IETF Logo Mail Archive

Re: [DNSOP] New draft for consideration:

"Livingood, Jason" <Jason_Livingood@comcast.com> Mon, 25 March 2019 12:02 UTC

Return-Path: <Jason_Livingood@comcast.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D33051203EF for <dnsop@ietfa.amsl.com>; Mon, 25 Mar 2019 05:02:53 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.002
X-Spam-Level:
X-Spam-Status: No, score=-2.002 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (4096-bit key) header.d=comcast.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id W0TjBLsmxJNP for <dnsop@ietfa.amsl.com>; Mon, 25 Mar 2019 05:02:52 -0700 (PDT)
Received: from copdcmhout02.cable.comcast.com (copdcmhout02.cable.comcast.com [96.114.158.212]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 641A81203E4 for <dnsop@ietf.org>; Mon, 25 Mar 2019 05:02:52 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; d=comcast.com; s=20190220p; c=relaxed/simple; q=dns/txt; i=@comcast.com; t=1553515371; x=2417428971; h=From:Sender:Reply-To:Subject:Date:Message-ID:To:Cc:MIME-Version:Content-Type: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=SGfxpwp/r9d8GSNMYB3OacpQcuWoKLlHnnBZugRbyQM=; b=dFQE8WjTx22/jReyDMEQ/CcLBCBfeP3NIiEj/4ChSrPC8NAW8plWNmWPnJ+hPAuJ 5jViLkD0RVolHRJQxIlqjHvjyb5pqtadPUjIYNcfO0XADaMEubhaq8liur++oRZ2 Els9qZKYh0REgI6GUOmlsIjxrXyWy60Aygc3z6/HSXrGMRPliqpDxHYS3KZm82ah 8MYaJBGbU4daWDesLqJQvQwKVeG4YtaNrjOjBNaUQY+9mPnJkF6dEv6mcHdZ4TUu w0wMbIUzjPLzhQWbHM7ENgD4ZYXGvK5Mfuo7c/TdHNqK7tgshPhfFFPl3m3kv+YG 0SnmwFB88++uxnfqMOdepoR55c1/dUGFPR2UEYae9onqdKTVJg/+zQIAn4Ba7uDa ow0L/8kHMVdGRSMxjDxK9Ue6QWu3kvBwMQSSE9osOSYtifZmprlvH8Za/5hfibqm 0nc9Z7rohTfDy2RW0x8MpMyTkt2JDwY9G3sCNInqKUp4XiDZ76rlFXlavrPRwPDO mT71oTvWU2+tkR2GJ0aenNZxAkxAFSmk04GmWwMN/HZf9bqzB2lfZz7Q9bwjoaiS b36+bwi5FTR+GDR1etD2P23ylr258MvUnCAgyb7kG5aWS9P6HeIqZsBhQKh8Enoq jsUJ3C9jGNlRH42DSBDAa+TwW6tCDiZ5+qrkLuVvV4Y=;
X-AuditID: 60729ed4-2cdff700000044dc-9e-5c98c36b7c41
Received: from COPDCEXC38.cable.comcast.com (copdcmhoutvip.cable.comcast.com [96.114.156.147]) (using TLS with cipher AES256-SHA256 (256/256 bits)) (Client did not present a certificate) by copdcmhout02.cable.comcast.com (SMTP Gateway) with SMTP id C1.6B.17628.B63C89C5; Mon, 25 Mar 2019 06:02:51 -0600 (MDT)
Received: from COPDCEXC37.cable.comcast.com (147.191.125.136) by COPDCEXC38.cable.comcast.com (147.191.125.137) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1713.5; Mon, 25 Mar 2019 08:02:51 -0400
Received: from COPDCEXC37.cable.comcast.com ([fe80::3aea:a7ff:fe36:8a94]) by COPDCEXC37.cable.comcast.com ([fe80::3aea:a7ff:fe36:8a94%15]) with mapi id 15.01.1713.004; Mon, 25 Mar 2019 08:02:51 -0400
From: "Livingood, Jason" <Jason_Livingood@comcast.com>
To: dnsop <dnsop@ietf.org>
Thread-Topic: [DNSOP] New draft for consideration:
Thread-Index: AQHU4gzOnl4/shm3jUS8pwu48IIP1aYa+7EAgAGIlAA=
Date: Mon, 25 Mar 2019 12:02:50 +0000
Message-ID: <384D6AE7-A889-4F5E-B308-10CB028BEB93@cable.comcast.com>
References: <E2267015-0A5F-4D6E-85F0-3FA93348CA79@icann.org> <20190324133740.2c897eef@smaug.local.partim.de>
In-Reply-To: <20190324133740.2c897eef@smaug.local.partim.de>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/10.17.0.190309
x-originating-ip: [96.115.73.253]
Content-Type: text/plain; charset="utf-8"
Content-ID: <582BA58F045CF54F99BF158BF33C8512@comcast.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-CFilter-Loop: Forward
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFprAKsWRmVeSWpSXmKPExsWSUDRnsm724RkxBqduGlrcfXOZxYHRY8mS n0wBjFENjDYlGUWpiSUuqWmpecWpdlwKGMAmKTUtvyjVNbEopzIoNSc1EbsykMqU1JzMstQi fazG6GM1J6GLKaPtaXhBg2DF2fkLGRsYTwh0MXJwSAiYSNx5YdDFyMkhJLCLSWLpC50uRi4g u4VJYsekqWwQzmlGiTMfexlBqtgEzCTuLrzCDGKLCEhJPJv1iAXEFhYwlNjwZxETRNxI4sGt Z6wQtpXExZ45YDUsAqoSm/83s4PYvAIuEpMutDNDbM6T+LvxM5jNKWAjsfbjRjCbUUBM4vup NWAzmQXEJW49mQ9mSwgISCzZc54ZwhaVePn4H9guUQF9iY2bjrJBxBUl9n1YwQzyJLOApsT6 XfoQY6wk+pa3QY1UlJjS/RDqHEGJkzOfsEC0ikscPrKDdQKjxCwkm2chTJqFZNIsJJNmIZm0 gJF1FSOfpZmeoaGJnqGphZ6RodEmRnA6mXdlB+Pl6R6HGAU4GJV4eJdtmREjxJpYVlyZe4hR goNZSYT3iShQiDclsbIqtSg/vqg0J7X4EKM0B4uSOG+kz6QYIYH0xJLU7NTUgtQimCwTB6dU A+M0qecPf774Xti5pW1N8flvN1V7Qxnep5U0nPnEffP3pLZ5Kge0E+9vWea2YpbIris8LTtu p9xjnHD/bKf3YsuQEzMKJZao2H3c/0zpjlTKnx/1ubkss34Ym/ZYdWzeI7/F5pbx89X9DWFb +PbvlJpfuOKRacn6/hW8Cn9Flyx/F/XWytP+X2uEEktxRqKhFnNRcSIAV2MsYyMDAAA=
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/OKt1BgtLhCPSNvzPE1mQRRPBS3o>
Subject: Re: [DNSOP] New draft for consideration:
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 25 Mar 2019 12:02:54 -0000

DoT and DoH seem fine. But maybe skip the acronym for Do53 - just call it conventional DNS or unencrypted DNS, or DNS over Port 53. Compared to RDoT/ADoT/DaT/DaO however, Do53 is the least offensive IMO. 

I don’t think you do much for clarity with RDoT and ADoT - seems mostly to be used because you want more acronyms. ;-) For RDoT this is the stub/client to recursive DoT link of the lookup chain. This is client-to-recursive (C2R DoT? Ha!), whereas ADoT is the recursive server performing recursion to a series of authoritative servers - recursion-to-authoritatives (R2A DoT? Acronym overkill achieved.) So I think those need some work.

I find DaT and DaO rather confusing. I feel like you may be trying too hard on acronyms and these will become very difficult for others to understand. Really the difference is between network-assigned DNS, user-assigned DNS, and client-assigned DNS - so 3 separate primary use cases of assignment of your resolver. I would maybe focus on the difference between the manner of assignment/configuration and not worry too much (at least for now) over some sort of acronym, since it seems at this early stage of discussions that the acronym may cause more confusion that more straightforward (but longer) terms.

I think you could also add definitions for Centralised (Recursive) Do53/DoH/DoT, as well as Distributed (Recursive) Do53/DoH/DoT. This refers to how widely distributed or centralized the group of operators of the recursives are or are not. I took a stab at that definition in my draft you could work from if you wish.

Jason

v2.23.0 | Report a Bug | By Email