Re: [DNSOP] my lone hum against draft-wkumari-dnsop-multiple-responses

George Michaelson <ggm@algebras.org> Tue, 19 July 2016 06:18 UTC

Return-Path: <ggm@algebras.org>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4370012D0DE for <dnsop@ietfa.amsl.com>; Mon, 18 Jul 2016 23:18:59 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.58
X-Spam-Level:
X-Spam-Status: No, score=-1.58 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, MISSING_HEADERS=1.021, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=algebras-org.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id we2MJhDM6O6V for <dnsop@ietfa.amsl.com>; Mon, 18 Jul 2016 23:18:57 -0700 (PDT)
Received: from mail-vk0-x231.google.com (mail-vk0-x231.google.com [IPv6:2607:f8b0:400c:c05::231]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4DEBD12D08F for <dnsop@ietf.org>; Mon, 18 Jul 2016 23:18:57 -0700 (PDT)
Received: by mail-vk0-x231.google.com with SMTP id s189so11407484vkh.1 for <dnsop@ietf.org>; Mon, 18 Jul 2016 23:18:57 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=algebras-org.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:from:date:message-id:subject:cc; bh=6Awfd84d1dIOH6V7lYxOHrkvcD4OJ6xT+N7gcMIe28A=; b=VszyUUNdIiQVXrYtJvIF1blsjczXOugqArlKRTxtKlEGHGJa/S2UnuYi+yH6unPG1r qFLeXHAnX5ON/OAw62RVVY6189pL9F7iJmfEjAxpMQI5hYMH98e6sH7hM3LZADN95143 mp2CLVQDvrfrBXYMIs8CmzQ+UPOVfDJZTHgb8BurVp8WD7zHeSxvQXU+SO0hUMcNEb3U Evqo0TJr1aWuiRXJF+T9Zno5E/f+pq8booT81JANHvdbCirlca3vV1R5SL0mxIDEOWBw EKR5SqVs7uX4A004hGojBFMT1a5uKxWf14Fz9sL3aYCr4V85iBrreiRiXeRdOmVlQUrU ijPA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:cc; bh=6Awfd84d1dIOH6V7lYxOHrkvcD4OJ6xT+N7gcMIe28A=; b=LiRoRi4giNMaMx34ndlD5vL0lUO5TiqHK6qSYvqIsTYiTppHUwFPX8Yi9UDgj5aaPs 221AFIerOskIi55B+s9NLUrEkvEtgXPOEL2QgeMSzV9rl5/pMJipOpAq54+ET9/BriN1 wyTlf8847wSDzRrLfS3AFKtVdSrbN4ACcnOVau5FQsTIbg+uSSPXLBrl2sQODBoy6dMm VXNpiFx+qsVTWAGg2k3jMazqk0q/dLh3wCwznlgDQNzP6turqjzNuOnyxPL/3v7Dp9pk CTZU39Gb8xsyqm38NDd2ygNeAX6is8IycUicKf8KCwiMNrI8BARVgybplLvCiFCyi06i AFjw==
X-Gm-Message-State: ALyK8tJ7ZDiLr4JwZgRMAGK7YNkNUbqsCeoW1xbiVDVQ6Pj7qjtD07eiVCXAEOuHT8Hjt0BHO8qFN33yvGWhXA==
X-Received: by 10.31.124.15 with SMTP id x15mr14950378vkc.148.1468909136199; Mon, 18 Jul 2016 23:18:56 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.103.75.71 with HTTP; Mon, 18 Jul 2016 23:18:55 -0700 (PDT)
X-Originating-IP: [2001:dc0:a000:4:31bd:9c4a:1280:12a0]
In-Reply-To: <BC65B5D1-C49B-4038-92CD-FF629AB9A75D@fl1ger.de>
References: <alpine.LRH.2.20.1607181050180.27489@bofh.nohats.ca> <BC65B5D1-C49B-4038-92CD-FF629AB9A75D@fl1ger.de>
From: George Michaelson <ggm@algebras.org>
Date: Tue, 19 Jul 2016 16:18:55 +1000
Message-ID: <CAKr6gn2WEAAm-o2appid9Nq+6p09ff0468RoyfqTRK4KMycMOw@mail.gmail.com>
Cc: dnsop <dnsop@ietf.org>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/k26wVyEgrurbbx6hkd9Hq7hLKsE>
Subject: Re: [DNSOP] my lone hum against draft-wkumari-dnsop-multiple-responses
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 19 Jul 2016 06:18:59 -0000

"in reality" is skewing the story. You don't foresee a usecase, but
you do foresee abuse? So deploy cookies or move to TCP, or DTLS or
some other cost space where amplify implies special knowledge, or cost
on the amplifier.

I'm not sure I understand the use-case either btw, but this rebuttal
smells like the classic 'FUD it out of existence' IETF approach.
Warren is smart. I'm sure he thought of this.

-G

PS a use case as I understand it, is people (like 8.8.8.8) who see
patterns in otherwise unrelated DNS query and could potentially short
circuit in time, and query chain sequence things which are utterly
predictable. You ask for A? we know in 2 ms you will ask for AAAA, or
DS/DNSKEY of the parent or... because.. well because we have the query
dynamics in the space, and we know what we see. So lets put things
into answers and start converting clients to understand this, and we
drop query load significantly and speed up DNS closure. This feels
like optimizations we'd expect in other protocols.