IETF Logo Mail Archive

Re: [DNSOP] HTTPS and SVBC key names.

Mark Andrews <marka@isc.org> Wed, 22 July 2020 20:54 UTC

Return-Path: <marka@isc.org>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6D1E73A09A5 for <dnsop@ietfa.amsl.com>; Wed, 22 Jul 2020 13:54:51 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.897
X-Spam-Level:
X-Spam-Status: No, score=-1.897 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, MIME_QP_LONG_LINE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id y6S6bI9RRmF5 for <dnsop@ietfa.amsl.com>; Wed, 22 Jul 2020 13:54:50 -0700 (PDT)
Received: from mx.pao1.isc.org (mx.pao1.isc.org [IPv6:2001:4f8:0:2::2b]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 047F23A0999 for <dnsop@ietf.org>; Wed, 22 Jul 2020 13:54:49 -0700 (PDT)
Received: from zmx1.isc.org (zmx1.isc.org [149.20.0.20]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx.pao1.isc.org (Postfix) with ESMTPS id C05853AB00B; Wed, 22 Jul 2020 20:54:48 +0000 (UTC)
Received: from zmx1.isc.org (localhost [127.0.0.1]) by zmx1.isc.org (Postfix) with ESMTPS id AFCE3160051; Wed, 22 Jul 2020 20:54:48 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1]) by zmx1.isc.org (Postfix) with ESMTP id 9B19A160069; Wed, 22 Jul 2020 20:54:48 +0000 (UTC)
Received: from zmx1.isc.org ([127.0.0.1]) by localhost (zmx1.isc.org [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id XjPzK2OXFyXg; Wed, 22 Jul 2020 20:54:48 +0000 (UTC)
Received: from [172.30.42.89] (unknown [49.2.101.160]) by zmx1.isc.org (Postfix) with ESMTPSA id 2BB0B160051; Wed, 22 Jul 2020 20:54:48 +0000 (UTC)
Content-Type: multipart/alternative; boundary="Apple-Mail-405B89BC-739D-4F4E-B2C1-341BFB75BB29"
Content-Transfer-Encoding: 7bit
From: Mark Andrews <marka@isc.org>
Mime-Version: 1.0 (1.0)
Date: Thu, 23 Jul 2020 06:54:44 +1000
Message-Id: <FAF54C27-5B9D-43C1-8829-4E13DED0F8A6@isc.org>
References: <CAKW6Ri7v2=T_HRSAkR1KzMX8ZYHpu3OwwSH7jY6tQyz=ba_67w@mail.gmail.com>
Cc: Ben Schwartz <bemasc@google.com>, dnsop WG <dnsop@ietf.org>
In-Reply-To: <CAKW6Ri7v2=T_HRSAkR1KzMX8ZYHpu3OwwSH7jY6tQyz=ba_67w@mail.gmail.com>
To: Dick Franks <rwfranks@gmail.com>
X-Mailer: iPhone Mail (17F80)
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/ZJ-o9_FGdEyTRZ-rfUttbF3xjFw>
Subject: Re: [DNSOP] HTTPS and SVBC key names.
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 22 Jul 2020 20:54:53 -0000

On a EBCDIC system you  need to run the record through ASCII / EBCDIC conversion for display purposes after converting from wire to ASCII. Those values that are not transformable use \DDD for, curly braces if I’m remembering  properly. Remember the presentation format is defined in terms of ASCII for its conversion to wire in DNS.

Presenting everything as \DDD is doing a disservice to your EBCDIC users.
-- 
Mark Andrews

> On 23 Jul 2020, at 03:27, Dick Franks <rwfranks@gmail.com> wrote:
> 
> 
> 
>> On Tue, 21 Jul 2020 at 00:25, Mark Andrews <marka@isc.org> wrote:
>> 
>>  
>> > IMHO, tarted up RFC3597 format is easier to read. 
>> 
>> Well the presentation form clearly is designed for printable ASCII to be rendered as ASCII.
> 
> Except for the inconvenient fact that Net::DNS also works on OS390 which speaks EBCDIC. 
> 
> 
>> > Example:
>> > 
>> >     use Net::DNS;
>> > 
>> >     my $rr = new Net::DNS::RR <<'END';
>> >     example.net.        300     IN      HTTPS   1 target.example.net.
>> >         mandatory=key0,key1,alpn,no-default-alpn,key99  ; with duplications and other sins
>> >         alpn=h3-29,h3-28,h3-27,h2
>> >         ...
>  
>> Which is a interesting conversion of "mandatory=key0,key1,alpn,no-default-alpn,key99”. I would expect the parser to reject the record as mandatory contains “key0” in the list.  I would also expect the parser to reject the record as there is no “key99” in the record.  I would never expect the parser to strip out keys listed in mandatory just because they are not present in the rest of the record.
> 
> Good idea.
> I was only raising these exceptions on received packets, but the same tests are reasonable for freshly created RR.
> 
> --Dick

v2.23.0 | Report a Bug | By Email