Re: [DNSOP] [Ext] Re: KSK-Sentinal: Once more down the naming rathole.

Joe Abley <jabley@hopcount.ca> Thu, 22 February 2018 15:05 UTC

Return-Path: <jabley@hopcount.ca>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 82627127136 for <dnsop@ietfa.amsl.com>; Thu, 22 Feb 2018 07:05:53 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.699
X-Spam-Level:
X-Spam-Status: No, score=-2.699 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_LOW=-0.7, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=hopcount.ca
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id QjWKGDTSFklH for <dnsop@ietfa.amsl.com>; Thu, 22 Feb 2018 07:05:52 -0800 (PST)
Received: from mail-yw0-x22b.google.com (mail-yw0-x22b.google.com [IPv6:2607:f8b0:4002:c05::22b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8B9B31241F3 for <dnsop@ietf.org>; Thu, 22 Feb 2018 07:05:52 -0800 (PST)
Received: by mail-yw0-x22b.google.com with SMTP id x197so1511450ywg.11 for <dnsop@ietf.org>; Thu, 22 Feb 2018 07:05:52 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=hopcount.ca; s=google; h=from:message-id:mime-version:subject:date:in-reply-to:cc:to :references; bh=IFyguUrma+lozQSiRZTxNM4vn3J8jeoAo06EjrhzHbE=; b=GBgLsvbHzHKRoudRcJktJmcetwNvf4Do4P7mwWi9avj0SmfVQzhMSYBdfLsbY8S9g6 klwd/HQTKMTQ86V3SoSpyikkVtQYKf3HvtHqFbQgS7Jz9akNfwzBhrfNpNFcyyO5ITh1 cnB4Qn+1rD4TR31gtUB6IHNLIMxvDTMALdj+Y=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:message-id:mime-version:subject:date :in-reply-to:cc:to:references; bh=IFyguUrma+lozQSiRZTxNM4vn3J8jeoAo06EjrhzHbE=; b=dKHzY+0rSDY4crcHvO4v7nEVpepaGZqXql049mHD4UlMGCZaTxu4T4bfYJL5Q9RUCm 6gegCCuBf2tVoCgAwu51GUjb/dUCLLqFiIASQYjsFMO7/mVnspfaahNk+yZWJoYLXtIQ TqZcry04y4gNQKHiJWWaxruDgPBNlZwSOWVdfJWqUAXS9RqQKpZHjmQXBHwRcWPg7Til YYCcrHQnidka7irzz3nNI7PaQ7TKlfi6lWK2dOpHbqdcMdBugogILydwvrQL+iy2xfHM fmL6ya3HBr5Ao+kiz7FeUclXDtIDfAPVR+XNMk3qqE91FDHtMaKV08UPDQFTcGMgtM3Y TJqw==
X-Gm-Message-State: APf1xPAuruhoQZeTY1Ssie9q5ZWSgTmKSxyLj8CcwVldOf3LwwCd2O3j TCGQLlI7CLluY2nvcxOOl6dcfKCd5OU=
X-Google-Smtp-Source: AH8x226YcDsnSsZvMn843YIRK4lTdyaKP5851ov/5NquqsVbbVwKki45DvFER65/+RJmdXrvOYlTtg==
X-Received: by 10.13.220.195 with SMTP id f186mr4819914ywe.99.1519311951450; Thu, 22 Feb 2018 07:05:51 -0800 (PST)
Received: from ?IPv6:2607:f2c0:101:3:e461:b96:cad7:8f8b? ([2607:f2c0:101:3:e461:b96:cad7:8f8b]) by smtp.gmail.com with ESMTPSA id b6sm101174ywd.73.2018.02.22.07.05.49 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 22 Feb 2018 07:05:49 -0800 (PST)
From: Joe Abley <jabley@hopcount.ca>
Message-Id: <D4FE4AAE-237A-4B02-AADE-9F73D202747D@hopcount.ca>
Content-Type: multipart/signed; boundary="Apple-Mail=_67761B8B-7221-4848-8FDE-9A370F40F176"; protocol="application/pgp-signature"; micalg=pgp-sha1
Mime-Version: 1.0 (Mac OS X Mail 11.2 \(3445.5.20\))
Date: Thu, 22 Feb 2018 10:05:47 -0500
In-Reply-To: <c827ef3c-1e42-afe2-69f7-ccbbec34ecf8@nic.cz>
Cc: dnsop@ietf.org
To: =?utf-8?B?UGV0ciDFoHBhxI1law==?= <petr.spacek@nic.cz>
References: <CAHw9_iLqEerV-So7704qu7A2mbD6YQbzdF8A3FEGtUPOE+6NWw@mail.gmail.com> <DC8845C9-6329-4A02-97F9-45C991726F71@vpnc.org> <CA+nkc8D6zbVMJmntTtEub0iLSB=3Qf8khMu6VibOGrDM55oXpA@mail.gmail.com> <CAJhMdTPLdVVFCdRTzr9B3sZKGcf0D2pw6C80+V18GqX_=K-2ag@mail.gmail.com> <41098C27-BA7F-4B47-9C97-6536CD353665@verisign.com> <8632B472-F466-4E1F-827D-549167B51DA1@icann.org> <3478d544-ebef-3af3-7e8d-19804199fc0c@nic.cz> <CAJhMdTN+TBHyr-RbLUscxKLR364bhcVYi=s1DUgLJhKvNFzNiw@mail.gmail.com> <c827ef3c-1e42-afe2-69f7-ccbbec34ecf8@nic.cz>
X-Mailer: Apple Mail (2.3445.5.20)
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/LO3STHR9usx9cIFDGlSfoyk4AbU>
Subject: Re: [DNSOP] [Ext] Re: KSK-Sentinal: Once more down the naming rathole.
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 22 Feb 2018 15:05:53 -0000

On 22 Feb 2018, at 06:20, Petr Špaček <petr.spacek@nic.cz> wrote:

> On 22.2.2018 11:38, Joe Abley wrote:
> 
>> A few people now have mentioned that they like zero padding. What is
>> it about zero padding or fixed-size labels that makes implementation
>> easier than specifying no zero padding?
> 
> It is important to note that this 'special label trigger' is not seen
> anywhere else in DNS, so this is first piece of code which has to match
> DNS labels in the 'hot path'.
> 
> I think it is a good and easy optimization to minimize use of
> regexes/string matching in the hot path, and simple condidion
> if (label_len == X || label_len == Y)
> before the heavy-weight pattern matching will reduce frequency of regex
> use significantly.

You could use the simple condition (X < label_len < Y) in the same way without zero-padding and I suspect get a similar benefit.

Really, so long as the format is standardised I don't think it matters much. It's not like we're going to see a significant number of experiments of this kind; more like a small flurry of Duane/Geoff action once every five years. [*]

But I think mandatory zero-padding is ugly, and it does make me a little bit sad. :-)


Joe

[*] perhaps try not to dwell too long on the phrase "Duane/Geoff action"