Re: [DNSOP] I-D Action: draft-bellis-dnsext-multi-qtypes-08.txt
Ray Bellis <ray@bellis.me.uk> Fri, 17 November 2023 10:23 UTC
Return-Path: <ray@bellis.me.uk>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0E032C1516F8 for <dnsop@ietfa.amsl.com>; Fri, 17 Nov 2023 02:23:41 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.906
X-Spam-Level:
X-Spam-Status: No, score=-1.906 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=portfast.net
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id EAWlsH-Y7Ynu for <dnsop@ietfa.amsl.com>; Fri, 17 Nov 2023 02:23:37 -0800 (PST)
Received: from mail.portfast.net (mail.portfast.net [IPv6:2a03:9800:20:1::2]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2F8F9C151552 for <dnsop@ietf.org>; Fri, 17 Nov 2023 02:23:35 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=portfast.net; s=dkim; h=Content-Transfer-Encoding:Content-Type:In-Reply-To: From:References:To:Subject:MIME-Version:Date:Message-ID:Sender:Reply-To:Cc: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=MIpqRPli/Yzq3dAQfUCgaotPpNHDCD46I7QQ69pJZrk=; b=LGQsBDoPsrlD8tN/vRMWKFgP4t Z2JRJaUeEi1S62sHNaPIsklMi8u07zsUmKKeMXHxx2VXTRLTv2DeKkqae0VturJLxDpFRvfPibU8s W3cXYE6Zot5CuYo61VEMEsoEFkHex3HWUWu18vb3mMsBbPf6IzpBJ53b4NWE+KPR+AKI=;
Received: from [213.18.158.12] (port=53140 helo=[10.1.2.72]) by mail.portfast.net ([188.246.200.9]:465) with esmtpsa (fixed_plain:ray@bellis.me.uk) (TLS1.3:ECDHE_X25519__RSA_PSS_RSAE_SHA256__AES_128_GCM:128) id 1r3w0a-002y3d-2E (Exim 4.96) for dnsop@ietf.org (return-path <ray@bellis.me.uk>); Fri, 17 Nov 2023 10:23:32 +0000
Message-ID: <6c35913b-e938-4b0f-88da-0c07151d2735@bellis.me.uk>
Date: Fri, 17 Nov 2023 10:23:30 +0000
MIME-Version: 1.0
User-Agent: Mozilla Thunderbird
Content-Language: en-GB
To: dnsop@ietf.org
References: <169996260219.33611.6405129886775920165@ietfa.amsl.com> <5c529b73-07a8-3e81-c478-a3aaed8b9a23@nohats.ca>
From: Ray Bellis <ray@bellis.me.uk>
In-Reply-To: <5c529b73-07a8-3e81-c478-a3aaed8b9a23@nohats.ca>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/o3jhUQAVjAB58qpOUAkvzX6lQaQ>
Subject: Re: [DNSOP] I-D Action: draft-bellis-dnsext-multi-qtypes-08.txt
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 17 Nov 2023 10:23:41 -0000
On 16/11/2023 11:13, Paul Wouters wrote: > On Tue, 14 Nov 2023, internet-drafts@ietf.org wrote: > >> Internet-Draft draft-bellis-dnsext-multi-qtypes-08.txt is now available. > > Last time this came around I also suggested instead of n times QT > entries, to use the same method as NSEC does for conveying which RRtypes > are covered using a single bitmap: > > https://datatracker.ietf.org/doc/html/rfc3845#section-2.1.2 Speaking personally, I am not a fan of NSEC bitmaps when used to encode a small and possibly sparse list of QTYPES. It's relatively complicated to encode / decode and is often inefficient. I note, for example, that encoding HTTPS (type 65) this way requires 10 octets. Notwithstanding that asking for "AAAA" too would also fit within that 10 octet bitmap, in this draft's simpler model it would only take 2 octets to encode HTTPS, or 4 to encode AAAA + HTTPS. In any other use case where multi-qtypes is just used to request one single additional type then that singleton list takes two octets irrespecitive of what that type is, and that's smaller than the smallest possible NSEC bitmap (3 octets). [I've excluded the QTCOUNT leading byte because it has been suggested that it's not necessary. This should be a separate discussion]. Making HTTPS the primary QTYPE such that the EDNS option only needs to encode (A + AAAA) would reduce an NSEC-style bitmap from 10 bytes to 6, but it'll be a long time before HTTPS becomes the most common response to A / AAAA / HTTP. cheers, Ray
- [DNSOP] I-D Action: draft-bellis-dnsext-multi-qty… internet-drafts
- Re: [DNSOP] I-D Action: draft-bellis-dnsext-multi… Paul Wouters
- Re: [DNSOP] I-D Action: draft-bellis-dnsext-multi… Ray Bellis
- Re: [DNSOP] I-D Action: draft-bellis-dnsext-multi… Paul Wouters
- Re: [DNSOP] I-D Action: draft-bellis-dnsext-multi… Ray Bellis
- Re: [DNSOP] I-D Action: draft-bellis-dnsext-multi… Paul Wouters
- Re: [DNSOP] I-D Action: draft-bellis-dnsext-multi… Ted Lemon
- Re: [DNSOP] I-D Action: draft-bellis-dnsext-multi… John Levine
- Re: [DNSOP] I-D Action: draft-bellis-dnsext-multi… Peter Thomassen