Re: [DNSOP] [Ext] I-D Action: draft-ietf-dnsop-svcb-https-05.txt

Mark Andrews <marka@isc.org> Thu, 13 May 2021 01:16 UTC

Return-Path: <marka@isc.org>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 27AA63A1EC2 for <dnsop@ietfa.amsl.com>; Wed, 12 May 2021 18:16:10 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.099
X-Spam-Level:
X-Spam-Status: No, score=-2.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=isc.org header.b=pPcPHIsf; dkim=pass (1024-bit key) header.d=isc.org header.b=OgKABYZ0
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jH9efZNjh8ub for <dnsop@ietfa.amsl.com>; Wed, 12 May 2021 18:16:04 -0700 (PDT)
Received: from mx.pao1.isc.org (mx.pao1.isc.org [IPv6:2001:4f8:0:2::2b]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 431BE3A1EC1 for <dnsop@ietf.org>; Wed, 12 May 2021 18:16:04 -0700 (PDT)
Received: from zmx1.isc.org (zmx1.isc.org [149.20.0.20]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx.pao1.isc.org (Postfix) with ESMTPS id 66FF23AB000; Thu, 13 May 2021 01:16:02 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=isc.org; s=ostpay; t=1620868562; bh=jBzAtUIy6d4sQB1k37dXfUoHSUMgdY3ApUkwa3gFbag=; h=Subject:From:In-Reply-To:Date:Cc:References:To; b=pPcPHIsf7rG+cBD0MaxEi4v51QUlZSIO2c0SOJl1gLC6Ph57HXk/puvHYSNOGbIYO QEQWC+zrkXMzeDVoDHYvDxyMtEVWQXmF+oUdxwUkpwAfc7xItk5KY+u4epwcwzNKtE jEPORVPBkgt8GtQDD7+R1ukd0xqnvTfLBsNnY8jY=
Received: from zmx1.isc.org (localhost.localdomain [127.0.0.1]) by zmx1.isc.org (Postfix) with ESMTPS id 4D3E516005D; Thu, 13 May 2021 01:16:02 +0000 (UTC)
Received: from localhost (localhost.localdomain [127.0.0.1]) by zmx1.isc.org (Postfix) with ESMTP id 2A3CB160067; Thu, 13 May 2021 01:16:02 +0000 (UTC)
DKIM-Filter: OpenDKIM Filter v2.9.2 zmx1.isc.org 2A3CB160067
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=isc.org; s=05DFB016-56A2-11EB-AEC0-15368D323330; t=1620868562; bh=3FaCampko5tdeNrgTrqjpB6zNGUKKMgtjXpMVen3AMU=; h=Content-Type:Mime-Version:Subject:From:Date: Content-Transfer-Encoding:Message-Id:To; b=OgKABYZ0Olu0QLqxNFgZKcu8UD70IT99zjbGGNGHUsz0Y/SGcMExtaP1uX1p59GaK peF8+kekJn+jL9G6Rs27nqx5yqswyra1V02/h3pWpx0E7lUifrtdCj+8mskVWsxJ0n ROndGSzJCoQqkrzCV05ra0sTS0ImeXADqz2HPlAo=
Received: from zmx1.isc.org ([127.0.0.1]) by localhost (zmx1.isc.org [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id RGp9cqQM1HIv; Thu, 13 May 2021 01:16:02 +0000 (UTC)
Received: from [172.30.42.99] (n49-177-132-25.bla3.nsw.optusnet.com.au [49.177.132.25]) by zmx1.isc.org (Postfix) with ESMTPSA id 54B9116005D; Thu, 13 May 2021 01:16:01 +0000 (UTC)
Content-Type: text/plain; charset=us-ascii
Mime-Version: 1.0 (Mac OS X Mail 11.5 \(3445.9.7\))
From: Mark Andrews <marka@isc.org>
In-Reply-To: <EAADEDCE-4A30-4ADA-A06C-6B7D63F7075A@hopcount.ca>
Date: Thu, 13 May 2021 11:15:58 +1000
Cc: John Levine <johnl@taugh.com>, dnsop@ietf.org
Content-Transfer-Encoding: quoted-printable
Message-Id: <90EAF7FC-DC44-4932-8C99-F1EBA72B8228@isc.org>
References: <20210512213903.D5F1F7AA827@ary.qy> <EAADEDCE-4A30-4ADA-A06C-6B7D63F7075A@hopcount.ca>
To: Joe Abley <jabley@hopcount.ca>
X-Mailer: Apple Mail (2.3445.9.7)
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/b3-ypVi_n7fXYIale2G--boG2to>
Subject: Re: [DNSOP] [Ext] I-D Action: draft-ietf-dnsop-svcb-https-05.txt
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 13 May 2021 01:16:10 -0000


> On 13 May 2021, at 07:46, Joe Abley <jabley@hopcount.ca> wrote:
> 
> On 12 May 2021, at 17:39, John Levine <johnl@taugh.com> wrote:
> 
>> It appears that Joe Abley  <jabley@hopcount.ca> said:
>> 
>>> Do you know of an example of a DNS authoritative or recursive server that does return truncated RRSets in the ANSWER section?
>> 
>> A lot return truncated glue in the ADDITIONAL section.  Are we sure that wouldn't be an issue with SVCB?
>> I honestly don't know.
> 
> I agree that truncation in the ADDITIONAL section is expected. Since the SVCB is expected to be used in RRSets with more than one member RR (different SVCB RRs with the same owner name and class are explicitly contemplated by the draft) it already has to accommodate that (which I think is probably a noop, since it doesn't seem to me that SVCB has different requirements in that regard to any other RRType).
> 
> I think Brian's point was that you can rely upon RRSets being intact in the ANSWER section.

If TC=0, RRsets should always be complete even in the Additional section.
If TC=1, then you may see incomplete RRsets and only in the last section
with records excluding the presence any OPT/SIG/TSIG in the additional
section.

If you see a implementation doing differently then it is broken.

Note IXFR and AXFR may spread a RRset over multiple DNS messages.

> Joe
> _______________________________________________
> DNSOP mailing list
> DNSOP@ietf.org
> https://www.ietf.org/mailman/listinfo/dnsop

-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742              INTERNET: marka@isc.org