Re: [DNSOP] Fwd: New Version Notification for draft-ietf-dnsop-refuse-any-05.txt

Richard Gibson <richard.j.gibson@oracle.com> Mon, 05 March 2018 20:02 UTC

Return-Path: <richard.j.gibson@oracle.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 040C312E03D for <dnsop@ietfa.amsl.com>; Mon, 5 Mar 2018 12:02:45 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.009
X-Spam-Level:
X-Spam-Status: No, score=-2.009 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=oracle.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bLkAQHg2-bhG for <dnsop@ietfa.amsl.com>; Mon, 5 Mar 2018 12:02:42 -0800 (PST)
Received: from aserp2120.oracle.com (aserp2120.oracle.com [141.146.126.78]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 92A2512DB71 for <dnsop@ietf.org>; Mon, 5 Mar 2018 12:02:21 -0800 (PST)
Received: from pps.filterd (aserp2120.oracle.com [127.0.0.1]) by aserp2120.oracle.com (8.16.0.22/8.16.0.22) with SMTP id w25K2AwU046717; Mon, 5 Mar 2018 20:02:18 GMT
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=oracle.com; h=subject : to : references : from : message-id : date : mime-version : in-reply-to : content-type; s=corp-2017-10-26; bh=bDCNqOIN6YHb8MjEDTJ6zXx8Ky0nGEBts5qcqW6E+3c=; b=iooKpp7NHvwEEjxeKapM8888UgU+m/+sTxSknJWd6KbcU/ZAEeQa0EyKDa/IF6nkWjRM 6TZLsmZ5HeQM4suCyjVs5AXiEclSxKk0vR6kZcjjZuIkKj2cYyRdziL3zkj4vrCNPGhs 62eYd65FF1vGK/0g6Le/LzuOH4fsWUPppdeT/eIc6n9qI7s9BQy0PVo96kHyysb6U8eX LltUwhiGuL2wx6yxG3uxu54kPDyVwgIDzFVNqOHAE+OIOL2j4F9V3I86caPiZXCi3XOJ bLJV52zcg9AG+sTgMUw3AU0KyrYGu0Frk0OqaDQSZ4zlLJE8eCDWoTRt8tsMxji//mIe qQ==
Received: from aserv0021.oracle.com (aserv0021.oracle.com [141.146.126.233]) by aserp2120.oracle.com with ESMTP id 2ghbtdgaxv-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Mon, 05 Mar 2018 20:02:12 +0000
Received: from aserv0122.oracle.com (aserv0122.oracle.com [141.146.126.236]) by aserv0021.oracle.com (8.14.4/8.14.4) with ESMTP id w25K0QZR029912 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=FAIL); Mon, 5 Mar 2018 20:00:26 GMT
Received: from abhmp0007.oracle.com (abhmp0007.oracle.com [141.146.116.13]) by aserv0122.oracle.com (8.14.4/8.14.4) with ESMTP id w25K0Qhj026047; Mon, 5 Mar 2018 20:00:26 GMT
Received: from [172.16.4.104] (/216.146.45.242) by default (Oracle Beehive Gateway v4.0) with ESMTP ; Mon, 05 Mar 2018 12:00:26 -0800
To: Joe Abley <jabley@hopcount.ca>, dnsop <dnsop@ietf.org>
References: <152027747064.31710.8843129799069187895.idtracker@ietfa.amsl.com> <E9AB4737-2BD9-40BC-8194-6AA771C3E994@hopcount.ca>
From: Richard Gibson <richard.j.gibson@oracle.com>
Message-ID: <507d1fb7-8607-91d2-00b3-2e2aac5b98da@oracle.com>
Date: Mon, 5 Mar 2018 15:00:25 -0500
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.6.0
MIME-Version: 1.0
In-Reply-To: <E9AB4737-2BD9-40BC-8194-6AA771C3E994@hopcount.ca>
Content-Type: multipart/alternative; boundary="------------C2CF578E4D189CD2F3B0EB4A"
Content-Language: en-US
X-Proofpoint-Virus-Version: vendor=nai engine=5900 definitions=8823 signatures=668683
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 suspectscore=3 malwarescore=0 phishscore=0 bulkscore=0 spamscore=0 mlxscore=0 mlxlogscore=999 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1711220000 definitions=main-1803050229
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/rzG4BY4XRZD9jAw3_RapiJp5gnI>
Subject: Re: [DNSOP] Fwd: New Version Notification for draft-ietf-dnsop-refuse-any-05.txt
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 05 Mar 2018 20:02:45 -0000

To re-raise my unaddressed points:

  * The document should include planned text you mentioned acknowledging
    lack of a signal to indicate "partial response" for section
    4.1/section 4.3 subset responses ([1]).
  * "Conventional [ANY] response" is used but not defined ([2]).
  * The document needs to identify itself as updating RFC 1034
    (specifically, section 4.3.2).
  * In section 7, "ANY does not mean ALL" is misleading—[RFC 1035
    section 3.2.3] is clear about QTYPE=255 being "a request for **all**
    records" (emphasis mine). That said, the proposed response behavior
    is consistent with that RFC.

[1]: https://www.ietf.org/mail-archive/web/dnsop/current/msg20629.html
[2]: https://www.ietf.org/mail-archive/web/dnsop/current/msg20628.html
[RFC 1035 section 3.2.3]: https://tools.ietf.org/html/rfc1035#section-3.2.3


On 03/05/2018 02:28 PM, Joe Abley wrote:
> Hi all,
>
> Per subject, see below, etc. I apologise for the ludicrous amount of time it has taken for me to do these final edits. Fortunately the beatings continued until the morale improved.
>
> I believe the -05 represents a reasonable facsimile of the consensus of suggestions that came up at the working group last call, which some of you may recall (others are no doubt too young). Apart from language changes, the principal change from the -04 is a softening of the language regarding RRSIG, basically punting any such specification to future work whilst observing the potential for alignment in approach. This seemed like a reasonable compromise and arguably better than specifying behaviour without the benefit of real-world experience or detailed RRSIG-specific thinking.
>
>
> Joe
>
>> Begin forwarded message:
>>
>> From: internet-drafts@ietf.org
>> Subject: New Version Notification for draft-ietf-dnsop-refuse-any-05.txt
>> Date: 5 March 2018 at 14:17:50 EST
>> To: "Joe Abley" <jabley@afilias.info>fo>, "Marek Majkowski" <marek@cloudflare.com>om>, "Olafur Gudmundsson" <olafur+ietf@cloudflare.com>
>>
>>
>> A new version of I-D, draft-ietf-dnsop-refuse-any-05.txt
>> has been successfully submitted by Joe Abley and posted to the
>> IETF repository.
>>
>> Name:		draft-ietf-dnsop-refuse-any
>> Revision:	05
>> Title:		Providing Minimal-Sized Responses to DNS Queries that have QTYPE=ANY
>> Document date:	2018-03-05
>> Group:		dnsop
>> Pages:		10
>> URL:            https://www.ietf.org/internet-drafts/draft-ietf-dnsop-refuse-any-05.txt
>> Status:         https://datatracker.ietf.org/doc/draft-ietf-dnsop-refuse-any/
>> Htmlized:       https://tools.ietf.org/html/draft-ietf-dnsop-refuse-any-05
>> Htmlized:       https://datatracker.ietf.org/doc/html/draft-ietf-dnsop-refuse-any-05
>> Diff:           https://www.ietf.org/rfcdiff?url2=draft-ietf-dnsop-refuse-any-05
>>
>> Abstract:
>>    The Domain Name System (DNS) specifies a query type (QTYPE) "ANY".
>>    The operator of an authoritative DNS server might choose not to
>>    respond to such queries for reasons of local policy, motivated by
>>    security, performance or other reasons.
>>
>>    The DNS specification does not include specific guidance for the
>>    behaviour of DNS servers or clients in this situation.  This document
>>    aims to provide such guidance.
>>
>>
>>
>>
>> Please note that it may take a couple of minutes from the time of submission
>> until the htmlized version and diff are available at tools.ietf.org.
>>
>> The IETF Secretariat
>>
>
>
> _______________________________________________
> DNSOP mailing list
> DNSOP@ietf.org
> https://www.ietf.org/mailman/listinfo/dnsop