Re: [DNSOP] opportunistic semi-authoritative caching (Re: DNSOP Call for Adoption - draft-tale-dnsop-serve-stale)
Evan Hunt <each@isc.org> Sat, 09 September 2017 00:32 UTC
Return-Path: <each@isc.org>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AA6E812422F for <dnsop@ietfa.amsl.com>; Fri, 8 Sep 2017 17:32:51 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.9
X-Spam-Level:
X-Spam-Status: No, score=-6.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id XBFfxxrkHN1k for <dnsop@ietfa.amsl.com>; Fri, 8 Sep 2017 17:32:50 -0700 (PDT)
Received: from mx.pao1.isc.org (mx.pao1.isc.org [IPv6:2001:4f8:0:2::2b]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9E66A1201F8 for <dnsop@ietf.org>; Fri, 8 Sep 2017 17:32:50 -0700 (PDT)
Received: from bikeshed.isc.org (bikeshed.isc.org [IPv6:2001:4f8:3:d::19]) (using TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 bits)) (No client certificate requested) by mx.pao1.isc.org (Postfix) with ESMTPS id 4E59734B990; Sat, 9 Sep 2017 00:32:48 +0000 (UTC)
Received: by bikeshed.isc.org (Postfix, from userid 10292) id 3DB1A216C1E; Sat, 9 Sep 2017 00:32:48 +0000 (UTC)
Date: Sat, 09 Sep 2017 00:32:48 +0000
From: Evan Hunt <each@isc.org>
To: Paul Vixie <paul@redbarn.org>
Cc: Joe Abley <jabley@hopcount.ca>, dnsop@ietf.org
Message-ID: <20170909003248.GD44967@isc.org>
References: <59B1F467.9010308@redbarn.org> <FAC87A99-5558-4369-ADC0-57E2B7BF0429@hopcount.ca> <8183111.Lxug4lBFgO@localhost.localdomain>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <8183111.Lxug4lBFgO@localhost.localdomain>
User-Agent: Mutt/1.5.23 (2014-03-12)
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/SgAePBuK1k3ZQfIhc6gII43_Z7U>
Subject: Re: [DNSOP] opportunistic semi-authoritative caching (Re: DNSOP Call for Adoption - draft-tale-dnsop-serve-stale)
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 09 Sep 2017 00:32:52 -0000
On Thu, Sep 07, 2017 at 10:28:30PM -0700, Paul Vixie wrote: > if they really need this, they should provide a method by which i can specify > both a TTL and an Expiry, and i will consider publishing both values, and > if i do, then they can use them the way i intend them. because as i said, > autonomy. it's my data, and my TTL. I agree, and yet, a DDoS can make your data unavailable for refresh through no fault of yours, which makes a resolver operator appear to be broken through no fault of theirs, which makes them want very much to be able to do this bad thing. So, TTL stretching goes on the pile with NXDOMAIN redirection, tools that can be used for censorship, and all the other regrettable things that we implemented anyway dammit. (I do like the idea of advertising a separate expiry value though.) -- Evan Hunt -- each@isc.org Internet Systems Consortium, Inc.
- [DNSOP] opportunistic semi-authoritative caching … Paul Vixie
- Re: [DNSOP] opportunistic semi-authoritative cach… Joe Abley
- Re: [DNSOP] opportunistic semi-authoritative cach… Paul Vixie
- Re: [DNSOP] opportunistic semi-authoritative cach… Joe Abley
- Re: [DNSOP] opportunistic semi-authoritative cach… Tony Finch
- Re: [DNSOP] opportunistic semi-authoritative cach… Paul Vixie
- Re: [DNSOP] opportunistic semi-authoritative cach… Evan Hunt
- Re: [DNSOP] opportunistic semi-authoritative cach… Paul Vixie
- Re: [DNSOP] opportunistic semi-authoritative cach… Matthew Kerwin
- Re: [DNSOP] opportunistic semi-authoritative cach… Evan Hunt
- Re: [DNSOP] opportunistic semi-authoritative cach… Paul Vixie
- Re: [DNSOP] opportunistic semi-authoritative cach… Evan Hunt
- Re: [DNSOP] opportunistic semi-authoritative cach… Paul Vixie
- Re: [DNSOP] opportunistic semi-authoritative cach… Vladimír Čunát
- Re: [DNSOP] opportunistic semi-authoritative cach… Brian Dickson