Re: [DNSOP] opportunistic semi-authoritative caching (Re: DNSOP Call for Adoption - draft-tale-dnsop-serve-stale)

Paul Vixie <paul@redbarn.org> Sat, 09 September 2017 19:22 UTC

Return-Path: <paul@redbarn.org>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 67B3A132925 for <dnsop@ietfa.amsl.com>; Sat, 9 Sep 2017 12:22:21 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id nRjBejovfDMp for <dnsop@ietfa.amsl.com>; Sat, 9 Sep 2017 12:22:20 -0700 (PDT)
Received: from family.redbarn.org (family.redbarn.org [24.104.150.213]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7C2F61321DE for <dnsop@ietf.org>; Sat, 9 Sep 2017 12:22:20 -0700 (PDT)
Received: from [10.199.2.125] (unknown [50.235.236.73]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client did not present a certificate) by family.redbarn.org (Postfix) with ESMTPSA id 8A2E261FA2; Sat, 9 Sep 2017 19:22:19 +0000 (UTC)
Message-ID: <59B43F69.5060901@redbarn.org>
Date: Sat, 09 Sep 2017 12:22:17 -0700
From: Paul Vixie <paul@redbarn.org>
User-Agent: Postbox 5.0.19 (Windows/20170908)
MIME-Version: 1.0
To: Evan Hunt <each@isc.org>
CC: dnsop@ietf.org, Joe Abley <jabley@hopcount.ca>
References: <59B1F467.9010308@redbarn.org> <FAC87A99-5558-4369-ADC0-57E2B7BF0429@hopcount.ca> <8183111.Lxug4lBFgO@localhost.localdomain> <20170909003248.GD44967@isc.org> <59B34758.8020105@redbarn.org> <20170909024918.GA48842@isc.org> <59B408D8.1050608@redbarn.org> <20170909180608.GA54580@isc.org>
In-Reply-To: <20170909180608.GA54580@isc.org>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/yx37iJW9wh2goqeRsvUFxAFIvk8>
Subject: Re: [DNSOP] opportunistic semi-authoritative caching (Re: DNSOP Call for Adoption - draft-tale-dnsop-serve-stale)
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 09 Sep 2017 19:22:21 -0000


Evan Hunt wrote:
> On Sat, Sep 09, 2017 at 08:29:28AM -0700, Paul Vixie wrote:
>> rpz is a defense. it assumes that the content owner is trying to hurt
>> me. it is therefore one step away from being an attack, and is in any
>> case, not an attack.
>
> Sure.  And TTL stretching assumes the content owner is a fellow victim,
> and someone is trying to hurt both of us by making their site inaccessible
> to me.  Both are lies; both have a defensible moral justification.

the content owner may have good and specific reasons for the TTL they 
chose, and using that data for longer than that period may be harmful, 
and must be presumed to be harmful unless explicit signaling is added to 
let the content owner specify otherwise.

autonomous, coherent, reliable, distributed: pick four.

-- 
P Vixie