Re: [DNSOP] Updated draft-hoffman-dns-in-json

George Michaelson <> Wed, 21 September 2016 22:15 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 585C712B8B8 for <>; Wed, 21 Sep 2016 15:15:42 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2.601
X-Spam-Status: No, score=-2.601 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (2048-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id ugY4kCO2GX-A for <>; Wed, 21 Sep 2016 15:15:41 -0700 (PDT)
Received: from ( [IPv6:2607:f8b0:400c:c05::236]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id D6FB712B91D for <>; Wed, 21 Sep 2016 15:15:39 -0700 (PDT)
Received: by with SMTP id u196so1535730vkd.1 for <>; Wed, 21 Sep 2016 15:15:39 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20150623; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=KiATUnacmltizqksSt6WgrGPgNW4MEkXdeXYhZ+pyko=; b=lfKgo9yspStaDRfWZ8EHqPJruV1MqQbZ6MMWfVeuokdsCv3zi8fsdA6xOKePGq1Dbg B7xTm18cLM0aXCk0Ca6A05UjNCcsF1n3yL4+YevVcJdhzAr7G4dOYzbQINIOfdh5Fvwa Fc/X4SA7JWnGrIx51zyyqlyoHzCNIxyUDTSJ/M1VbXzhnU04iMeHL3jjJh8bn80fl7S8 pkulhSJe1MdymaOE9zZ7kHKOz4nL22w27wrPAzdpMyeYq1NlFoQ/93t7spJcxUnzFMNa by0OAIuEtpNEludleFqYCdXCwPyYJSDP+4y8GjW89udcopHOUshgaWTqzRRn1VNlp8ry yg5A==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=KiATUnacmltizqksSt6WgrGPgNW4MEkXdeXYhZ+pyko=; b=hSMnpsqK663xM5xRifAkdLMWOHOZmZQOFvsMjl2ORZLPBK7Lr9UD1dDc04Zk5uLowd 3wK1QgIvn9MwwSQ637rM1HFfiff5uqyqszcxEBAgAxrI7lFx4m9+yHVmHqwxV10/NqOk yaz1wmGML7i1Q21Uq8EYiVnusahUDKWt6OnVH7ElWcAm+IZEA/e4xCal/1Y8hZgoujXJ PPdh0jzD1f8NYUmTLr46VwiOqX5FWqjcXgVkYvHE5Kwxmu0ePFoQ+1AFDsTf0+WLoWVR ei0HaQ93CTcrCN/phBCNTADmJMUmQf9inQ0+ePggqAgTcbRCBLmafZBjpPVj/lciJYjS GY5g==
X-Gm-Message-State: AE9vXwP10iG8lsHvtiL6qbkTrOwdFbGB6ZPqoP0+jDNSX4Od1iVWuEVAPYT+EHgWq5r2YHyuIP1tsy84hTWp5A==
X-Received: by with SMTP id 7mr233273vkl.130.1474496138346; Wed, 21 Sep 2016 15:15:38 -0700 (PDT)
MIME-Version: 1.0
Received: by with HTTP; Wed, 21 Sep 2016 15:15:37 -0700 (PDT)
X-Originating-IP: [2001:dc0:a000:4:a1d6:5e2a:4f6f:e221]
In-Reply-To: <>
References: <> <>
From: George Michaelson <>
Date: Thu, 22 Sep 2016 08:15:37 +1000
Message-ID: <>
To: Paul Hoffman <>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <>
Cc: "" <>, dnsop <>
Subject: Re: [DNSOP] Updated draft-hoffman-dns-in-json
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: IETF DNSOP WG mailing list <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Wed, 21 Sep 2016 22:15:42 -0000

I really like this document. I particularly like that it explicitly
addresses how the JSON format it uses can represent *malformed* DNS
state, as seen on the wire. This is very important, because some
canonicalize-and-map-the-DNS efforts I've seen have focussed on
well-formed packets, and this one stands out as saying "no, we have to
be able to represent incorrect state, because that exists on the wire,
and we need to show it sometimes"

It has multiple encoding possibilities for the DNS RR. I'm a little
confused what difference it makes, that you'd want 'all the things'
here. If the argument is 'long crypto hashes are better done as
base64' then why do we have the hex at all? Is that to preserve
bit-field legibility for instance? Or, to encode unintelligible
off-the-wire sequences which present as a valid RR but you can't
decompose into their constituents? Maybe its just a little guidance
when you saw the hex being used? rather than B64.

Do you need to be explicit that transform through this JSON would
permit re-emission of the wire content onto a network, and have the
packets function? Is that even a goal? The streaming reference sort-of
made me think this might be a goal, but it wasn't explicit to me in a
cursory reading.

I think this is a good document. I think its close to baked for me.


On Thu, Sep 22, 2016 at 6:47 AM, Paul Hoffman <> wrote:
> Greetings. Based on the recent discussion on the DNSOP mailing list (noting again that this is not a WG work item!), I have updated draft-hoffman-dns-in-json. I still plan to send this to the ISE for Experimental in about two weeks, and am happy to make more changes before then (or after, based on the ISE review).
> --Paul Hoffman
>> A new version of I-D, draft-hoffman-dns-in-json-08.txt
>> has been successfully submitted by Paul Hoffman and posted to the
>> IETF repository.
>> Name:         draft-hoffman-dns-in-json
>> Revision:     08
>> Title:                Representing DNS Messages in JSON
>> Document date:        2016-09-21
>> Group:                Individual Submission
>> Pages:                13
>> URL:  
>> Status:
>> Htmlized:
>> Diff: 
>> Abstract:
>>   Some applications use DNS messages, or parts of DNS messages, as
>>   data.  For example, a system that captures DNS queries and responses
>>   might want to be able to easily search those without having to decode
>>   the messages each time.  Another example is a system that puts
>>   together DNS queries and responses from message parts.  This document
>>   describes a standardized format for DNS message data in JSON.
> _______________________________________________
> DNSOP mailing list