Re: [DNSOP] I-D Action: draft-ietf-dnsop-serve-stale-06.txt

Warren Kumari <warren@kumari.net> Thu, 08 August 2019 22:20 UTC

Return-Path: <warren@kumari.net>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C8D14120059 for <dnsop@ietfa.amsl.com>; Thu, 8 Aug 2019 15:20:01 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=kumari-net.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id x6GV69tu_s2G for <dnsop@ietfa.amsl.com>; Thu, 8 Aug 2019 15:19:59 -0700 (PDT)
Received: from mail-qt1-x82b.google.com (mail-qt1-x82b.google.com [IPv6:2607:f8b0:4864:20::82b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9D6D312002F for <dnsop@ietf.org>; Thu, 8 Aug 2019 15:19:59 -0700 (PDT)
Received: by mail-qt1-x82b.google.com with SMTP id t12so5342714qtp.9 for <dnsop@ietf.org>; Thu, 08 Aug 2019 15:19:59 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=kumari-net.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to; bh=qAhjHrDw/7xvGArliPFcC0aUIAs3AoDpM6/7qpiCTcM=; b=Ys9xnrBo6r7Ksx7AGJkvUXXzVwVd/9IJDsWexVFs0yAuyV7NKOFLIcjpHWCRMCLXmX JtxhUBOZrjp6EURUU5I3u2+Y+9hjAzLOkNpe0jFIkVGheU51R+T3u5jPd+MDtRXCnzix kJL55hQrqkP1f4W1Wlq7qCA7IdST34xFm61JU1RbabxKna4nv20trvVrgcb15Q8qNZZR ayY274kNk96pcrTFqc0pib78nxFATNeLUpm+dXrYw7pZ/nPN4myHzBUl7IeaJAA7tUiB MpTgMStoW0E+D5SQSJZbxhyDjfKeiEVUaOVWNxKWVAUryd1S06gkkRYVnGtRweV0djPr fXVA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to; bh=qAhjHrDw/7xvGArliPFcC0aUIAs3AoDpM6/7qpiCTcM=; b=jRfOxo3J1bN2xfstNEUesZ1yr7+fAZw1V0RriaWcz3ciZwQbRKml+dH27JZV20TScy 3VsJAVa8LPyys7mrDO7Fn+Ehj05RrlzNxWOdjq+SKS7sEVSICQvvpv2vMI6qdFw4rGER ni3xSAR/9JBrCq5lGjpEBebd5UkoBosQ3pfTPI+NgspOk9nEZ6TQ5NVJDlMe09EbbBGN ruL+IS2IXYkOUvEVC+rGZzGSBTbDe5mFGnd7f60zpzhTTXtIlwOcZLwYzCmgy+h5k6kO L8X20yOQKV/166xT5MMHNv9+YSGITAM5W2ugedBkcw573oclXfjo3QxyJMT+c/7tUj9q M/Vw==
X-Gm-Message-State: APjAAAU/gWPIt8UdIAQn+LPd6DnATZDs77kwDygNxKxIDcAODvFL33OG U+dsPBZkqhRAU9rkAyRHr201PwaWurdO9R5GOfyWYwajxfw5Tg==
X-Google-Smtp-Source: APXvYqzJzYuAb8ivM0tzdK42H7C3G2rsAfPNYVvzyuKRYY1g0I/SBqFIbOaNxpLNCluDskWXHu5YHxA9J24D2fueiF8=
X-Received: by 2002:ac8:5294:: with SMTP id s20mr15060396qtn.279.1565302797831; Thu, 08 Aug 2019 15:19:57 -0700 (PDT)
MIME-Version: 1.0
References: <156530199835.7554.7065036912494377831@ietfa.amsl.com>
In-Reply-To: <156530199835.7554.7065036912494377831@ietfa.amsl.com>
From: Warren Kumari <warren@kumari.net>
Date: Thu, 08 Aug 2019 18:19:20 -0400
Message-ID: <CAHw9_iKnuCvWN=bxGpPWeX0hN-Yf2DWWvK=L3Uh_L5Xauv-s-A@mail.gmail.com>
To: dnsop <dnsop@ietf.org>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/Nd6d-kwFoUcep0o5gnx7BuefSzY>
Subject: Re: [DNSOP] I-D Action: draft-ietf-dnsop-serve-stale-06.txt
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 08 Aug 2019 22:20:02 -0000

This version addresses comments received during WGLC.  The authors
have been trying to be diligent about addressing comments as they come
in (both on-list, and some in in-person conversations), and so there
weren't very many outstanding issues.
There are also implementations, and so experience showing that the
concept / solution works.
W

On Thu, Aug 8, 2019 at 6:07 PM <internet-drafts@ietf.org> wrote:
>
>
> A New Internet-Draft is available from the on-line Internet-Drafts directories.
> This draft is a work item of the Domain Name System Operations WG of the IETF.
>
>         Title           : Serving Stale Data to Improve DNS Resiliency
>         Authors         : David C Lawrence
>                           Warren "Ace" Kumari
>                           Puneet Sood
>         Filename        : draft-ietf-dnsop-serve-stale-06.txt
>         Pages           : 12
>         Date            : 2019-08-08
>
> Abstract:
>    This draft defines a method (serve-stale) for recursive resolvers to
>    use stale DNS data to avoid outages when authoritative nameservers
>    cannot be reached to refresh expired data.  It updates the definition
>    of TTL from [RFC1034], [RFC1035], and [RFC2181] to make it clear that
>    data can be kept in the cache beyond the TTL expiry and used for
>    responses when a refreshed answer is not readily available.  One of
>    the motivations for serve-stale is to make the DNS more resilient to
>    DoS attacks, and thereby make them less attractive as an attack
>    vector.
>
>
> The IETF datatracker status page for this draft is:
> https://datatracker.ietf.org/doc/draft-ietf-dnsop-serve-stale/
>
> There are also htmlized versions available at:
> https://tools.ietf.org/html/draft-ietf-dnsop-serve-stale-06
> https://datatracker.ietf.org/doc/html/draft-ietf-dnsop-serve-stale-06
>
> A diff from the previous version is available at:
> https://www.ietf.org/rfcdiff?url2=draft-ietf-dnsop-serve-stale-06
>
>
> Please note that it may take a couple of minutes from the time of submission
> until the htmlized version and diff are available at tools.ietf.org.
>
> Internet-Drafts are also available by anonymous FTP at:
> ftp://ftp.ietf.org/internet-drafts/
>
> _______________________________________________
> DNSOP mailing list
> DNSOP@ietf.org
> https://www.ietf.org/mailman/listinfo/dnsop



-- 
I don't think the execution is relevant when it was obviously a bad
idea in the first place.
This is like putting rabid weasels in your pants, and later expressing
regret at having chosen those particular rabid weasels and that pair
of pants.
   ---maf