Re: [DNSOP] draft-tale-dnsop-serve-stale

Shumon Huque <shuque@gmail.com> Wed, 29 March 2017 01:31 UTC

Return-Path: <shuque@gmail.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 899E112948D for <dnsop@ietfa.amsl.com>; Tue, 28 Mar 2017 18:31:31 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.698
X-Spam-Level:
X-Spam-Status: No, score=-2.698 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id UgE87EH6kqP6 for <dnsop@ietfa.amsl.com>; Tue, 28 Mar 2017 18:31:29 -0700 (PDT)
Received: from mail-vk0-x236.google.com (mail-vk0-x236.google.com [IPv6:2607:f8b0:400c:c05::236]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7D84C127B52 for <dnsop@ietf.org>; Tue, 28 Mar 2017 18:31:29 -0700 (PDT)
Received: by mail-vk0-x236.google.com with SMTP id d188so1933208vka.0 for <dnsop@ietf.org>; Tue, 28 Mar 2017 18:31:29 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=hnz9ENHYvCU17o8ffukOxE61Z62PqseHd1mAK1Wy4pY=; b=EsEkVbTrWze1dv+9bfirbrMLIX6qNcX2TAcNN6pg2HvIxTpr67FibSNUUk9828bPKN Wy6KVQSKIa+VPLN/u18i312dzLBfA6zKdydWgrrshYNmcIIh4NUFCdxGxeTuJ2dTXIMn j9UzbmAAc//pItNuplubAue3fH5rHlG+w+QN/pO7w2roeZsx3LpNna0t8LG6Mi94KVw7 xp3M9Pd6dxzxUBtTg9FxnZz4Qq2pSZiqhvW+UshPhQumQr+D1wWlDCW3hVUQLNx8nJms 8NevVH5CLgLdFIN0CjWfjxwTS4WpNh5zlI0spVDU8v40p72wg8ivDSc5BFSRUvcwZJcj DRoA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=hnz9ENHYvCU17o8ffukOxE61Z62PqseHd1mAK1Wy4pY=; b=bwaI42lEwRCZn2xfQGDk4yhpkhveJ3z0meDwMQiziHkF0b8v1rdmf/Omg3HDM+UTKs PXpbKIOFPomeA9R4bFFbAUI9mRqeYhH50G+rTHc3nq7BY4r0b3UgwE5xx4AZ6RH10QuM VyLLNKt30HRY0iUSfwgl4WjDiox47RcuBRRznhsHN4hlvUwrsJsBBBEIdQztHAo9qUXd 5KoJ1zZsld3v/wReUt4Yz+o0IQBl0uTXt/B127em/8Yqt5l4yWzsu4hloQiUoND4clf0 4BTKovzEUpv0e/Z3fg5ixTLkxS/lvNKBSZOCHiVBJex9v7N24YpG2hiCiTxfL7U69UMR K9UA==
X-Gm-Message-State: AFeK/H2AG0WytSsdaTC4w30tAzVJsoowUbJEepHN2l6WZXJFJL/nxZicYKajSzWxwUjIvxDEhgR6pqRPJ1vMbA==
X-Received: by 10.176.82.238 with SMTP id w43mr6599936uaw.171.1490751088496; Tue, 28 Mar 2017 18:31:28 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.176.84.207 with HTTP; Tue, 28 Mar 2017 18:31:27 -0700 (PDT)
In-Reply-To: <58DA9B68.2020007@redbarn.org>
References: <22745.35498.811412.936974@gro.dd.org> <69EA837B-77BE-4202-8BFF-0243CF6AAC07@redbarn.org> <B18C12F9-D3EF-46D7-90D4-E58CEA575966@puck.nether.net> <20170328132050.018870d5@aardbei.mobile.plexis.eu> <CAHw9_iLOnKz_0c95FBzo0vt5n0TARwDYYYGvTafaQRcnZev64w@mail.gmail.com> <58DA9B68.2020007@redbarn.org>
From: Shumon Huque <shuque@gmail.com>
Date: Tue, 28 Mar 2017 20:31:27 -0500
Message-ID: <CAHPuVdXMqkKwxQiQ4Npsy+ucrzFVh=3ZR1HqyVQgLG+g_siHvg@mail.gmail.com>
To: Paul Vixie <paul@redbarn.org>
Cc: Warren Kumari <warren@kumari.net>, dnsop <dnsop@ietf.org>, Pieter Lexis <pieter.lexis@powerdns.com>
Content-Type: multipart/alternative; boundary=94eb2c18f5e2141a0e054bd48986
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/f2c_X5KW407ChZmNopyn2--DOfg>
Subject: Re: [DNSOP] draft-tale-dnsop-serve-stale
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 29 Mar 2017 01:31:31 -0000

On Tue, Mar 28, 2017 at 12:20 PM, Paul Vixie <paul@redbarn.org> wrote:

>
> since it allocates no code point and the method requires no interop,
> this draft feels a bit like resimprove, which died on the vine for no
> reason i can now recall. it's harmless as an FYI, but does not belong on
> the standards track.
>
> speaking of resimprove, i hope you'll include in this draft the idea of
> using delegation-TTL as a delegation-recheck interval, and using an
> authoritative NXDOMAIN from the delegator as proof that you need to run
> an "rm -rf" in your cache.
>
> i bring this up because we need to be able to kill more cached data
> faster-- the opposite of stretchiness-- for abuse control reasons. if
> you're going to soften the signaling for cache expiration, you really
> ought to balance that out with this simple method of also hardening it.
>

Hi Paul,

Perhaps you've forgotten (since you participated in the discussions), but
the portion of resimprove that dealt with expunging cached data below the
NXDOMAIN boundary was rescued, expanded on, and published as
RFC 8020 ("NXDOMAIN: There Really is Nothing Underneath") late last
year.

-- 
Shumon Huque