[DNSOP] DNSOP Presentation "The Camel"

tjw ietf <tjw.ietf@gmail.com> Tue, 20 March 2018 07:29 UTC

Return-Path: <tjw.ietf@gmail.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 16AB6124207 for <dnsop@ietfa.amsl.com>; Tue, 20 Mar 2018 00:29:55 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.699
X-Spam-Level:
X-Spam-Status: No, score=-2.699 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Oj1RWXvMgfu1 for <dnsop@ietfa.amsl.com>; Tue, 20 Mar 2018 00:29:53 -0700 (PDT)
Received: from mail-wm0-x230.google.com (mail-wm0-x230.google.com [IPv6:2a00:1450:400c:c09::230]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E5A85120724 for <dnsop@ietf.org>; Tue, 20 Mar 2018 00:29:52 -0700 (PDT)
Received: by mail-wm0-x230.google.com with SMTP id t7so1356074wmh.5 for <dnsop@ietf.org>; Tue, 20 Mar 2018 00:29:52 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:date:message-id:subject:to; bh=MslvjBv69JlL8OMIdwTchLApSQ1uj48gXGugH4z4VlQ=; b=X6BqP9/Q5PUmiuTh3kbqlpNeXbhxLIrckpKeBT4pmH/zzHai3IunGNQEWEBogK3O9I WQhwAcI8AS+q39AorLzSYXrmwDmx2rhJakcsHuOsuIVzgb2t1W9/uZukz3Cxhs5m3T7N NJkwXITN/d0a8VmP7VZBUcPedUH6XKhZL9F2ZOomc62owmyy8OGWsKdqVowgXgrxhDpP t8exlv9ytusrtrjkQmzDgvv1IbWncTmarE/Z8ITDIN+zzVO1U5e5U0dh88ETyu1WXSom lWRD+GNuZRUuN2Gp3Tme3kX3W58/RLAEPeju2SlD9attZamSjZeSNsgt4yJaddxN23bF LuvA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=MslvjBv69JlL8OMIdwTchLApSQ1uj48gXGugH4z4VlQ=; b=G1BiNbKMBn2RPH3Q4i0ZRQNJEgihkwRGBa832wS/L4Q76PQX6HL2gaElvEvfPnBtJH oQuL3Wpsd4JaMWOqEiGFbTx8mcJtR4iSf4dGJzZcK6Q7inWRiFgQW/MOghVfmKJxLpBx /mABtp+o3ndDGcipiw2OV5hcFNSDf6HA3wMGeouYf6dqGA1tyEsw4NjAXg3PhsAwdcyj l18rGSl4OJ2yPyB4lfy/+BBggemCnrTfWeMaQViKtqxlw9kzR6CpquLtWwL5QJVqtMbS 8pQ+dFIUuNnUY5StJdeCYjSkjy2VYhVxMHucx662XMG3y/tz2aDZ6yPpvH9nrAtoPITx Xo6w==
X-Gm-Message-State: AElRT7EuoyDgTZUxstxbjTsgUR+Z9qSVNazgd708SEbIbaobhHv9K1gy 8HWkBu84cMx4vD/7eGl64euJ+hAiipTkZwss9awOARmr
X-Google-Smtp-Source: AG47ELv3pPhWx1T6Tly0VtFsHlZY2S24BiQazVj7BBqgvQPvE/Xk0tUNWJYsgI7eCpMihegch2GglWpqkVwjRXJUWFU=
X-Received: by 10.28.36.134 with SMTP id k128mr1275603wmk.2.1521530991329; Tue, 20 Mar 2018 00:29:51 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.223.154.52 with HTTP; Tue, 20 Mar 2018 00:29:50 -0700 (PDT)
From: tjw ietf <tjw.ietf@gmail.com>
Date: Tue, 20 Mar 2018 07:29:50 +0000
Message-ID: <CADyWQ+GK9kkkPAHUy1ZNV1NhK_hsQcedmi17UJqb6ZKtwHA3FQ@mail.gmail.com>
To: dnsop <dnsop@ietf.org>
Content-Type: multipart/alternative; boundary="001a1147dcb640c9eb0567d30aad"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/G3f4RzzuDFZdz69gdbJgFX5pvbY>
Subject: [DNSOP] DNSOP Presentation "The Camel"
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 20 Mar 2018 07:29:55 -0000

All

At the end of Tuesday's session we're having Bert Hubert from Power DNS
give a talk on what he views "The Camel".   He sent us a short abstract:


"In past years, DNS has been enhanced with DNSSEC, QName Minimization, EDNS
Client Subnet and in-band key provisioning through magic record types.  It
is now also seeing work on 'DNS Stateful Operations', XPF, ANAME (ALIAS),
resolver/client encryption, resolver/authoritative encryption & KSK
signalling/rollovers.
Each of these features interacts with all the others. Every addition
therefore causes a further combinatorial explosion in complexity.
Up to now, the increase in DNS complexity (mostly driven by DNSSEC) has been
made possible by the huge pool of programming talent, mostly in the open
source world.
This presentation sets out, with examples, how innoccuous features
contribute
to the combinatorial rise of complexity, and how we might ponder thinking
twice before loading up this camel further."



https://datatracker.ietf.org/meeting/101/materials/slides-101-dnsop-sessa-the-dns-camel-00

Now, before everyone jumps into the deep end here, we suggest one read RFC
8324, published February of this year https://tools.ietf.org/html/rfc8324 by
John Klensin.   John discusses very similar subject matter. Bert's talk has
a more "operational" focus, which is what caught this chair's eye (since
many in the WG worry about operational issues).  I believe the authors
would agree they are complementary in nature.

(If I am incorrect, the authors are free to castigate me)

thanks
Tim