Re: [DNSOP] AD review of draft-ietf-dnsop-serve-stale-07
Puneet Sood <puneets@google.com> Wed, 18 September 2019 15:14 UTC
Return-Path: <puneets@google.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E3517120948 for <dnsop@ietfa.amsl.com>; Wed, 18 Sep 2019 08:14:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -17.5
X-Spam-Level:
X-Spam-Status: No, score=-17.5 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, ENV_AND_HDR_SPF_MATCH=-0.5, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5, USER_IN_DEF_SPF_WL=-7.5] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=google.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id j47pEQaGuael for <dnsop@ietfa.amsl.com>; Wed, 18 Sep 2019 08:14:22 -0700 (PDT)
Received: from mail-wm1-x334.google.com (mail-wm1-x334.google.com [IPv6:2a00:1450:4864:20::334]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E21CC12094A for <dnsop@ietf.org>; Wed, 18 Sep 2019 08:14:21 -0700 (PDT)
Received: by mail-wm1-x334.google.com with SMTP id x2so554428wmj.2 for <dnsop@ietf.org>; Wed, 18 Sep 2019 08:14:21 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=Yl8PbR1gu0alX1D5r7HcnXYSHGsQ4bSRdfsulu03sYw=; b=oglTdcDuzgxxuwMjag9Jv4amrrpd/2MPnpZtuq/DJeZ1tm+5VHUQ98fjXFQZM4TdJJ AjMn0TmmqKFd7MLiHCuJwNt9MN8fsAmR3SC7TmvVO0OrOHyolvKjjhEywshJJ5gDVou7 aWR9cIwxb74mKd+dwNmwUFSIbfUjiRma3U92gQtCOH2/UdUp0ULGey8mhRTZXFzAYDGh CJiQVDLhbkdUwmDu5WfNQe1cG4kmAZj9x0zuqwOyGPxXpZ50FXVpaw5FRQAcsXJ4jyPR 000/EjoqqN4cKXXBwFZw9jwqMG0O9DxCUnCof1UjSyzDYTAcc/UqOflLANxAC9RB9ZMp T4gA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=Yl8PbR1gu0alX1D5r7HcnXYSHGsQ4bSRdfsulu03sYw=; b=bJqrz65Gyx+xi8sLCQB62XR81JbZSQAzBNKGAPJG4tN7/3LkA71LXrofHzNErKwVM8 QoyajFVbqPTaKKQBICMOacfNyQ+Y/EpT16o9sh0isGH0+cC6U9K5cEiAmAYqWsHMwidI AbfDFQwIld5g2JMaglmX7+BeAGalIcZ3Ggr0zP5G/IBFNyG8mMT26Uirt7b00zbOIuK3 Z5BE54IQSi4GsLBdhYgRFV9NlFOpZitJ8UfHNEo8f6Wspk9pK9vGBj6jYjLTUu9PbGeM 24Zsyq933XpwbDTolq14FD0otCcO9laD8X1xUlfTxPj/U+gceToVxadre8fBLfD1YKmW +7uQ==
X-Gm-Message-State: APjAAAUfjN5zBD7mybk01rdIBl+FGhA1XJuQAegh3mQKFOyXv12St8O4 UJKVkV+vDxm1BbeGVfTEst1/LiJy8RJoZVZcZ4/98A==
X-Google-Smtp-Source: APXvYqwOjmJO4XUUEHllPrg/0JYrA6ENCA5kLJF9ZOeskcbzSeOCASSeoWj+qPDRh7sztIf75yknXd7TDFt21H1Up+I=
X-Received: by 2002:a1c:9e46:: with SMTP id h67mr3451048wme.48.1568819660039; Wed, 18 Sep 2019 08:14:20 -0700 (PDT)
MIME-Version: 1.0
References: <CALaySJK1kMuOmN-1nXgJKQVvOeF8pvphCJ3sCsyZNbLSANEFng@mail.gmail.com> <20190914122918.oqgl22xzbegajlhw@sources.org> <CALaySJ+x2vMW3R0m+PES-BjqrPQ-wuZWfFO2nrnME-uxHzHptQ@mail.gmail.com>
In-Reply-To: <CALaySJ+x2vMW3R0m+PES-BjqrPQ-wuZWfFO2nrnME-uxHzHptQ@mail.gmail.com>
From: Puneet Sood <puneets@google.com>
Date: Wed, 18 Sep 2019 11:14:07 -0400
Message-ID: <CA+9_gVvKspAAJe5UgUq_m7-bEb4_AoqocEozV2_uEL2pq_jApg@mail.gmail.com>
To: Barry Leiba <barryleiba@computer.org>
Cc: Stephane Bortzmeyer <bortzmeyer@nic.fr>, draft-ietf-dnsop-serve-stale.all@ietf.org, IETF DNSOP WG <dnsop@ietf.org>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/unysNbCEzaeaAGBwn6eANvcw2sE>
Subject: Re: [DNSOP] AD review of draft-ietf-dnsop-serve-stale-07
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 18 Sep 2019 15:14:25 -0000
On Sat, Sep 14, 2019 at 8:46 AM Barry Leiba <barryleiba@computer.org> wrote: > > > > I wonder if it makes sense to be more explicit here that one isn’t > > > meant to keep using expired data forever, but is expected to keep > > > trying to refresh it. So, maybe?: > > > > > > NEW > > > If the data is unable to be > > > authoritatively refreshed when the TTL expires, the record MAY be > > > used as though it is unexpired until an authoritative refresh is > > > successful. > > > END > > > > I think your proposed text is worse since it contradicts the current > > draft, which limits the time during which you can serve stale answers > > "The maximum stale timer should be configurable, and defines the > > length of time after a record expires that it should be retained in > > the cache. The suggested value is between 1 and 3 days. [Even if you > > cannot contact the authoritative servers, my note.]" > > Yes, true. So maybe add "for a period of time or" before "until" in > my suggestion. Or see if you can come up with better wording. If you > really think it doesn't need to be qualified here because the rest of > the document takes care of it, I won't push it further. I just think > it best to say *something* here that doesn't make it sound like an > entirely open-ended "MAY". I would prefer to not make the text in this paragraph too long since other sections go into detail on the conditions when the stale data can still be used. How about the following? "If the data is unable to be authoritatively refreshed when the TTL expires, the record MAY be used as though it is unexpired as long as certain conditions are met. See the Example Method and Implementation Considerations sections for details." > > > > Is another possible new security consideration that bad actors could > > > DDoS authoritative servers with the explicit intent of having stale > > > cached information used for longer, perhaps to extend the life of a > > > cache-poisoning attack or some such? > > > > Yes, seems right. Also reported by Viktor Dukhovni during the last > > call. May be add at the end of section 10 "Attackers could be incited > > to dDoS authoritative servers with the explicit intent of having stale > > cached information used for longer. But if they have this capacity, > > they probably could do much worse things than prolongating old data." > > Other than that "prolongating" isn't a word (use "prolonging the life > of"), that's probably OK. Maybe add that the benefit outweighs the > risk, or some such, and then we'll see what the Sec ADs think. Added wording in the second paragraph of the Security Considerations section. -Puneet > > Barry > > > Barry
- [DNSOP] AD review of draft-ietf-dnsop-serve-stale… Barry Leiba
- Re: [DNSOP] AD review of draft-ietf-dnsop-serve-s… Stephane Bortzmeyer
- Re: [DNSOP] AD review of draft-ietf-dnsop-serve-s… Barry Leiba
- Re: [DNSOP] AD review of draft-ietf-dnsop-serve-s… Puneet Sood
- Re: [DNSOP] AD review of draft-ietf-dnsop-serve-s… Puneet Sood
- Re: [DNSOP] AD review of draft-ietf-dnsop-serve-s… Barry Leiba