IETF Logo Mail Archive

[DNSOP] Re: Introducing Relative Label for DNS

Mukund Sivaraman <muks@mukund.org> Mon, 22 July 2024 09:19 UTC

Return-Path: <muks@mukund.org>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1FF84C151065 for <dnsop@ietfa.amsl.com>; Mon, 22 Jul 2024 02:19:48 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.91
X-Spam-Level:
X-Spam-Status: No, score=-6.91 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6iyT-OeL7HSO for <dnsop@ietfa.amsl.com>; Mon, 22 Jul 2024 02:19:46 -0700 (PDT)
Received: from mx.mukund.org (mx.mukund.org [IPv6:2a01:4f8:13a:28c1:1::d8]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C73E1C14F702 for <dnsop@ietf.org>; Mon, 22 Jul 2024 02:19:46 -0700 (PDT)
Date: Mon, 22 Jul 2024 17:19:39 +0800
From: Mukund Sivaraman <muks@mukund.org>
To: Ben <ben=40yocto.com@dmarc.ietf.org>
Message-ID: <Zp4kK5Ad39SLkJo2@w2>
References: <32cb827b0875605f8fbf47ccae1d4a9c@yocto.com> <690B1EDE-7DCF-4E33-9688-97295F9D842D@gmail.com> <0dc78e99117e369d6d617b937495d722@yocto.com>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg="pgp-sha512"; protocol="application/pgp-signature"; boundary="vi78jPbf4oDlmxhw"
Content-Disposition: inline
In-Reply-To: <0dc78e99117e369d6d617b937495d722@yocto.com>
Message-ID-Hash: VPWZDYPHZJHRVZ555XE62GCGN6OFS7P3
X-Message-ID-Hash: VPWZDYPHZJHRVZ555XE62GCGN6OFS7P3
X-MailFrom: muks@mukund.org
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-dnsop.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: dnsop@ietf.org
X-Mailman-Version: 3.3.9rc4
Precedence: list
Subject: [DNSOP] Re: Introducing Relative Label for DNS
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/H5c9r3c1WLEw0hWogBVx7-g_LT0>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Owner: <mailto:dnsop-owner@ietf.org>
List-Post: <mailto:dnsop@ietf.org>
List-Subscribe: <mailto:dnsop-join@ietf.org>
List-Unsubscribe: <mailto:dnsop-leave@ietf.org>

Hi Ben

I've read through the draft quickly. While I don't want you to feel
discouraged, I have a negative opinion of this idea.

(a) This draft is a little confusing without making assumptions. It
should clearly mention that the relative labels are for name
representation in DNS messages. The draft also doesn't appear to mention
relative to what other item in the message. We have such a facility
already by means of a name compression pointer.

(b) RFC 2671 is obsolete, and you should read the introduction and
section 5 in RFC 6891 about the practial problems in using extended
label types (and what happened with bit-string labels). Think of the
amount of change in deployed implementations that would be required if
the concept you're proposing has to work.

(c) Given the burden of DNS (and as you are an implementor, you must be
well aware of it), it is also pertinent to ask whether the DNS
absolutely needs a new idea to work or deliver, i.e., can we do without
it? At best, the concept you are proposing is a minor optimization. Name
pointers already compress superdomain names in owner names and names in
RDATA of RFC 1035 types. There's no pressing "need" to avoid the
absolute name.

The draft mentions a "problem", but there is not really a problem. At
most, an implementation has to perform marginally more work with no
change in time or space complexity to generate the absolute names.

I am sorry to be negative, but please consider the above items.

On Mon, Jul 22, 2024 at 08:35:39AM +0000, Ben wrote:
> > In general, what suffix is affixed to a relative label?  In printed zone
> > files, there is the $ORIGIN directive, and dynamic update specifies a
> > zone, but those are part of use cases (and are not the same, not
> > equivalent).  I say not equivalent as dynamic update needs to know what
> > zone to edit, the value isn’t intended the same way $ORIGIN is - in a
> > zone file $ORIGIN may be redefined as desired.
> I think we should not focus to much specificly on how BIND handles things
> with $ORIGIN. I'm talking about the concept of zones in general. For

$ORIGIN is from RFC 1035, for any implementation that supports master
files. It is not a BIND-specific item.

		Mukund

v2.37.1 | Report a Bug | By Email | System Status