Re: [DNSOP] New Version Notification for draft-sury-deprecate-obsolete-resource-records-00.txt

Michael Casadevall <michael@casadevall.pro> Mon, 26 March 2018 14:22 UTC

Return-Path: <michael@casadevall.pro>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4D18D1250B8 for <dnsop@ietfa.amsl.com>; Mon, 26 Mar 2018 07:22:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.911
X-Spam-Level:
X-Spam-Status: No, score=-1.911 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id cOUjU4uyg-Nv for <dnsop@ietfa.amsl.com>; Mon, 26 Mar 2018 07:22:30 -0700 (PDT)
Received: from casadevall.pro (casadevall.pro [45.33.112.193]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B1E2A12420B for <dnsop@ietf.org>; Mon, 26 Mar 2018 07:22:30 -0700 (PDT)
Received: from [192.168.2.2] (cpe-68-174-119-246.nyc.res.rr.com [68.174.119.246]) by casadevall.pro (Postfix) with ESMTPSA id 723A51F694 for <dnsop@ietf.org>; Mon, 26 Mar 2018 14:22:27 +0000 (UTC)
To: dnsop@ietf.org
References: <002DCABB-24CE-42FA-8DA6-2A458E5F89A1@isc.org> <5AB53F8B.9070504@redbarn.org> <7CF21F70-9419-4D6A-B555-FC229F90E8A9@isc.org> <5AB546CB.3030408@redbarn.org> <CCAE4014-67F8-4E73-A893-AA06B83E880B@isc.org> <20180324124958.GA29255@puck.nether.net> <CAJhMdTPRn=mUQ6xh_HFdFLBk109b_M2+saS86KFxsttb8_oVvw@mail.gmail.com> <20180325080558.GA18671@isc.org> <066C83F5-5E1C-4DF8-8D45-A7E9F3A44673@vpnc.org> <DCE31CFA-534E-451F-B743-E022F62C7516@isc.org> <20180326124544.GA32080@isc.org>
From: Michael Casadevall <michael@casadevall.pro>
Message-ID: <552cfda4-572b-7c88-b5b8-0cda5c49e2fd@casadevall.pro>
Date: Mon, 26 Mar 2018 10:22:30 -0400
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.5.0
MIME-Version: 1.0
In-Reply-To: <20180326124544.GA32080@isc.org>
Content-Type: text/plain; charset=utf-8
Content-Language: en-US
Content-Transfer-Encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/tD1S9VyXK1TIAnqt1s44bcz7CxU>
Subject: Re: [DNSOP] New Version Notification for draft-sury-deprecate-obsolete-resource-records-00.txt
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 26 Mar 2018 14:22:32 -0000


On 03/26/2018 08:45 AM, Evan Hunt wrote:
> On Mon, Mar 26, 2018 at 02:09:14PM +0200, Ondřej Surý wrote:
>> That’s one of the goals of the document - saying: “it’s ok to not
>> implement those RR Types, and it’s ok to break if you receive them"
> 
> We need to state clearly what is meant by "ok to break".
> 

I think to be more specifically, the end goal should be the ability to
treat obsolete record types as RFC 3597 and remove special casing for
them. That way, new resolvers simply have to implement 3597 and not
worry about associated edge cases with the obsolete types.

> I described my preferred approach as an implementer upthread. Let me
> state it again more formally and let people knock it down:
> 
> 0. types will be flagged as obsolete/deprecated in the IANA registry,
>    and the following guidance is given to DNS implementors in the handling
>    of obsolete/deprecated RR types:
> 
> 1. auth servers SHOULD log a warning when loading zones that contain
>    obsolete/deprecated rrtypes.
> 
> 2. responders SHOULD NOT compress rdata when rendering obsolete/deprecated
>    type records to wire format.
> 

The problem here is that right up until the point the camel declares
these RRtypes dead, the specification specifically allows them to be
compressed.

Specifically quoting RFC 3597 here:
   To avoid such corruption, servers MUST NOT compress domain names
   embedded in the RDATA of types that are class-specific or not well-
   known.  This requirement was stated in [RFC1123] without defining the
   term "well-known"; it is hereby specified that only the RR types
   defined in [RFC1035] are to be considered "well-known".

By definition, the types are in RFC1035; they're well known and thus
compressible. One DNS server may serve a given record uncompressed,
while the next one down the pipe compresses it depending on it's
implementation.

This came up earlier in the thread, but PowerDNS has an open bug about
this and the MB type due to BIND sending the record compressed, and
PowerDNS not recognizing it: https://github.com/PowerDNS/pdns/issues/5687

> 3. queriers which receive obsolete/deprecated type records MAY interpret
>    them as unknown type records (rfc 3597), and MUST NOT interfere with
>    their transmission.
> 
>    3a. note that the choice to parse obsolete/deprecated MAY be contingent
>        on whether the rdata is compressed: an obsolete type record MAY be
>        parsed as a known type if its rdata is uncompressed, but as an
>        unknown type otherwise.
> > 4. validators and signers SHOULD treat rdata for obsolete/deprecated types
>    as opaque with respect to canonical RR ordering and deduplication
> 


On the whole, I'm in favor of removing cruft from the specs wherever
possible, but I'm starting to question if decommissioning RRtypes
qualifies as low hanging fruit.

If we actually want to decommission these RRtypes, and building off your
starting point, I think the reasonable course of action needs to be this:

 1. Authoritative servers SHOULD warn when loading zones with obsolete
record types

 2. Resolvers MUST never send obsolete RRtypes in a compressed format.

 3. Signers MUST treat rdata as opaque

 4. Obsolete RRtypes MUST never be treated as a known-type with respect
to the wire protocol

 5. Resolvers MAY support legacy compression for received data for
backward compatibility if desired, but SHOULD warn if such information
is received. Compressed records MUST never be re-transmitted.

 6. Validators MAY attempt to to use legacy RR ordering and
de-duplication should validation. If legacy validation is required, the
validator SHOULD warn that it was needed to validate the RRSIGs.

In effect, we're basically saying, these RRtypes are now RFC 3597, with
the caveat that it's OK to try and use them as legacy says but it's not
required.

By specifically allowing resolvers to understand compressed records, but
never send them, it allows for the case that there may be people using
these RRtypes, but sets the standard going forward to treat them as RFC
3597. The special case of allowing compressed versions to be accepted
allows for backwards compatibility and notifying where things still need
to be updated.

Then it's essentially a matter of writing a new RFC that describes how
to handle sun-setting a RRtype, and what RRtypes have been put out to
pasture formally. Everyone can understand uncompressed RRtypes, and by
forcing decompression, and those who want to use these for legacy
RRtypes can.

New resolvers don't need to worry about it, and as resolvers get
upgraded, the special case in 5 goes away. For the small handful of
people actually using these types, life continues as long as their
resolver maintains legacy receiving support. New resolvers can just
treat them as RFC 3597.

Plus we now have a procedure if we want to obsolete any other RRtypes.

Michael