Re: [DNSOP] I-D Action: draft-ietf-dnsop-refuse-any-04.txt

Richard Gibson <rgibson@dyn.com> Mon, 13 February 2017 17:06 UTC

Return-Path: <rgibson@dyn.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5C0101296B2 for <dnsop@ietfa.amsl.com>; Mon, 13 Feb 2017 09:06:37 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.699
X-Spam-Level:
X-Spam-Status: No, score=-2.699 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=dyn.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id d8NqKpJsmp_V for <dnsop@ietfa.amsl.com>; Mon, 13 Feb 2017 09:06:36 -0800 (PST)
Received: from mail-vk0-x247.google.com (mail-vk0-x247.google.com [IPv6:2607:f8b0:400c:c05::247]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2A0E4128B38 for <dnsop@ietf.org>; Mon, 13 Feb 2017 09:06:36 -0800 (PST)
Received: by mail-vk0-x247.google.com with SMTP id t8so70480091vke.3 for <dnsop@ietf.org>; Mon, 13 Feb 2017 09:06:36 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=dyn.com; s=google; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=wvJEGi7OsE3XWseTlrc0fMdmPP2reBU9Fs+P5P7PruY=; b=lEcTUqoIEJH/oqxm7okX6fHFNla0GKmH4INT3rnfi6zZZyN058NcjzqOhsj0yCF1TG EoMhD7sHJNWErbcELginacmtokvsumnbzBAkW5BUxHfP3Kk3Mvwbq/GBN68wW6i0zVmt teSktxF7QWg2FSIzzJGn8b2xhlWQXNYzUUR5Q=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=wvJEGi7OsE3XWseTlrc0fMdmPP2reBU9Fs+P5P7PruY=; b=IU/MIX9Ig25qj5ZrZFCYM7p64jr+j4FGSsNDsedR0CL5wpcslBGuSTd0ooYWBcQhvS qm6sSLUngrqcBwlhLSwuaxVizSSTfB6jYz8SJOop1Loc4Zs6uC5xUyG4SqfUi+sjxdGl bRYJ6VIb2wMN7PJ0UWkBbbjPtK5g6fF360x8dv/cVrxJ/l5rcSlHCoxdmbZ4Am5ErIa0 IRYK3cMJ/gRC56jUxflNmCr0oaEV3G7NYAcpziATHBvzwKGnUn98jhrT7x0kU2/HyJNX thUEOG4UQ0OTxyZfk+W/zWg36YxQj1b7bVxxKCX+iaPmeoAI7n0yu9HA4aB8wBMkHAQ5 e5tg==
X-Gm-Message-State: AMke39l6bGKOmb3W6V1qSuylIZQGpen4eMQ9iQ/nz+D3ZWhOije7/uJic0oV13EsLgl1/i6xXDxeBqf+rQuncJjv
X-Received: by 10.31.173.69 with SMTP id w66mr11758412vke.127.1487005595145; Mon, 13 Feb 2017 09:06:35 -0800 (PST)
MIME-Version: 1.0
Received: by 10.176.5.131 with HTTP; Mon, 13 Feb 2017 09:06:14 -0800 (PST)
In-Reply-To: <alpine.DEB.2.11.1702131642360.23062@grey.csi.cam.ac.uk>
References: <148661979638.4286.4234665114055399732.idtracker@ietfa.amsl.com> <CAC94RYZM+KMS2c3CVx=8Q005XYGQqNRv--23H7_aTpuY05tEMQ@mail.gmail.com> <CAN6NTqy9_jKXT4Fc9KhmcW7Fq6DTiU2HmzBoWn+YA1fALOh5zA@mail.gmail.com> <CAC94RYYhV0ye252bLNSGPmqQhdZ772AkaJ7us86X1j4nppsWDg@mail.gmail.com> <alpine.DEB.2.11.1702131258580.23062@grey.csi.cam.ac.uk> <CAC94RYbSkp2h_jOBgmrP3oZouSigPp9xPVxoKxkYft55qMyiZQ@mail.gmail.com> <alpine.DEB.2.11.1702131642360.23062@grey.csi.cam.ac.uk>
From: Richard Gibson <rgibson@dyn.com>
Date: Mon, 13 Feb 2017 12:06:14 -0500
Message-ID: <CAC94RYZSLzv=SDMxXTh2ZWZJUbG0AtMhmO62ynCpg-WO8XJcYg@mail.gmail.com>
To: Tony Finch <dot@dotat.at>
Content-Type: multipart/alternative; boundary=001a1143fcd2472aa005486c7811
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/aNQfhDifeRCfFiVvUPRIWNZo6d8>
Cc: =?UTF-8?B?w5NsYWZ1ciBHdcOwbXVuZHNzb24=?= <olafur@cloudflare.com>, dnsop <dnsop@ietf.org>
Subject: Re: [DNSOP] I-D Action: draft-ietf-dnsop-refuse-any-04.txt
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 13 Feb 2017 17:06:37 -0000

On Mon, Feb 13, 2017 at 11:46 AM, Tony Finch <dot@dotat.at> wrote:

> OK. But does an EDNS flag help? What if you are using old tools?


If you are using old tools, then you don't get new conveniences (the same
is true of using OPT class to specify a maximum payload size exceeding 512
bytes, using the DO bit to request DNSSEC records, and using the COOKIE
option for authentication). But a flag would still be there, conveying
information even if any given client or tool isn't looking for it.