IETF Logo Mail Archive

Re: [DNSOP] Clarifying referrals (#35)

"Wessels, Duane" <dwessels@verisign.com> Tue, 16 January 2018 22:09 UTC

Return-Path: <dwessels@verisign.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 027BB12EB54 for <dnsop@ietfa.amsl.com>; Tue, 16 Jan 2018 14:09:16 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.711
X-Spam-Level:
X-Spam-Status: No, score=-2.711 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=verisign.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KOESg1yoaOYO for <dnsop@ietfa.amsl.com>; Tue, 16 Jan 2018 14:09:15 -0800 (PST)
Received: from mail2.verisign.com (mail2.verisign.com [72.13.63.31]) (using TLSv1.2 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BC48A12EB42 for <dnsop@ietf.org>; Tue, 16 Jan 2018 14:09:14 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=verisign.com; l=491; q=dns/txt; s=VRSN; t=1516140554; h=from:to:cc:date:message-id:references:in-reply-to: content-id:content-transfer-encoding:mime-version:subject; bh=MZhVTwdeGoRO0gOIFWXV6h/OUy19uV5UpFH0bEMvXZg=; b=QFvV54i3RyNq+6OC54Uf6eM92kv8NUsVsC6hNsRtGHncRK0hcE7aTpFD GFCA0DHPy74gT7g9AfsUC3zBL6ZVL0nXVVjIPGdrfm7BVcahc5jRYmEPr uumTrTXLmTppsWARYWKHq2iy1V1W1/jdYGMpSTQt4EKkRYSbs/WnkhhJB DTjuE5ZGoY/YzRrucCU1N+536QujDKxFyk69d0UdGx/BlhoWqi/6KSQgP /iV8zRV0W39nvJJRNA4gqEM1JtefnKN+w3o4roWqKYmqyRCa/QOzJt+8k +8kJ0IHggme7w7mbFe6KGZISsM+duoLDymA6WqB0vQolp28s3eCaLv3EB w==;
X-IronPort-AV: E=Sophos;i="5.46,369,1511827200"; d="scan'208";a="3440779"
IronPort-PHdr: 9a23:+/VcOBDMkPLIa4WRXWZLUyQJP3N1i/DPJgcQr6AfoPdwSPT/oMbcNUDSrc9gkEXOFd2Cra4c0qyO6+jJYi8p2d65qncMcZhBBVcuqP49uEgeOvODElDxN/XwbiY3T4xoXV5h+GynYwAOQJ6tL1LdrWev4jEMBx7xKRR6JvjvGo7Vks+7y/2+94fcbglUmTaxe69+IAmrpgjNq8cahpdvJLwswRXTuHtIfOpWxWJsJV2Nmhv3+9m98p1+/SlOovwt78FPX7n0cKQ+VrxYES8pM3sp683xtBnMVhWA630BWWgLiBVIAgzF7BbnXpfttybxq+Rw1DWGMcDwULs5Xymp4aV2Rx/ykCoJNyA3/nzLisJ+j6xbrhCupx1jzIDbb46YL+Z+frrYfd8GWWZNQthdWipcCY28dYsPCO8BMP5Wo4b9uVQOtgC+CheoBOP00jNDm3H43bAg3OQnDw7K0hErEtUTv3Xastr1L7wSXv6xzKnT1jjDce1Z2S386IjTcxAhrveMUahsfsrWzEkiDgXIhUiTp4z9Jz6Zy/gBv3KG4+diW++jkXMrpgF/rzS12MshhYbEipoIxlzY7yl13YQ4KNOiREJmYdOoDoFcui6cOoBrWM0tWXtotzw/yrAevJ67ezUFx4o/yh7EbvyHb5CI4hX+VOaNOTt4hGxqeLa4hxuq6keg0Ov8WtSw0FdFqypKiNjMtnQK1xzO9siLVuZx8l2/2TmRzQDT6/pEIUE7lardMZIu3rkwlp8LvUTCGC/5hln2gbeLekk44OSk9ubqb7v8qpOBN4J5hBvyProhl8GwGeg4NxIBX2mf+eSyzr3j+kj5Ta1Xgfw4jKbZq4vaKtofpq6iGAJVzJgs6wy+Dze90dQYkn8HIEhZdxKAiojlI0vOL+zgDfejn1Ssly9myO3APr36BZXNNmPOkLb/crZh5U5Q0g0zzcpQ55hMELEOPOrzWlPttNzfFhI2KQ60w/38Bdpn0IMeR2OPAquXMazItV+I/P8vI/KRa4ALvjbxMeQq5/nrjSxxpVhIVK+lx5YIIEulGvBnPUyfKS7lgMwpGGEUvw4hRejwlUaOXDgVbHG3CfES/DY+XciZAJzYS4S2xPStwS69E9ceMmxZB0uXHHPzX5uJQfYXaS2UZMRml2pXBvCaV4Y92ET250fBwL19I7+M9w==
X-IPAS-Result: A2F3AQAnd15a//SZrQpbGQEBAQEBAQEBAQEBAQcBAQEBAYVCB55sJxGZMQqFOwKFHxQBAQEBAQEBAQEBAoEQgjgigkoBAQEBAgE6PwULAgEIDQEKHhAyJQIEDgWKK6gciVEBAQEBAQEEAQEBAQEBAQEBAQEdiCmCEQyCeYMvBIFvg0iCNAWjXgYCl0mSEJZ4AgQLAhkBgTw2gXNvFWcBgX+EV3iLS4EXAQEB
Received: from brn1wnexcas02.vcorp.ad.vrsn.com (brn1wnexcas02 [10.173.152.206]) by brn1lxmailout01.verisign.com (8.13.8/8.13.8) with ESMTP id w0GM9Dwg013508 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=FAIL); Tue, 16 Jan 2018 17:09:13 -0500
Received: from BRN1WNEXMBX01.vcorp.ad.vrsn.com ([::1]) by brn1wnexcas02.vcorp.ad.vrsn.com ([::1]) with mapi id 14.03.0301.000; Tue, 16 Jan 2018 17:09:15 -0500
From: "Wessels, Duane" <dwessels@verisign.com>
To: Andrew Sullivan <ajs@anvilwalrusden.com>
CC: "dnsop@ietf.org" <dnsop@ietf.org>
Thread-Topic: [EXTERNAL] [DNSOP] Clarifying referrals (#35)
Thread-Index: AQHTjxas4IxmDd6Z8EqQgM81MovgRw==
Date: Tue, 16 Jan 2018 22:09:28 +0000
Message-ID: <FF475DE0-D56E-4D66-9447-2F3C1C2C672B@verisign.com>
References: <20171112075445.tf2ut5dxzhhnqe7l@mx4.yitter.info> <20180115213920.ukw3wxxdarapzfop@mx4.yitter.info>
In-Reply-To: <20180115213920.ukw3wxxdarapzfop@mx4.yitter.info>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.173.152.4]
Content-Type: text/plain; charset="us-ascii"
Content-ID: <8B3C85271F91B74BAF80726A9D8F8068@verisign.com>
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/WJwcOvdCH3cWwqty1ti6nWoyTP8>
Subject: Re: [DNSOP] Clarifying referrals (#35)
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 16 Jan 2018 22:09:16 -0000

> On Jan 15, 2018, at 4:39 PM, Andrew Sullivan <ajs@anvilwalrusden.com> wrote:
> 
> Some people regard upward referrals as a sign
>      of a misconfiguration or error.

Perhaps worth also noting that some people consider upward referrals harmful because they enable amplification attacks?

Of course there are more effective amplification-type responses, but nonetheless the size of the referral is larger than the size of the query and the size of a REFUSED.

DW

v2.23.0 | Report a Bug | By Email