IETF Logo Mail Archive

[dnssd] Re: WGLC for draft-ietf-dnssd-multi-qtypes

Ray Bellis <ray@bellis.me.uk> Mon, 07 July 2025 08:50 UTC

Return-Path: <ray@bellis.me.uk>
X-Original-To: dnssd@mail2.ietf.org
Delivered-To: dnssd@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1]) by mail2.ietf.org (Postfix) with ESMTP id 7EDC03F94641 for <dnssd@mail2.ietf.org>; Mon, 7 Jul 2025 01:50:56 -0700 (PDT)
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: mail2.ietf.org (amavisd-new); dkim=pass (1024-bit key) header.d=portfast.net
Received: from mail2.ietf.org ([166.84.6.31]) by localhost (mail2.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LmzieEF2anv0 for <dnssd@mail2.ietf.org>; Mon, 7 Jul 2025 01:50:55 -0700 (PDT)
Received: from mail.portfast.net (mail.portfast.net [IPv6:2a03:9800:20:1::2]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by mail2.ietf.org (Postfix) with ESMTPS id 99FCA3F945E4 for <dnssd@ietf.org>; Mon, 7 Jul 2025 01:50:26 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=portfast.net; s=dkim; h=Content-Transfer-Encoding:Content-Type:In-Reply-To: From:References:To:Subject:MIME-Version:Date:Message-ID:Sender:Reply-To:Cc: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=gHTOWBp7CrfMjY3NCvw4WBSPn2ngQW+i6Jeru9ZL48Q=; b=kXl+nFpCs+RN3HSVV0+Ii8NrzC OCBycUb+XfwWWQ9cJWTnTvfpvE2aN5dWxtdIOjnpIAn9U1R6CIcA+5tv1ZyCgPeuIySJ2r39d/mki GwUf46591U3ndcahdVEi8+0ASNp+lrbcT3Pg242t9jV87B7Je8yV07i/oC93i6Aq+CcA=;
Received: from [2a10:8702:d:5400:35db:d902:9190:5fef] (port=57887) by mail.portfast.net ([2a03:9800:20:1::2]:465) with esmtpsa (fixed_plain:ray@bellis.me.uk) (TLS1.3:ECDHE_X25519__RSA_PSS_RSAE_SHA256__AES_128_GCM:128) id 1uYhYP-007t1L-1J (Exim 4.96) for dnssd@ietf.org (return-path <ray@bellis.me.uk>); Mon, 07 Jul 2025 09:50:25 +0100
Message-ID: <9e8e20f8-912b-4aa3-9eaf-0532bfa98d75@bellis.me.uk>
Date: Mon, 07 Jul 2025 09:50:24 +0100
MIME-Version: 1.0
User-Agent: Mozilla Thunderbird
Content-Language: en-GB
To: dnssd@ietf.org
References: <87frgk46zp.fsf@x395.home.narrans.de> <003f01dbdf0f$be9c7630$3bd56290$@gmail.com>
From: Ray Bellis <ray@bellis.me.uk>
In-Reply-To: <003f01dbdf0f$be9c7630$3bd56290$@gmail.com>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 7bit
Message-ID-Hash: 2SMVK4J2KXJ32AXYA7XII46OTABRNMVB
X-Message-ID-Hash: 2SMVK4J2KXJ32AXYA7XII46OTABRNMVB
X-MailFrom: ray@bellis.me.uk
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-dnssd.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [dnssd] Re: WGLC for draft-ietf-dnssd-multi-qtypes
List-Id: "Discussion of extensions to DNS-based service discovery for routed networks." <dnssd.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnssd/EiUU0yB0kY7ikijeUq1LgY5TG_U>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnssd>
List-Help: <mailto:dnssd-request@ietf.org?subject=help>
List-Owner: <mailto:dnssd-owner@ietf.org>
List-Post: <mailto:dnssd@ietf.org>
List-Subscribe: <mailto:dnssd-join@ietf.org>
List-Unsubscribe: <mailto:dnssd-leave@ietf.org>


On 2025/06/16 23:41, tojens.ietf@gmail.com wrote:

> (1) It seems to go without saying, but Section 3.3 for Client 
> Response Processing never actually says that clients MUST/SHOULD NOT 
> cache record types it receives that it didn't request. Should we? It 
> seems like an attack vector if we are treating this response as the 
> set as if every type was the QTYPE. This is expected for meta types, 
> but in the case of querying for {AAAA, SVCB}, no client would expect 
> A records to come back which could be cache poisoning for a name 
> that was intended to be IPv6-only.

Responses *often* contain records that were not for the specific type 
requested, e.g. CNAME chains, NSEC records, etc.   There's also the 
example of proposals such as SRV automatically returning the A / AAAA 
records associated with the hostnames in the SRV.

I'd have to defer to an actual implementor, but I expect the normal 
implementation would be for a resolver to look in the question section 
for the types it actually asked for, any other records that are 
necessary for the answer, and ignore any others.

I'm therefore unsure how to handle this one, if at all.

> (2) The security considerations section acknowledges the 
> amplification attack this could enable, but it does not mention what 
> Section 3.3's first bullet says about the server choosing to not 
> process a request because it had too many types. I think it should 
> in the spirit of giving obvious advice to implementors as it is 
> currently implied but not stated. In fact, Section 3.2.2's 
> normatives don't leave much room for an RFC novice to read "but you 
> can also choose to defend against complex queries" from it.

I've added this text to the Security Considerations:

"Implementors SHOULD allow operators to configure limits on the number
of QTx values specified and/or the resulting response size."

I've also updated the draft to include the new IANA registrations.

Ray

v2.35.0 | Report a Bug | By Email | System Status