Re: [dnsoverhttp] [Ext] Caching model

Ben Schwartz <bemasc@google.com> Tue, 31 October 2017 01:40 UTC

Return-Path: <bemasc@google.com>
X-Original-To: dnsoverhttp@ietfa.amsl.com
Delivered-To: dnsoverhttp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3206513FBF0 for <dnsoverhttp@ietfa.amsl.com>; Mon, 30 Oct 2017 18:40:06 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.7
X-Spam-Level:
X-Spam-Status: No, score=-2.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=google.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6pLuJoJesyia for <dnsoverhttp@ietfa.amsl.com>; Mon, 30 Oct 2017 18:40:04 -0700 (PDT)
Received: from mail-vk0-x22b.google.com (mail-vk0-x22b.google.com [IPv6:2607:f8b0:400c:c05::22b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 01DBC1394F5 for <dnsoverhttp@ietf.org>; Mon, 30 Oct 2017 18:40:04 -0700 (PDT)
Received: by mail-vk0-x22b.google.com with SMTP id t184so9376841vka.6 for <dnsoverhttp@ietf.org>; Mon, 30 Oct 2017 18:40:03 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=IimyJnL1HFF6onPT9DXZch8K0qh8IpPHVk7E6SCLXrw=; b=Wdv08lOQU//RKOjQJIP3bDvyPL69GhZ22aPxgDwO1CQVbaS/PSRuIDz86iifqXLoYi LSlgKXAePRJuO4UAu1s/nX3guUKLJyQdYehl6RkH9+TObyAlE7JWqGfqZwiAO8+ECF2Q PHpoZEQABtmTX32/kpQFl8VM71XfcgJMhvclBZPbNw9Vjux+0Qg5xdu9IXxLpZB0DTda d6u5lkf5mEl63nXWwZIPcEcoKWNJX6eaCZyo9AzNwcLpvXyQZx7Xgm3c3Y6Gkfc7X2LK DapBdQfOHbfHOg4WDXQ2O1yXfASb/T9rb53z1ppyWX+lKZk7CByw2qBIiTUtPs13QiSj JIBQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=IimyJnL1HFF6onPT9DXZch8K0qh8IpPHVk7E6SCLXrw=; b=mM4mGocNcbB7yWYbCaeJdcQeit+jgR2JMPBeBq9QgxaSYBsRuQeEU93LukRsRQxNsC kg7CF4kryHBq2tZxYXfiv+Ek0/ABjrBQuYtCmijiPfSyAe+tgb4hXH0+b34sZrC6HdYq vhQ9KdWe2zLvqVAX92X8hRAkO5AlA5VHZAvlX8Y502qxX3S4/h+zKSLpDYuZvUxJ3JcB mfhkrNWn6hUVMEhjlCjqUQRhcBjIKBzPKwgBjT1pVLZmxKuGG95uqwX017jk5VtPt4gF ILytPqQEpNz8a1mkjZEQfDB8c0QIQjutKVfQtXhuV85lMD3azYYgsGwKFGyIkFllhTTy oD7w==
X-Gm-Message-State: AMCzsaV7N1zpuYqM3o8wVzd99BfwSaD7szNC2vGDjOsu7R8DEsoJy/Yf 7F1KtJFCTNrobeaqSTjVj8MTBMlYhPpOr/6qp+47KA==
X-Google-Smtp-Source: ABhQp+TJVK10ltPpEvToPpWgjyk9bhMLXWbkOnLe8neAppIhR7skG6+jdk7Oi3ay3vM/sXfN6GoFVyZGvht4WSwducc=
X-Received: by 10.31.102.129 with SMTP id a123mr172790vkc.27.1509414002675; Mon, 30 Oct 2017 18:40:02 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.31.170.145 with HTTP; Mon, 30 Oct 2017 18:40:02 -0700 (PDT)
In-Reply-To: <CABkgnnVGLYLZ=wgQr0540xQJTCELhZFCpAvkQPiWLLX65qY++w@mail.gmail.com>
References: <CABkgnnU_5Q6BOxf+HzpuCSkb8OG5i0sgqyF9UEr9VRyDvd5s7w@mail.gmail.com> <1AC5B9DB-3439-4CE5-97D0-993411E131EF@icann.org> <CABkgnnUEhJ2x5FcFKuyiri8=ZirDz9PaBD8MsHPoMD0O2Wjgiw@mail.gmail.com> <480066BC-A3D7-425F-A306-F2DB2CFA7AFA@icann.org> <CABkgnnVGLYLZ=wgQr0540xQJTCELhZFCpAvkQPiWLLX65qY++w@mail.gmail.com>
From: Ben Schwartz <bemasc@google.com>
Date: Mon, 30 Oct 2017 21:40:02 -0400
Message-ID: <CAHbrMsCLR6rT0ktkREsftmsgx=CdgC=ZJQVQ35zMUp834o6a4Q@mail.gmail.com>
To: Martin Thomson <martin.thomson@gmail.com>
Cc: Paul Hoffman <paul.hoffman@icann.org>, "dnsoverhttp@ietf.org" <dnsoverhttp@ietf.org>
Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg=sha-256; boundary="001a114e01647b4a30055ccdd5aa"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsoverhttp/RIMCuwbNe5gtdY4qLb1RknLSo_g>
Subject: Re: [dnsoverhttp] [Ext] Caching model
X-BeenThere: dnsoverhttp@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Discussion of DNS over HTTP <dnsoverhttp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsoverhttp>, <mailto:dnsoverhttp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsoverhttp/>
List-Post: <mailto:dnsoverhttp@ietf.org>
List-Help: <mailto:dnsoverhttp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsoverhttp>, <mailto:dnsoverhttp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 31 Oct 2017 01:40:06 -0000

This is not the working group list!

Conveniently that means that I am not chair here, so I can have opinions.

I like the idea of zeroing out the TTL on the wire, and converting the TTL
into an HTTP Expires header.  If the client is using HTTP caching, it can
leave the TTL at zero.  Otherwise, it should reconstitute the DNS TTL from
the Expires header.

On Mon, Oct 30, 2017 at 9:33 PM, Martin Thomson <martin.thomson@gmail.com>
wrote:

> On Tue, Oct 31, 2017 at 1:12 AM, Paul Hoffman <paul.hoffman@icann.org>
> wrote:
> > Are you saying that the DNS API client might be keeping its own cache
> with timeouts?
>
> Well, my DNS library does today.  We might do as Mark suggests, and
> take steps to disable that, but that might not be the easiest way to
> integrate DOH into an existing stack.  If I wanted to retrofit my
> operating system so that gethostbyname() used HTTPS, then that is
> (apparently) possible by replacing the protocol-y bits of the code.
> But it might be too disruptive to disable caching.  Maybe someone who
> has had hands on there can speak to that.
>
> _______________________________________________
> dnsoverhttp mailing list
> dnsoverhttp@ietf.org
> https://www.ietf.org/mailman/listinfo/dnsoverhttp
>