Re: [DNSOP] Eric Rescorla's No Objection on draft-ietf-dnsop-dns-capture-format-08: (with COMMENT)
Eric Rescorla <ekr@rtfm.com> Wed, 21 November 2018 18:33 UTC
Return-Path: <ekr@rtfm.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AF555130DFB for <dnsop@ietfa.amsl.com>; Wed, 21 Nov 2018 10:33:32 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.357
X-Spam-Level:
X-Spam-Status: No, score=-3.357 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-1.459, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, NORMAL_HTTP_TO_IP=0.001, RCVD_IN_DNSWL_NONE=-0.0001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=rtfm-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id e72orzaNxHuh for <dnsop@ietfa.amsl.com>; Wed, 21 Nov 2018 10:33:30 -0800 (PST)
Received: from mail-lf1-x12b.google.com (mail-lf1-x12b.google.com [IPv6:2a00:1450:4864:20::12b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 91B2C130DC2 for <dnsop@ietf.org>; Wed, 21 Nov 2018 10:33:27 -0800 (PST)
Received: by mail-lf1-x12b.google.com with SMTP id p17so4729724lfh.4 for <dnsop@ietf.org>; Wed, 21 Nov 2018 10:33:27 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rtfm-com.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=wf6uIgwKoRpJEdeEahV72ZekEBaQXxupqo3jV6XBaEM=; b=Bj7xsxN2pkRmqo17pfjOEOaOzLFGOgWywp5nlR9Nf3J8PB2kTHCIHnNQXR8XIo1Ln6 1e1FHAIA4c7T+8HXiwp6aFWVfHzlNf4CR41o/2eOtlSTBCEidd4XdD3XA/7QbQeKLcgQ wTuTSJkWmhlv+WTiAEmMegOZ8PlUySLXQ+nDeHEMSubVDqtkFMA8B1gNxN+JW069ZYcg YgP6UBjlcMrMZ/hCgEGne8syz+6iC2QN8RogLvPkHfvbjGJDK3+P3RV/rxUWrOWtSXyL IJLmhYCzDmb+7gdrxCDsOiZRY0zg0fMIKJid64VcqCaSdUtxmnVD9Jz7ijQJv4bilz/+ QsTw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=wf6uIgwKoRpJEdeEahV72ZekEBaQXxupqo3jV6XBaEM=; b=aml+qiz2Y2TXxF8vT/oq3Cm1KA2RLdNDagqWNENn4ttCSdHhqfmLFFnV/xXn1ENRZU dvTBRx1pPFGdfkzsOs5/Fy5mXzSauNSyvCQJ/eV9No7SC6yaeheqIfWO4TP63RHuKBPq /umIzePfvvMlLYT/KvHBf2IQx99zhEaUPATEQi1m1pWDqdEqL5mzFGAAcOP/F+ZZlNlz 9QhuKxB/C/SQo/2bbmFh2I+MqLjddady5NtPbm/FlZ1dLLjbLvoSbWHRHNgy8nzR2qGq alBvA+CUV7q1hlZ+kblZHEjhoEbVvg3fBAT3SVu59uiw13i/tI6/+u6Ou5lUVqPKcXXA WYaQ==
X-Gm-Message-State: AA+aEWYZkgqEImmfq1CQijqYpXSrqvaTPg/WjkfFHgFCB4F9N3GkuIvy aQRmm5zUmu7EBZNqoVb3K1ST3ZxZoUQnfiNcYa0MOQ==
X-Google-Smtp-Source: AFSGD/XoHtf8vf2qa3VUIHHXvTEHgIv/kbIOCOI45Onci7WGJOcYsbEJGRdnwbK0GXF6ttuCI7DEiZ4KD90qFcJK1+Q=
X-Received: by 2002:a19:914b:: with SMTP id y11mr2535675lfj.98.1542825205490; Wed, 21 Nov 2018 10:33:25 -0800 (PST)
MIME-Version: 1.0
References: <154276604012.29783.13143298760072667462.idtracker@ietfa.amsl.com> <C1F35F94-0AF9-4455-91ED-1BFF2F4BDC39@sinodun.com>
In-Reply-To: <C1F35F94-0AF9-4455-91ED-1BFF2F4BDC39@sinodun.com>
From: Eric Rescorla <ekr@rtfm.com>
Date: Wed, 21 Nov 2018 10:32:48 -0800
Message-ID: <CABcZeBPpwZuQXnsUq8ubV0AuBVp1UpfOUkm9oUBFLxamCap1Wg@mail.gmail.com>
To: Sara Dickinson <sara@sinodun.com>
Cc: IESG <iesg@ietf.org>, Tim Wicinski <tjw.ietf@gmail.com>, dnsop WG <dnsop@ietf.org>, dnsop-chairs <dnsop-chairs@ietf.org>, draft-ietf-dnsop-dns-capture-format@ietf.org
Content-Type: multipart/alternative; boundary="00000000000053026d057b30fcae"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/nftq5YP4s-v1rnu3mRJ2L7j3rro>
Subject: Re: [DNSOP] Eric Rescorla's No Objection on draft-ietf-dnsop-dns-capture-format-08: (with COMMENT)
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 21 Nov 2018 18:33:33 -0000
On Wed, Nov 21, 2018 at 9:25 AM Sara Dickinson <sara@sinodun.com> wrote: > > > Begin forwarded message: > > *From: *Eric Rescorla <ekr@rtfm.com> > *Subject: **Eric Rescorla's No Objection on > draft-ietf-dnsop-dns-capture-format-08: (with COMMENT)* > *Date: *21 November 2018 at 02:07:20 GMT > *To: *"The IESG" <iesg@ietf.org> > *Cc: *Tim Wicinski <tjw.ietf@gmail.com>, tjw.ietf@gmail.com, > dnsop@ietf.org, dnsop-chairs@ietf.org, > draft-ietf-dnsop-dns-capture-format@ietf.org > *Resent-From: *<alias-bounces@ietf.org> > *Resent-To: *jad@sinodun.com, jim@sinodun.com, sara@sinodun.com, > terry.manderson@icann.org, john.bond@icann.org > > Eric Rescorla has entered the following ballot position for > draft-ietf-dnsop-dns-capture-format-08: No Objection > > > Hi, > > Many thanks for the review > > > ---------------------------------------------------------------------- > COMMENT: > ---------------------------------------------------------------------- > > Rich version of this review at: > https://mozphab-ietf.devsvcdev.mozaws.net/D4670 > > > I support Ben's DISCUSS. > > > Ack - hopefully our response to him addresses your concerns. > I'll leave it with him. > Am I understanding the design correctly in that you can't have > literals in the individual per-query values, but instead references to > the block tables, so you can't stream inside a block? > > > Yes, that is correct - do you think we need to add text to clarify this? > Yes, as it seems like an unobvious tradeoff. It's worth noting that if you put the block tables at the end, you could save memory on the encoder. > > > IMPORTANT > S 7.5.1. > > | earliest-time | O | A | A timestamp (2 unsigned integers, | > | | | | "Timestamp") for the earliest record | > | | | | in the "Block" item. The first integer | > | | | | is the number of seconds since the | > | | | | Posix epoch ("time_t"). The second | > | | | | integer is the number of ticks since | > > > I don't know what a "tick" is, so you need some definitionf or this. > > > From 7.4.1.1: > > ticks-per-second | M | U | Sub-second timing is recorded in | > | | | | ticks. This specifies the number of | > | | | | ticks in a second. > > This was the solution to a request to allow flexibility in how granular > the sub-second timing increments are. > Ah I missed that. A reference to 7.4.1.1 would help. > S 7.4.1.1.1. > > > +------------------+---+---+----------------------------------------+ > | Field | O | T | Description | > +------------------+---+---+----------------------------------------+ > | query-response | M | U | Hints indicating which "QueryResponse" | > | -hints | | | fields are omitted, see section | > > > Nit: generally, you would say "indicating which fields are included" > if 1 means included. > > > The issue is that if the bit is set the field might still be missing > because although the configuration was set to collect it the data wasn’t > available to the encoder from some other reason. However when the bit is > not set it means that the data will definitely not be present because the > collector is configured not to collect it. > > We do discuss this problem in section 6.2.1 - perhaps a reference in the > table back to that discussion is what is needed? > Maybe, I just thought that the text was a bit odd. > > > S 7.5.3. > > +---------------------+---+---+-------------------------------------+ > > 7.5.3. "BlockTables" > > Arrays containing data referenced by individual "QueryResponse" or > "MalformedMessage" items in this "Block". Each element is an array > > > This is not a sentence. > > > Suggest: “Map of arrays containing data... " > Maybe. I'll let you sort this out with RFC Ed. S 7.5.3.2. > > +--------------------+---+---+--------------------------------------+ > | server-address | O | U | The index in the item in the "ip- | > | -index | | | address" array of the server IP | > | | | | address. See Section 7.5.3. | > | | | | | > | server-port | O | U | The server port. | > > > Isn't the server port generally constant? It seems like you might save > some bits by having this attached to the server and then indixed > abvoe. > > > Yes it is (or likely to be one of 3 values), and I think you are right > there is a small saving in what you are suggesting but we chose consistency > of representation (with client address) over that slight added saving... > OK. Just thought I would point it out. -Ekr > > > > S 7.5.3.2. > > | | | | used to service the query. | > | | | | Bit 0. IP version. 0 if IPv4, 1 if | > | | | | IPv6 | > | | | | Bit 1-4. Transport. 4 bit unsigned | > | | | | value where 0 = UDP, 1 = TCP, 2 = | > | | | | TLS, 3 = DTLS. Values 4-15 are | > > > You might want to specify DoH > > > > S 7.5.3.5. > > | | | | Bit 0. IP version. 0 if IPv4, 1 if | > | | | | IPv6 | > | | | | Bit 1-4. Transport. 4 bit unsigned | > | | | | value where 0 = UDP, 1 = TCP, 2 = | > | | | | TLS, 3 = DTLS. Values 4-15 are | > | | | | reserved for future use. | > > > Again, probably want to specify DoH. > > > Yes - we’ll add it. > > > > S 17.3. > > [18] https://github.com/dns-stats/draft-dns-capture- > format/blob/master/file-size-versus-block-size.svg > > Appendix A. CDDL > > This appendix gives a CDDL [I-D.ietf-cbor-cddl] specification for > > > Is this a normative appendix? > > > As picked up in other reviews, we will make the CDDL document a normative > reference. > > Best regards > > Sara. > >
- [DNSOP] Eric Rescorla's No Objection on draft-iet… Eric Rescorla
- Re: [DNSOP] Eric Rescorla's No Objection on draft… Sara Dickinson
- Re: [DNSOP] Eric Rescorla's No Objection on draft… Eric Rescorla