Re: [DNSOP] I-D Action: draft-ietf-dnsop-refuse-any-04.txt
Tony Finch <dot@dotat.at> Mon, 13 February 2017 22:30 UTC
Return-Path: <dot@dotat.at>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 00B0F12998C for <dnsop@ietfa.amsl.com>; Mon, 13 Feb 2017 14:30:01 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.618
X-Spam-Level:
X-Spam-Status: No, score=-2.618 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=messagingengine.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id flZhPJXW9xUs for <dnsop@ietfa.amsl.com>; Mon, 13 Feb 2017 14:29:59 -0800 (PST)
Received: from out4-smtp.messagingengine.com (out4-smtp.messagingengine.com [66.111.4.28]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 30E1112946E for <dnsop@ietf.org>; Mon, 13 Feb 2017 14:29:59 -0800 (PST)
Received: from compute4.internal (compute4.nyi.internal [10.202.2.44]) by mailout.nyi.internal (Postfix) with ESMTP id 97962208D7; Mon, 13 Feb 2017 17:29:58 -0500 (EST)
Received: from web1 ([10.202.2.211]) by compute4.internal (MEProxy); Mon, 13 Feb 2017 17:29:58 -0500
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-transfer-encoding:content-type :date:from:in-reply-to:message-id:mime-version:references :subject:to:x-me-sender:x-me-sender:x-sasl-enc; s=smtpout; bh=ls Fsaooh8ceV0bxQ6uqZpQ/vtPc=; b=d0nId0GJiI+XtdGmzs4bKNt2/k4GXEB8Df Ccy46EpE2+S3UWcqMnA8RPypIdJCyN1VMMUy+myaw24z0HeM8NbpOVGVvuGr0g4X kpaF/uFtg2hGQSXO+jctaHRM+nd/V1hMubLr/NIcLkDhlqQapYTR0ODTAfcTxF+T zD+8CrYa4=
X-ME-Sender: <xms:ZjOiWK3KlheeyjwawtimtAx-p1Wsd44wvosNzDeMkSnsXAO-TAhfyg>
Received: by mailuser.nyi.internal (Postfix, from userid 99) id 6D0BEAA6C5; Mon, 13 Feb 2017 17:29:58 -0500 (EST)
Message-Id: <1487024998.1521302.879922640.52B598B0@webmail.messagingengine.com>
From: Tony Finch <dot@dotat.at>
To: Mark Andrews <marka@isc.org>, "Wessels, Duane" <dwessels@verisign.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Type: multipart/alternative; boundary="_----------=_148702499815213021"
X-Mailer: MessagingEngine.com Webmail Interface - ajax-3dff962b
In-Reply-To: <20170213222150.436CF6397520@rock.dv.isc.org>
Date: Mon, 13 Feb 2017 22:29:58 +0000
References: <148661979638.4286.4234665114055399732.idtracker@ietfa.amsl.com> <CAC94RYZM+KMS2c3CVx=8Q005XYGQqNRv--23H7_aTpuY05tEMQ@mail.gmail.com> <CAN6NTqy9_jKXT4Fc9KhmcW7Fq6DTiU2HmzBoWn+YA1fALOh5zA@mail.gmail.com> <CAC94RYYhV0ye252bLNSGPmqQhdZ772AkaJ7us86X1j4nppsWDg@mail.gmail.com> <alpine.DEB.2.11.1702131258580.23062@grey.csi.cam.ac.uk> <CAC94RYbSkp2h_jOBgmrP3oZouSigPp9xPVxoKxkYft55qMyiZQ@mail.gmail.com> <alpine.DEB.2.11.1702131642360.23062@grey.csi.cam.ac.uk> <CAC94RYZSLzv=SDMxXTh2ZWZJUbG0AtMhmO62ynCpg-WO8XJcYg@mail.gmail.com> <20170213173801.j7dpxzjy5morksg5@mycre.ws> <CAC94RYYTZa0nXT8zdb_LFgKxpAx3Dc4kHZpE68-oh_DSbZxd4Q@mail.gmail.com> <49D21A98-86D6-4A91-8456-B64C4F54DB6F@verisign.com> <CAC94RYaUhcYA-M+fY2MUp1nVzsc7jK7yWx0xwbycS3x3FeuXpg@mail.gmail.com> <AF58E101-549E-4B47-8756-A7F07E78C886@verisign.com> <20170213222150.436CF6397520@rock.dv.isc.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/C3MDQvWkrZZXpnn6JTvSpFylBXY>
Cc: Ólafur Guðmundsson <olafur@cloudflare.com>, Robert Edmonds <edmonds@mycre.ws>, dnsop <dnsop@ietf.org>
Subject: Re: [DNSOP] I-D Action: draft-ietf-dnsop-refuse-any-04.txt
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 13 Feb 2017 22:30:01 -0000
Mark Andrews <marka@isc.org> wrote: > > We don't need any new signalling. If the answer is truncated you > set tc=1. This works with all existing clients. One of the points of minimal-any is that the answer is not truncated because you do not want clients to automatically retry over TCP. This is to handle situations where many third-party recursive servers are under attack using one of your names, so the recursive servers are hitting your authoritative servers hard. RRL does not work in this case, because the clients are legitimate recursive servers. You want to give them an answer asap, that they can cache without hitting TCP. Tony. -- f.anthony.n.finch <dot@dotat.at> http://dotat.at/ - I xn-- zr8h punycode
- [DNSOP] I-D Action: draft-ietf-dnsop-refuse-any-0… internet-drafts
- Re: [DNSOP] I-D Action: draft-ietf-dnsop-refuse-a… Ólafur Guðmundsson
- [DNSOP] Review of draft [draft-ietf-dnsop-refuse-… Woodworth, John R
- Re: [DNSOP] Review of draft [draft-ietf-dnsop-ref… Ólafur Guðmundsson
- Re: [DNSOP] I-D Action: draft-ietf-dnsop-refuse-a… Richard Gibson
- Re: [DNSOP] I-D Action: draft-ietf-dnsop-refuse-a… Ólafur Guðmundsson
- Re: [DNSOP] I-D Action: draft-ietf-dnsop-refuse-a… Richard Gibson
- Re: [DNSOP] I-D Action: draft-ietf-dnsop-refuse-a… Woodworth, John R
- Re: [DNSOP] I-D Action: draft-ietf-dnsop-refuse-a… Tony Finch
- Re: [DNSOP] I-D Action: draft-ietf-dnsop-refuse-a… Richard Gibson
- Re: [DNSOP] I-D Action: draft-ietf-dnsop-refuse-a… Tony Finch
- Re: [DNSOP] I-D Action: draft-ietf-dnsop-refuse-a… Richard Gibson
- Re: [DNSOP] I-D Action: draft-ietf-dnsop-refuse-a… Robert Edmonds
- Re: [DNSOP] I-D Action: draft-ietf-dnsop-refuse-a… Richard Gibson
- Re: [DNSOP] I-D Action: draft-ietf-dnsop-refuse-a… Wessels, Duane
- Re: [DNSOP] I-D Action: draft-ietf-dnsop-refuse-a… Ólafur Guðmundsson
- Re: [DNSOP] I-D Action: draft-ietf-dnsop-refuse-a… Richard Gibson
- Re: [DNSOP] I-D Action: draft-ietf-dnsop-refuse-a… Richard Gibson
- Re: [DNSOP] I-D Action: draft-ietf-dnsop-refuse-a… Wessels, Duane
- Re: [DNSOP] I-D Action: draft-ietf-dnsop-refuse-a… Mark Andrews
- Re: [DNSOP] I-D Action: draft-ietf-dnsop-refuse-a… Tony Finch
- Re: [DNSOP] I-D Action: draft-ietf-dnsop-refuse-a… Vernon Schryver
- Re: [DNSOP] I-D Action: draft-ietf-dnsop-refuse-a… Mark Andrews
- Re: [DNSOP] I-D Action: draft-ietf-dnsop-refuse-a… Tony Finch
- Re: [DNSOP] I-D Action: draft-ietf-dnsop-refuse-a… Brian Dickson
- Re: [DNSOP] I-D Action: draft-ietf-dnsop-refuse-a… Tony Finch