Re: [DNSOP] Comments on draft-ietf-dnsop-qname-minimisation
Rubens Kuhl <rubensk@nic.br> Sun, 04 January 2015 22:11 UTC
Return-Path: <rubensk@nic.br>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DEBD31A01CB for <dnsop@ietfa.amsl.com>; Sun, 4 Jan 2015 14:11:54 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.939
X-Spam-Level:
X-Spam-Status: No, score=0.939 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HELO_EQ_BR=0.955, HOST_EQ_BR=1.295, HTML_MESSAGE=0.001, J_CHICKENPOX_32=0.6, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id p-QdB2QZuJHf for <dnsop@ietfa.amsl.com>; Sun, 4 Jan 2015 14:11:53 -0800 (PST)
Received: from mail.nic.br (mail.nic.br [IPv6:2001:12ff:0:4::5]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BEDE71A01A5 for <dnsop@ietf.org>; Sun, 4 Jan 2015 14:11:52 -0800 (PST)
Received: from [192.168.0.11] (unknown [177.32.44.86]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mail.nic.br (Postfix) with ESMTPSA id 4E8FD2080135; Sun, 4 Jan 2015 20:11:51 -0200 (BRST)
Content-Type: multipart/alternative; boundary="Apple-Mail=_0B128EE2-1453-410E-8B19-DBF8D37889C0"
Mime-Version: 1.0 (Mac OS X Mail 8.1 \(1993\))
From: Rubens Kuhl <rubensk@nic.br>
In-Reply-To: <20150104193602.GA23109@sources.org>
Date: Sun, 04 Jan 2015 20:11:50 -0200
Message-Id: <2C89D784-79BF-4906-9ABB-1B0EACA1D408@nic.br>
References: <CAH1iCirCRpJxHWu62nCSTCmSumXfTNHi=-jt5eWXzRgspJjm9w@mail.gmail.com> <CAH1iCip7iGgM=eiaVcy3fHx+KdOJgd5Rh8zLsnDPMgoEnE-HvA@mail.gmail.com> <0BB798D6-60F4-492D-819A-EF4E0F5848B5@virtualized.org> <20150104193602.GA23109@sources.org>
To: Stephane Bortzmeyer <bortzmeyer@nic.fr>
X-Mailer: Apple Mail (2.1993)
Archived-At: http://mailarchive.ietf.org/arch/msg/dnsop/XcI-vA9Gj-vx0tAz8giBU7GmjfU
Cc: "dnsop@ietf.org WG" <dnsop@ietf.org>, David Conrad <drc@virtualized.org>
Subject: Re: [DNSOP] Comments on draft-ietf-dnsop-qname-minimisation
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 04 Jan 2015 22:11:55 -0000
> <t>As mentioned before, there are several ways to implement qname > minimisation. Two main strategies are the aggressive one and the lazy > one. In the aggressive one, the resolver only sends NS queries as long > as it does not know the zone cuts. This is the safest, from a privacy > point of view. The lazy way "piggybacks" on the traditional resolution > code. It sends traditional full qnames and learn the zone cuts from > the referrals received, then switching to NS queries. This leaks more > data but probably requires less changes in the existing resolver > codebase.</t> One easy strategy could be assuming a zone cut between the root and TLDs, which is a known one, and not sending 4LD and beyond to TLD servers. This would accommodate both 2LD and 3LD delegation TLDs, without much analysis. It would work like this: www.janet.ac.uk <http://www.janet.ac.uk/> Question to root: uk Answer from root: .uk delegated servers Question to .uk delegated servers: janet.ac.uk <http://janet.ac.uk/> Answer from .uk delegated servers: ac.uk <http://ac.uk/> Question to .ac.uk <http://ac.uk/> delegated servers: www.janet.ac.uk <http://www.janet.ac.uk/> Answer from .ac.uk <http://ac.uk/> delegated servers: janet.ac.uk <http://janet.ac.uk/> Question to janet.ac.uk <http://janet.ac.uk/> delegated servers: www.janet.ac.uk <http://www.janet.ac.uk/> Answer from janet.ac.uk <http://janet.ac.uk/> delegated servers: final end node www.ja <http://www.janet.ac.uk/>.net Question to root: net Answer from root: .net delegated servers Question to .net delegated servers: www.ja.net <http://www.ja.net/> Answer from .net delegated servers: ja.net <http://ja.net/> Question to .ja. <http://ac.uk/>net delegated servers: www.ja <http://www.janet.ac.uk/>.net Answer from ja.net <http://janet.ac.uk/> delegated servers: final end node My guess is this would even accommodate cases such as dotless domains (like dk) and in-addr.arpa. Rubens
- [DNSOP] Fwd: Comments on draft-ietf-dnsop-qname-m… Brian Dickson
- Re: [DNSOP] Comments on draft-ietf-dnsop-qname-mi… David Conrad
- Re: [DNSOP] Comments on draft-ietf-dnsop-qname-mi… Stephane Bortzmeyer
- Re: [DNSOP] Comments on draft-ietf-dnsop-qname-mi… David Conrad
- Re: [DNSOP] Comments on draft-ietf-dnsop-qname-mi… Rubens Kuhl
- [DNSOP] "Optimization" in draft-ietf-dnsop-qname-… Paul Hoffman
- Re: [DNSOP] "Optimization" in draft-ietf-dnsop-qn… Bob Harold
- Re: [DNSOP] "Optimization" in draft-ietf-dnsop-qn… Tony Finch
- Re: [DNSOP] "Optimization" in draft-ietf-dnsop-qn… Rubens Kuhl
- Re: [DNSOP] Comments on draft-ietf-dnsop-qname-mi… Paul Vixie
- Re: [DNSOP] "Optimization" in draft-ietf-dnsop-qn… Jelte Jansen
- Re: [DNSOP] "Optimization" in draft-ietf-dnsop-qn… Tony Finch
- Re: [DNSOP] "Optimization" in draft-ietf-dnsop-qn… Paul Vixie
- Re: [DNSOP] Fwd: Comments on draft-ietf-dnsop-qna… Shumon Huque
- Re: [DNSOP] "Optimization" in draft-ietf-dnsop-qn… Warren Kumari
- Re: [DNSOP] Fwd: Comments on draft-ietf-dnsop-qna… Warren Kumari
- Re: [DNSOP] Fwd: Comments on draft-ietf-dnsop-qna… Shumon Huque
- Re: [DNSOP] "Optimization" in draft-ietf-dnsop-qn… Olafur Gudmundsson
- Re: [DNSOP] "Optimization" in draft-ietf-dnsop-qn… Rubens Kuhl
- Re: [DNSOP] Comments on draft-ietf-dnsop-qname-mi… Niall O'Reilly
- Re: [DNSOP] Comments on draft-ietf-dnsop-qname-mi… Mark Andrews
- Re: [DNSOP] Comments on draft-ietf-dnsop-qname-mi… Niall O'Reilly
- Re: [DNSOP] Comments on draft-ietf-dnsop-qname-mi… Paul Vixie
- [DNSOP] Hostname (was: Comments on draft-ietf-dns… Niall O'Reilly
- Re: [DNSOP] "Optimization" in draft-ietf-dnsop-qn… Stephane Bortzmeyer
- Re: [DNSOP] "Optimization" in draft-ietf-dnsop-qn… Stephane Bortzmeyer
- Re: [DNSOP] Fwd: Comments on draft-ietf-dnsop-qna… Stephane Bortzmeyer
- Re: [DNSOP] Comments on draft-ietf-dnsop-qname-mi… Mark Andrews
- Re: [DNSOP] Comments on draft-ietf-dnsop-qname-mi… Niall O'Reilly