y10so1576265wgg.8 for <dnsext@ietf.org>; Fri, 03 May 2013 06:57:53 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:x-received:in-reply-to:references:date:message-id :subject:from:cc:content-type; bh=Itf56pyWW8S1PKADPXg+1rMkRlPLoWqrVnaRC3NFNGI=; b=SE1NrYM4nlZCHdzpijQlw0KR2sEnd7NzDVN+GZI/BqkEAx4rpC7+/mKI+UXJiAOHcC +qtTesNq9Anf/w1s9lFh2eFqm3LAOhAtR9corXRZ2nDuIAdaziEaFbh55PW/DC0ao4Rr FFjgEbhxWuSvkvlaJn6irVP08Diim4+ksCoP5iO5yaYsP/4LlKKlfbirTKAUQ3iTvdtS i0ZhnCoAUkJASXsFR/KRYAMDrl4C5FxlJsnthXq7fVqrZMD+1Q9+bukPU4d2gJPuTy85 LrK2J8fg+pjXUWheFlkscsYo3/JZGohfs0kY13ht8p1LGf2WXr7Lc8YvZP9EOF/V2rk8 1f7w==
MIME-Version: 1.0
X-Received: by 10.194.62.174 with SMTP id z14mr14116661wjr.20.1367589473284; Fri, 03 May 2013 06:57:53 -0700 (PDT)
Received: by 10.194.121.161 with HTTP; Fri, 3 May 2013 06:57:53 -0700 (PDT)
In-Reply-To: <E5E3F801-6490-48A8-A12F-A6561893D78A@icsi.berkeley.edu>
References: <20130425013317.36729.qmail@joyce.lan> <80ADB3EE-17FD-4628-B818-801CB71BCBFE@virtualized.org> <alpine.BSF.2.00.1304242309150.38677@joyce.lan> <46778ED3-35A2-44B4-BE3C-AAC4F7B314FF@virtualized.org> <92BBD83F-676D-4B05-B927-4101DD5CAD3E@neustar.biz> <DC121025-A014-492B-AFAD-22CDE49D866E@rfc1035.com> <CAMm+Lwi4MAjX8BAk_ro9usf6AJo=1UERhGBJ1rUa-AbrX09dqg@mail.gmail.com> <E5E3F801-6490-48A8-A12F-A6561893D78A@icsi.berkeley.edu>
Date: Fri, 03 May 2013 09:57:53 -0400
Message-ID: <CAMm+LwhqwT+9sqH5K4fJP3sUhmaTuPBMq8zE+4BdaTgBem9QDw@mail.gmail.com>
From: Phillip Hallam-Baker <hallam@gmail.com>
Cc: "dnsext@ietf.org" <dnsext@ietf.org>
Content-Type: multipart/alternative; boundary="047d7b86d6d8c1007304dbd0bcd8"
Subject: Re: [dnsext] loads of TXT records for fun and profit
X-BeenThere: dnsext@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: DNS Extensions working group discussion list <dnsext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsext>, <mailto:dnsext-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dnsext>
List-Post: <mailto:dnsext@ietf.org>
List-Help: <mailto:dnsext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsext>, <mailto:dnsext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 03 May 2013 13:58:10 -0000

DNS has an effective hard limit on the total size of all the records in a
RR set of 500 bytes. It is theoretically possible to go over that limit but
bad things start to happen and TCP fallback does not work any more reliably
than new RR types do.

SPF was already a deployed standard before the WG started. The IETF wrote
the specification after it was too late to change.


Now what could make the whole process a lot easier would be to allocate a
band of DNS RR codes for records that would all have TXT syntax. That would
allow BIND etc. to make one change to support the new syntax. Alternatively
we could extend the handling of unknown RR syntax so that there was a
string presentation option.

For example, imagine that all RRs from 1024 to 2048 are defined to be TXT
syntax. Anyone wanting any other syntax has to use a different RR code. So
a record would be:

example.com TXT1024 "Some stuff here"
example.com TXT1025 "A different project"

There would still be a need for prefixing but in general a DNS record
should be always prefixed or never prefixed.



On Fri, May 3, 2013 at 9:18 AM, Nicholas Weaver
<nweaver@icsi.berkeley.edu>wrote:

>
> On May 3, 2013, at 4:42 AM, Phillip Hallam-Baker <hallam@gmail.com> wrote:
>
> > It is not just stupid to further overload TXT, it is impossible.
> >
> > The SPF group knew when they were doing the draft that they were
> essentially making any other use of the TXT record infeasible in the
> future. Or at least I pointed that out.
>
> No its not, its trivial to further overload the text record.  All you have
> to do is make sure YOUR strings don't start with the same magic string,
> and/or are located in a different convention in the DNS hierarchy, as SPF
> records.
>
> And given the silly resistance amongst some in this group to tolerate
> allocating new RR types (look at the debate over the entirely sensible
> EUI48 and EUI64 RTYPEs), and the annoyance of getting authority software to
> allow one to provision new RTYPEs in an easily readable form [1], it makes
> perfect sense for developers who want to shove something into DNS to skip
> the whole IETF crap, create a convention, and shove things either in
> A-records (like the RBLs have done) or TXT records.
>
>
>
> [1] Yes, you can specify it as:
>
> >       The special token \# (a backslash immediately followed by a hash
> >       sign), which identifies the RDATA as having the generic encoding
> >       defined herein rather than a traditional type-specific encoding.
> >
> >       An unsigned decimal integer specifying the RDATA length in octets.
> >
> >       Zero or more words of hexadecimal data encoding the actual RDATA
> >       field, each containing an even number of hexadecimal digits.
>
> But lets face it, thats a PITA compared to going "MYTYPE: this is my
> record" as one string in a TXT record.
>
>


-- 
Website: http://hallambaker.com/

v2.23.0 | Report a Bug | By Email