Re: [DNSOP] [Ext] I-D Action: draft-ietf-dnsop-svcb-https-05.txt

Ralf Weber <dns@fl1ger.de> Sun, 23 May 2021 08:45 UTC

Return-Path: <dns@fl1ger.de>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8BB113A0A34 for <dnsop@ietfa.amsl.com>; Sun, 23 May 2021 01:45:40 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=unavailable autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id nCSrerAzJwRj for <dnsop@ietfa.amsl.com>; Sun, 23 May 2021 01:45:39 -0700 (PDT)
Received: from smtp.guxx.net (nyx.guxx.net [85.10.208.173]) by ietfa.amsl.com (Postfix) with ESMTP id 0F8FE3A0A2D for <dnsop@ietf.org>; Sun, 23 May 2021 01:45:38 -0700 (PDT)
Received: by nyx.guxx.net (Postfix, from userid 107) id 89A6A5F40B47; Sun, 23 May 2021 08:45:32 +0000 (UTC)
Received: from [100.64.0.1] (p4fc21d7b.dip0.t-ipconnect.de [79.194.29.123]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by nyx.guxx.net (Postfix) with ESMTPSA id 8C38B5F402C2; Sun, 23 May 2021 08:45:31 +0000 (UTC)
From: Ralf Weber <dns@fl1ger.de>
To: Brian Dickson <brian.peter.dickson@gmail.com>
Cc: Eric Orth <ericorth=40google.com@dmarc.ietf.org>, WG <dnsop@ietf.org>, Martin Thomson <mt@lowentropy.net>
Date: Sun, 23 May 2021 10:45:30 +0200
X-Mailer: MailMate (1.13.2r5673)
Message-ID: <A5D5FCEE-B2BC-4F54-8CD8-8B1E495AD2F4@fl1ger.de>
In-Reply-To: <CAH1iCioNaPJUbKojB3jMhQpv+k3XquzL8qeH_9tZDHrUCSTKHw@mail.gmail.com>
References: <7ADF1FB2-97A4-4C49-8F25-8BF03BE01640@hopcount.ca> <20210512213903.D5F1F7AA827@ary.qy> <CAMOjQcFJjcsvaREF0fr+2GTY4zTy5CxSxR16BEp=Nc-K9WJ0Tg@mail.gmail.com> <CAH1iCipAVKVCuH2ME=+YpeJyijrKCtzJaU3bRFyy1f48EB33iw@mail.gmail.com> <CAHbrMsCjWgV7nc575L_qdvr7HdoEVKqkXRwLdXA2L5NiCgdvwA@mail.gmail.com> <CAH1iCipW_-BSMQZ-S+m18pyzfxTGsCrmG9Pc-b35_VRiLhxh4w@mail.gmail.com> <CAHbrMsDvEkYAxee4xjW5LsQmr0PgBf+UmMAuME-_UvRMg4jJeA@mail.gmail.com> <CAH1iCiq4zJZBv5=f7T2EDRWKa7bAZx66SMKkf+AiDsDPTZokhQ@mail.gmail.com> <CAHbrMsAW_wtKmRDYKZVUrFLZYuM_DqoS-8VRMf-O0Z8WpPBfbg@mail.gmail.com> <CAKC-DJj3nPAZp=qpwjBJ_3yG_EO-q-bcJbaizUNw9uq6deVZjg@mail.gmail.com> <C3734365-D5F7-4F9A-A463-5EFBB841A583@apple.com> <CAH1iCiod61M5aHnF_qrpP6=Oc3nBL+McaSui5NUnLd1GbS=okw@mail.gmail.com> <CAH1iCipcjnHdBcc7VCpLr9rP6vbbTHKYPHtqBkQu_achzpohcg@mail.gmail.com> <D10F7DCD-71AE-4AFC-9835-C9E1F03D831F@icann.org> <CAH1iCiphr71C0MjhP-amR4S5FpDzKc4qkDvsU3qMXhdLNhiwyw@mail.gmail.com> <CAH1iCiqSFk0XP_We+cUfe0xFvmDMusPc3weHxSK-e5CLT6jLwg@mail.gmail.com> <CAKC-DJhH=OK_mraWK1pVEx6a_hiPSPF-KQwd+mDy_2mg_a17CQ@mail.gmail.com> <CAH1iCip=Y0MTh4=ATqWPdWSDot4dmBge96Y-cdL86hk3dk3ddg@mail.gmail.com> <9a138693-60a0-4b75-99f5-6a7544f935a0@www.fastmail.com> <CAH1iCirdY4HWj1o8X3mEkPJODrQZ391YsuC75Hs5m5G4PM3ATA@mail.gmail.com> <1A6728DB-72CB-425E-90D7-38159DC8D4FB@fl1ger.de> <CAMOjQcF=K_Dkya7yamKECxHjmsEVHmLyoaoF3KRnCXqPde4wSw@mail.gmail.com> <91F79DA0-4BD9-414C-973D-024F3583F3EB@fl1ger.de> <CAH1iCioNaPJUbKojB3jMhQpv+k3XquzL8qeH_9tZDHrUCSTKHw@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/8XvJwS7_8eOzAqpBSkjW3wbHfPY>
Subject: Re: [DNSOP] [Ext] I-D Action: draft-ietf-dnsop-svcb-https-05.txt
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 23 May 2021 08:45:41 -0000

Moin!

On 21 May 2021, at 20:16, Brian Dickson wrote:
> I think the handling of presentation formats and wire formats leaves much
> to be desired.
As others said the wire format is a pretty standard TLV format, so I don’t
think there is a change needed as this sort of format is well understood.
I’m also confident that zone file presentation can be sorted out for regular
uses and we always have the generic \nnn escaping for the more complicated
ones.

> However, the handling of future extensions is not (IMHO) currently usable
> via the existing proposed mechanism.
>
> The discussion about "what if ECN needed to be added later" got me thinking
> about the issue.
>
> I think there is a need for something similar to RFC3597, except for fields
> in a record rather than a BLOB for the record itself.
> RFC3597 is fine for an RRTYPE with only one RDATA element/structure, but
> not for complex RRs.
RFC3597 just works fine with HTTPS. Most people have been using it for some
time now, unless they have recursor already supports HTTPS/SVCB. IMHO HTTPS
has shown that RFC3597 works today as there were only minor effects on
rolling out a new resource record. I think Google did an additional test
with an unregistered RRType and came to the same conclusion, but I don’t
have the details at hand.

> So, this problem on sub-field encodings has arisen from ignoring RFC5507
> (regardless of why it has been ignored).
The only mention of that is in comparison to TXT records people used for
e.g SPF and other things. The specific advise there is only if your record
size is so big that it exceeds general DNS packet size make it a pointer
instead of stuffing it in the resource record. The generic advice of RFC5507
is to create a real resource record type instead of using TXT, and IMHO
this draft follows this advice (both the RR and size recommendations).

So long
-Ralf
——-
Ralf Weber