Re: [DNSOP] New Version Notification for draft-sury-deprecate-obsolete-resource-records-00.txt

Ondřej Surý <ondrej@isc.org> Mon, 26 March 2018 15:18 UTC

Return-Path: <ondrej@isc.org>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BB523127775 for <dnsop@ietfa.amsl.com>; Mon, 26 Mar 2018 08:18:36 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.911
X-Spam-Level:
X-Spam-Status: No, score=-6.911 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id koYFgxZUArku for <dnsop@ietfa.amsl.com>; Mon, 26 Mar 2018 08:18:34 -0700 (PDT)
Received: from mx.pao1.isc.org (mx.pao1.isc.org [IPv6:2001:4f8:0:2::2b]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id F0D0312778E for <dnsop@ietf.org>; Mon, 26 Mar 2018 08:18:33 -0700 (PDT)
Received: from zmx1.isc.org (zmx1.isc.org [149.20.0.20]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx.pao1.isc.org (Postfix) with ESMTPS id A51D03AB002; Mon, 26 Mar 2018 15:18:33 +0000 (UTC)
Received: from zmx1.isc.org (localhost [127.0.0.1]) by zmx1.isc.org (Postfix) with ESMTPS id 92DEC160043; Mon, 26 Mar 2018 15:18:33 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1]) by zmx1.isc.org (Postfix) with ESMTP id 7CF26160066; Mon, 26 Mar 2018 15:18:33 +0000 (UTC)
Received: from zmx1.isc.org ([127.0.0.1]) by localhost (zmx1.isc.org [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id v_iE-Z63LjJY; Mon, 26 Mar 2018 15:18:33 +0000 (UTC)
Received: from [10.10.0.193] (40.20.broadband5.iol.cz [88.100.20.40]) by zmx1.isc.org (Postfix) with ESMTPSA id 9D656160043; Mon, 26 Mar 2018 15:18:32 +0000 (UTC)
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 11.2 \(3445.5.20\))
From: Ondřej Surý <ondrej@isc.org>
In-Reply-To: <20180326145729.GA35023@isc.org>
Date: Mon, 26 Mar 2018 17:18:29 +0200
Cc: Michael Casadevall <michael@casadevall.pro>, dnsop@ietf.org
Content-Transfer-Encoding: quoted-printable
Message-Id: <69408615-65AE-41AE-A044-588AAC002328@isc.org>
References: <7CF21F70-9419-4D6A-B555-FC229F90E8A9@isc.org> <5AB546CB.3030408@redbarn.org> <CCAE4014-67F8-4E73-A893-AA06B83E880B@isc.org> <20180324124958.GA29255@puck.nether.net> <CAJhMdTPRn=mUQ6xh_HFdFLBk109b_M2+saS86KFxsttb8_oVvw@mail.gmail.com> <20180325080558.GA18671@isc.org> <066C83F5-5E1C-4DF8-8D45-A7E9F3A44673@vpnc.org> <DCE31CFA-534E-451F-B743-E022F62C7516@isc.org> <20180326124544.GA32080@isc.org> <552cfda4-572b-7c88-b5b8-0cda5c49e2fd@casadevall.pro> <20180326145729.GA35023@isc.org>
To: Evan Hunt <each@isc.org>
X-Mailer: Apple Mail (2.3445.5.20)
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/cJTBcmE4AylImrfaoU8G9p-ybcc>
Subject: Re: [DNSOP] New Version Notification for draft-sury-deprecate-obsolete-resource-records-00.txt
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 26 Mar 2018 15:18:37 -0000

Thanks to you both.

I updated the draft with Evan’s text and merged some of Michael’s text to:

https://github.com/oerdnj/draft-sury-dnsop-deprecate-obsolete-resource-records

Cheers,
--
Ondřej Surý
ondrej@isc.org

> On 26 Mar 2018, at 16:57, Evan Hunt <each@isc.org> wrote:
> 
> On Mon, Mar 26, 2018 at 10:22:30AM -0400, Michael Casadevall wrote:
>> I think to be more specifically, the end goal should be the ability to
>> treat obsolete record types as RFC 3597 and remove special casing for
>> them. That way, new resolvers simply have to implement 3597 and not
>> worry about associated edge cases with the obsolete types.
> 
> Thank you, that's what I was trying to say, you said it better.
> 
>>> 2. responders SHOULD NOT compress rdata when rendering obsolete/deprecated
>>>   type records to wire format.
>>> 
>> 
>> The problem here is that right up until the point the camel declares
>> these RRtypes dead, the specification specifically allows them to be
>> compressed.
> 
> But it's always allowed them not to be compressed, too. The trouble
> PowerDNS had was because it wasn't expecting compression, but I would
> expect the opposite problem (failing because something *didn't* compress)
> to be rarer.
> 
>> 1. Authoritative servers SHOULD warn when loading zones with obsolete
>> record types
>> 
>> 2. Resolvers MUST never send obsolete RRtypes in a compressed format.
> 
> Problem here: If the resolver is treating the record as opaque, then it
> can only send it along in whatever format it was received in, so this
> requirement doesn't work as written. But I think what you mean is that
> even if the resolver is able to parse compressed rdata, it MUST NOT
> compress when sending the answer along to its own client. This is
> re-stated in point 5, below.
> 
>> 3. Signers MUST treat rdata as opaque
>> 
>> 4. Obsolete RRtypes MUST never be treated as a known-type with respect
>> to the wire protocol
>> 
>> 5. Resolvers MAY support legacy compression for received data for
>> backward compatibility if desired, but SHOULD warn if such information
>> is received. Compressed records MUST never be re-transmitted.
> 
> You use MUSTs where I used SHOULDs, but I think we're both pointing
> in the same direction.
> 
> -- 
> Evan Hunt -- each@isc.org
> Internet Systems Consortium, Inc.
> 
> _______________________________________________
> DNSOP mailing list
> DNSOP@ietf.org
> https://www.ietf.org/mailman/listinfo/dnsop