Re: [DNSOP] my lone hum against draft-wkumari-dnsop-multiple-responses

"Peter van Dijk" <peter.van.dijk@powerdns.com> Wed, 20 July 2016 12:39 UTC

Return-Path: <peter.van.dijk@powerdns.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F2E0112D0F0 for <dnsop@ietfa.amsl.com>; Wed, 20 Jul 2016 05:39:10 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xHN6a_LAeoIE for <dnsop@ietfa.amsl.com>; Wed, 20 Jul 2016 05:39:09 -0700 (PDT)
Received: from shannon.7bits.nl (shannon.7bits.nl [IPv6:2a01:1b0:202:40::1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7EC6B12D53B for <dnsop@ietf.org>; Wed, 20 Jul 2016 05:39:08 -0700 (PDT)
Received: from [192.168.137.1] (dhcp-b3c3.meeting.ietf.org [31.133.179.195]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) (Authenticated sender: peter) by shannon.7bits.nl (Postfix) with ESMTPSA id 623B61BB26; Wed, 20 Jul 2016 14:39:05 +0200 (CEST)
From: Peter van Dijk <peter.van.dijk@powerdns.com>
To: IETF dnsop WG <dnsop@ietf.org>
Date: Wed, 20 Jul 2016 14:39:04 +0200
Message-ID: <D65E8617-107E-4B13-986F-24088D0C57C2@powerdns.com>
In-Reply-To: <36A593C1-1F01-4FE1-BC9A-3279F6460358@rfc1035.com>
References: <b00ec4.3833.15606420d47.Coremail.yzw_iplab@163.com> <236F5488-42D4-4A89-ACAB-B55FD2B5782A@fl1ger.de> <20160720051949.8FC154EF155E@rock.dv.isc.org> <36A593C1-1F01-4FE1-BC9A-3279F6460358@rfc1035.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Transfer-Encoding: 8bit
X-Mailer: MailMate (1.9.4r5234)
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/MausUMI2RiQm2NLR25tS-NK_8Dg>
Subject: Re: [DNSOP] my lone hum against draft-wkumari-dnsop-multiple-responses
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 20 Jul 2016 12:39:11 -0000

Jim,

On 20 Jul 2016, at 9:18, Jim Reid wrote:

> It's a bit of a stretch to call that a suggestion and a far bigger one 
> to claim cookies and/or TCP as a necessary precondition. There's no 
> language like "clients and servers SHOULD (MUST?) use DNS 
> cookies/TCP/DNSoverTLS for EXTRA queries and responses". Well, not yet 
> anyway. Maybe in the next release.
>
> And if DNS over TLS is the answer, the overheads of that handshake 
> would more than cancel out the benefit of optimising away an extra 
> query/response RTT.
>
> FWIW, I think it's a Bad Idea and the start of a very slippery slope 
> to make queries or responses to QTYPEs dependent on the underlying 
> transport protocol (modulo AXFR of course). Are layering violations 
> acceptable nowadays?

+lots, I see mentions of TCP and/or cookies popping up in more and more 
drafts and it has to stop. Packet size concerns exist for every usage of 
DNS, and new features should not pretend they are so special that they 
deserve special treatment in this regard. Such decisions are operational 
and they don’t belong in every draft that makes packets slightly 
bigger.

Of course, when it’s obvious we need TCP-like semantics, like in the 
session draft for dnssd push, that’s fine.

Kind regards,
-- 
Peter van Dijk
PowerDNS.COM BV - https://www.powerdns.com/