[DNSOP] The DNS Camel writeup

bert hubert <bert.hubert@powerdns.com> Thu, 22 March 2018 22:50 UTC

Return-Path: <bert@hubertnet.nl>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost []) by ietfa.amsl.com (Postfix) with ESMTP id 203DB12704A for <dnsop@ietfa.amsl.com>; Thu, 22 Mar 2018 15:50:36 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.652
X-Spam-Status: No, score=-1.652 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HEADER_FROM_DIFFERENT_DOMAINS=0.249, SPF_PASS=-0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id DGmdkzVHZL5T for <dnsop@ietfa.amsl.com>; Thu, 22 Mar 2018 15:50:34 -0700 (PDT)
Received: from xs.powerdns.com (xs.powerdns.com []) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D9615126BF3 for <dnsop@ietf.org>; Thu, 22 Mar 2018 15:50:33 -0700 (PDT)
Received: from server.ds9a.nl (unknown []) by xs.powerdns.com (Postfix) with ESMTPS id BDA569FB8C for <dnsop@ietf.org>; Thu, 22 Mar 2018 22:50:24 +0000 (UTC)
Received: by server.ds9a.nl (Postfix, from userid 1000) id 7F85BAC5414; Thu, 22 Mar 2018 23:50:22 +0100 (CET)
Date: Thu, 22 Mar 2018 23:50:22 +0100
From: bert hubert <bert.hubert@powerdns.com>
To: dnsop@ietf.org
Message-ID: <20180322225022.GB21796@server.ds9a.nl>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.5.24 (2015-08-30)
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/egzT5IwAM67uUz7s0zrunnOAcEY>
Subject: [DNSOP] The DNS Camel writeup
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 22 Mar 2018 22:50:36 -0000

Hi everyone,

I did a small writeup of the "DNS Camel" presentation from this Tuesday in

It can be found here: https://blog.powerdns.com/2018/03/22/the-dns-camel-or-the-rise-in-dns-complexit/
(includes link to video, https://www.youtube.com/watch?v=8N_PO3s_Z24&feature=youtu.be&t=1h20m4s )

One of the funniest things I learned today was that we've apparently been
producing two new pages of DNS RFC *every week* steadily for the past 20
years.  Link has a graph.

>From the abstract:

"In past years, DNS has been enhanced with DNSSEC, QName Minimization, EDNS
Client Subnet and in-band key provisioning through magic record types.  It
is now also seeing work on 'DNS Stateful Operations', XPF, ANAME (ALIAS),
resolver/client encryption, resolver/authoritative encryption & KSK
Each of these features interacts with all the others. Every addition

therefore causes a further combinatorial explosion in complexity.

Up to now, the increase in DNS complexity (mostly driven by DNSSEC) has been
made possible by the huge pool of programming talent, mostly in the open
source world.

This presentation sets out, with examples, how innoccuous features
contribute to the combinatorial rise of complexity, and how we might ponder
thinking twice before loading up this camel further."