IETF Logo Mail Archive

Re: [DNSOP] Last Call: <draft-ietf-dnsop-refuse-any-07.txt> (Providing Minimal-Sized Responses to DNS Queries that have QTYPE=ANY) to Proposed Standard

Bob Harold <rharolde@umich.edu> Tue, 21 August 2018 17:20 UTC

Return-Path: <rharolde@umich.edu>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E9B1E130E2F for <dnsop@ietfa.amsl.com>; Tue, 21 Aug 2018 10:20:27 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=umich.edu
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6uH1ez2ujJHR for <dnsop@ietfa.amsl.com>; Tue, 21 Aug 2018 10:20:25 -0700 (PDT)
Received: from mail-lf1-x12c.google.com (mail-lf1-x12c.google.com [IPv6:2a00:1450:4864:20::12c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B7F71130FEE for <dnsop@ietf.org>; Tue, 21 Aug 2018 10:20:24 -0700 (PDT)
Received: by mail-lf1-x12c.google.com with SMTP id i7-v6so4577474lfh.5 for <dnsop@ietf.org>; Tue, 21 Aug 2018 10:20:24 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=umich.edu; s=google-2016-06-03; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=2PL2Qpdfl7q0w6Cbfi/VyGY/PGb04mfmcgKV6J7RPOw=; b=IJU4Gy4qjLWatx07Udhs9CrB3ab6nm3+ztcWrQvunRq9oGRZmKYqGWxamPO4QsI0E/ g+nuR/AXcJZNBjsNgCTejS6ecxCsiHc0n+fmv08XocNv14qUZSzx8lUNyXSBKlMC94lY UYTYbyJBQotTjeHgxRvcAIb7NUB9a9xXwNZpEtJWeoJF32EJ5xWxgl+Kc6odAltVgVSA JvuOJLd7s6gjbUnAiNOv1LcdtDcaqDcAzevl3AJFO7/+I11wi4lBwYHUY7W2k17oDZIS D9B4xa/mQ/3o1d5L8j77jnELuUgO8lIekX8kWs9gtRYf6BamNHhGhfcWe9GXcQB2q9zI ZX0g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=2PL2Qpdfl7q0w6Cbfi/VyGY/PGb04mfmcgKV6J7RPOw=; b=HYxBzxvoyGWsfUvnEqgNw+T3aKQyLy1zt8rejExX2I8N+1TsJiIB22PzOVl//GG4SY bEnkBLisN1TD7UOI4I+ldMZnHcgMSOSkgNjKbVW7nNbRW1Ko15nSkz/vttLbZEE2TiKV ojOpHMzPGkEVy+jov4/o2DHLy92utvEYrONlH3NekQ2eVcYLk49pbvFsoEgS3ofGdqVi WQDjVZzCak3eB1p2cLxlp4Ep6fOwDVtN34gi7JIB8kV3VlDMjglbW9k/NjAPAIc93yCQ Mxbc0KoUZap0YYdpqO3VXgQvivD44IXldDV3ItQ2fHsNCCaxs4C33NAf7xamIvh3xLGy pMvg==
X-Gm-Message-State: AOUpUlElFoRPpQZyqqbGit9uF5saSESeA0vDqBakxWsCW9aITOFq0zZQ 7SG33pz0nHDqjIwqcdAlqH8SPc0mwld74LsdYAerBQ==
X-Google-Smtp-Source: AA+uWPz4rYCVbqLVnegSjg3SzthgknWoPvqpXRABGrtjEVmXHosomMFhBFJQoJmv5WSFzmaeBagmhL/FZW9YS1KRwA0=
X-Received: by 2002:a19:b2c8:: with SMTP id t69-v6mr7685770lfk.105.1534872022915; Tue, 21 Aug 2018 10:20:22 -0700 (PDT)
MIME-Version: 1.0
References: <153486715184.9380.13157158969854115906.idtracker@ietfa.amsl.com> <CA+9kkMCp3e8SPwLdFHjDjPWRPrNMwdO8SqtGA1Zfm=GBTBjaPA@mail.gmail.com> <CAN6NTqyD4AOSHXWB1GMmFbEwuP9h2Q0Q7JN7=EWxojnzbey8gA@mail.gmail.com> <alpine.LRH.2.21.1808211302580.20934@bofh.nohats.ca> <CA+9kkMB6VP_O+ogORzbTfKruR-u53z2aKGSxPYUx4Rn1v=Nz=A@mail.gmail.com>
In-Reply-To: <CA+9kkMB6VP_O+ogORzbTfKruR-u53z2aKGSxPYUx4Rn1v=Nz=A@mail.gmail.com>
From: Bob Harold <rharolde@umich.edu>
Date: Tue, 21 Aug 2018 13:20:11 -0400
Message-ID: <CA+nkc8CDXnQr66s3GXvAWcbYhxQUjOFn=4pXeHLZB+irGhgUYQ@mail.gmail.com>
To: ted.ietf@gmail.com
Cc: Paul Wouters <paul@nohats.ca>, draft-ietf-dnsop-refuse-any@ietf.org, IETF DNSOP WG <dnsop@ietf.org>, dnsop-chairs@ietf.org, ietf@ietf.org, olafur=40cloudflare.com@dmarc.ietf.org
Content-Type: multipart/alternative; boundary="000000000000b3adae0573f53d9c"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/zPuV5ET7vRhHpQSIqdNXQqAfo4s>
Subject: Re: [DNSOP] Last Call: <draft-ietf-dnsop-refuse-any-07.txt> (Providing Minimal-Sized Responses to DNS Queries that have QTYPE=ANY) to Proposed Standard
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.27
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 21 Aug 2018 17:20:28 -0000

On Tue, Aug 21, 2018 at 1:10 PM Ted Hardie <ted.ietf@gmail.com> wrote:

> On Tue, Aug 21, 2018 at 10:03 AM, Paul Wouters <paul@nohats.ca> wrote:
>
>> On Tue, 21 Aug 2018, Ólafur Guðmundsson wrote:
>>
>> Ted, Would it be acceptable to just do
>>> s/TCP/Connection oriented Transport/
>>>
>>
>> For RFC 7901 we used "source-IP-verified transport"
>>
>>
> If this is the only characteristic that the working group believes will
> cause variance in ANY responses, then reusing this terminology seems fine.
> I suspect, however, that it is not  the only characteristic that will in
> practice.  I can easily imagine cases where ANY returns full answers when
> the transport is confidential and minimal ones when it is not.
>
> I have absolutely no data to back this intuition, though, so I will
> understand if the working group and authors disagree.
>
> regards,
>
> Ted Hardie
>
>
>> Paul
>
>
As I see it, the data is 'public' in the sense that any other client could
also request "ANY" over a confidential transport and get the same info, so
I don't see why the server would care that the transport is confidential.
It only protects the privacy of the client.
Preventing amplification, or unnecessary traffic in general, is the basic
use case that I see.

-- 
Bob Harold

v2.23.0 | Report a Bug | By Email