Re: [DNSOP] DNSOP Digest, Vol 122, Issue 9
Richard Gibson <rgibson@dyn.com> Fri, 06 January 2017 22:20 UTC
Return-Path: <rgibson@dyn.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 695AE12948D for <dnsop@ietfa.amsl.com>; Fri, 6 Jan 2017 14:20:44 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.44
X-Spam-Level:
X-Spam-Status: No, score=-2.44 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, HTML_OBFUSCATE_05_10=0.26, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=dyn.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9Y4tDE_oc-Jk for <dnsop@ietfa.amsl.com>; Fri, 6 Jan 2017 14:20:42 -0800 (PST)
Received: from mail-vk0-x245.google.com (mail-vk0-x245.google.com [IPv6:2607:f8b0:400c:c05::245]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3F4DD129487 for <dnsop@ietf.org>; Fri, 6 Jan 2017 14:20:42 -0800 (PST)
Received: by mail-vk0-x245.google.com with SMTP id 19so269855487vko.0 for <dnsop@ietf.org>; Fri, 06 Jan 2017 14:20:42 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=dyn.com; s=google; h=mime-version:in-reply-to:references:from:date:message-id:subject:to; bh=O9WxDG1/7ZFB+JwzBNmZ/AS0wT80jPd6zjwl2aSdSeA=; b=eTOSZRJBTD6mxkgG8LGNY4aTR0nsnvY45qH3grGW3ujLSo6TzE1gHuOnhAsb0BzgN+ iekiE7GToOTs9QAi1Jcxjr7r44yZOSN7j/XGp4oh7QCJ1f6GJU3vMeUTm0v+8oqh0VRs qouFqF5/jUQXO8V8FKza3WYsaEPZx2BTRDF6Y=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to; bh=O9WxDG1/7ZFB+JwzBNmZ/AS0wT80jPd6zjwl2aSdSeA=; b=NjnIFcMFMcu/wpudMUvSQe07uCSW/rkRVF748YRgG/9J/j/4Ug3ZM+4F1wdWQdC0lO OfYB1sW4d5bTPHqDVpAqZUx3Lx/Fi5bSp4iF+driBG+/UY2y4t+KCBlXKukg8LswKNDH ZK4tL/+uiHPlddlc1QTuxoLSAvBLCdosCaXzVQHFBGjLvBOxqD7zGuolCIPSmd2AvnjB Um7S1rqwo7LO0AGVikjxIkKlcY9p1vVGcZ/cHhiceBNEfsYkPmFs/CeiXeT7t+3Wh0zX QANZEXVZEz+2Awc9Z5MtZnDFQUwfCmiwfmoFqh3x+jjvGPy+mD68TAwaaqpRs8n+vDD/ 9DJA==
X-Gm-Message-State: AIkVDXI/7xfA7+Eim7GXXatZX2KXLbKqXH+qi4AO+1B5u9pzlO1N1MSObGIAXfa4sja8TWtqV9GthZ2/PpoJwGFa
X-Received: by 10.176.4.22 with SMTP id 22mr58977845uav.16.1483741241006; Fri, 06 Jan 2017 14:20:41 -0800 (PST)
MIME-Version: 1.0
Received: by 10.176.5.131 with HTTP; Fri, 6 Jan 2017 14:20:20 -0800 (PST)
In-Reply-To: <mailman.1805.1483731727.3886.dnsop@ietf.org>
References: <mailman.1805.1483731727.3886.dnsop@ietf.org>
From: Richard Gibson <rgibson@dyn.com>
Date: Fri, 06 Jan 2017 17:20:20 -0500
Message-ID: <CAC94RYapsFgA=QZf83mdR+TeXy3Y+hGBXjOY86tb2dn6SV_hcQ@mail.gmail.com>
To: dnsop@ietf.org
Content-Type: multipart/alternative; boundary="94eb2c05b0509c04f70545746d52"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/CSI5CzPSXN7tCylGbdU1z5S-Syo>
Subject: Re: [DNSOP] DNSOP Digest, Vol 122, Issue 9
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 06 Jan 2017 22:20:44 -0000
On Fri, 6 Jan 2017 13:01:10 -0500, Robert Edmonds <edmonds@mycre.ws> wrote: > It can be rev'd in the same document that introduces a DNS address RR > for that address family :-) > Why not use Address Family <http://www.iana.org/assignments/address-family-numbers/address-family-numbers.xhtml> like EDNS Client Subnet <https://tools.ietf.org/html/rfc7871#section-6>? But for that matter... On Fri, 6 Jan 2017 18:43:30 +0000, "Wessels, Duane" <dwessels@verisign.com > wrote: > It is of course quite similar to EDNS client subnet, except that there is > no masking and the client cannot opt-out. Might be worth saying in your > document why EDNS client subnet wouldn't work for this purpose. > Why *wouldn't* ECS work for this? If the idea is to expose everything obscured by a proxy (e.g., for backend logging), then the option data should include quite a bit more than an address—at minimum, a protocol number <http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml> for differentiating UDP/TCP, the original OPT CLASS (UDP payload size) and flags (including DO), and a flag indicating presence or absence of an OPT record in the original query. You might also want to include the port and id from the original query (for direct response) and/or allow arbitrary data after the address (for communicating installation-specific metadata).
- Re: [DNSOP] DNSOP Digest, Vol 122, Issue 9 Richard Gibson
- Re: [DNSOP] DNSOP Digest, Vol 122, Issue 9 Wessels, Duane
- Re: [DNSOP] DNSOP Digest, Vol 122, Issue 9 Ray Bellis