IETF Logo Mail Archive

Re: [dnssd] SRP deletes?

Michael Richardson <mcr+ietf@sandelman.ca> Sat, 24 August 2019 23:41 UTC

Return-Path: <mcr+ietf@sandelman.ca>
X-Original-To: dnssd@ietfa.amsl.com
Delivered-To: dnssd@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1993F1200D6 for <dnssd@ietfa.amsl.com>; Sat, 24 Aug 2019 16:41:56 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.2
X-Spam-Level:
X-Spam-Status: No, score=-4.2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id NzKw2sYo9B2E for <dnssd@ietfa.amsl.com>; Sat, 24 Aug 2019 16:41:53 -0700 (PDT)
Received: from tuna.sandelman.ca (tuna.sandelman.ca [IPv6:2607:f0b0:f:3:216:3eff:fe7c:d1f3]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B4C98120074 for <dnssd@ietf.org>; Sat, 24 Aug 2019 16:41:53 -0700 (PDT)
Received: from sandelman.ca (obiwan.sandelman.ca [209.87.249.21]) by tuna.sandelman.ca (Postfix) with ESMTP id 27F7738191; Sat, 24 Aug 2019 19:40:48 -0400 (EDT)
Received: from localhost (localhost [IPv6:::1]) by sandelman.ca (Postfix) with ESMTP id 5FA5D14; Sat, 24 Aug 2019 19:41:51 -0400 (EDT)
From: Michael Richardson <mcr+ietf@sandelman.ca>
To: Ted Lemon <mellon@fugue.com>
cc: DNSSD <dnssd@ietf.org>
In-Reply-To: <022060C3-45D1-4D36-8AC9-C582E4C29479@fugue.com>
References: <022060C3-45D1-4D36-8AC9-C582E4C29479@fugue.com>
X-Mailer: MH-E 8.6; nmh 1.7+dev; GNU Emacs 24.5.1
X-Face: $\n1pF)h^`}$H>Hk{L"x@)JS7<%Az}5RyS@k9X%29-lHB$Ti.V>2bi.~ehC0; <'$9xN5Ub# z!G,p`nR&p7Fz@^UXIn156S8.~^@MJ*mMsD7=QFeq%AL4m<nPbLgmtKK-5dC@#:k
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-="; micalg="pgp-sha256"; protocol="application/pgp-signature"
Date: Sat, 24 Aug 2019 19:41:51 -0400
Message-ID: <13320.1566690111@localhost>
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnssd/SoJ9cSgP5WRaMcymIQXiByXcYxg>
Subject: Re: [dnssd] SRP deletes?
X-BeenThere: dnssd@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Discussion of extensions to DNS-based service discovery for routed networks." <dnssd.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnssd>, <mailto:dnssd-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnssd/>
List-Post: <mailto:dnssd@ietf.org>
List-Help: <mailto:dnssd-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnssd>, <mailto:dnssd-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 24 Aug 2019 23:41:56 -0000

Ted Lemon <mellon@fugue.com> wrote:
    > I’ve been hacking on an SRP mDNS proxy, and I realized that we didn’t
    > actually specify a mechanism whereby a service can delete itself when
    > it goes away.  This means that once an advertisement is present, it
    > will be present until it expires.

If it's not a cool/useful name, then perhaps, who cares?

    > This isn’t how regular mDNS works: with regular mDNS, if the service
    > isn’t there anymore, it’s not advertised anymore, and indeed if there
    > is a clean shutdown, mDNSResponder will send a “goodbye” packet to let
    > any consumers of the service know that it’s not there anymore.   I
    > don’t really know how often it will be the case that there will be a
    > clean shutdown in an SRP client, but it seems to me that it’s probably
    > correct to specify this.

It seems that deleting an entry comes with more security risk that creating
them.  But, we have DNSSEC signatures, so it shouldn't be much of a problem.

    > What do people think about this?

    > Also, at present one of the characteristics of FCFS naming is that KEY
    > records are kept longer than other records, so that the name can be
    > held even when the service is not available.   So I’m thinking that a
    > service delete would generally leave the KEY record alone.

So, delete removes the name, but not the KEY RR, so the name can be reclaimed
much easier, and nobody else can take the name until it expires.

Are there two forms of delete then?  One of which deletes the KEY RR so that
it can be claimed by another.  Consider replacing the "printer".

If not that, then is there a mechanim where the new "printer" can put itself
in line to claim "printer" when the old holder expires. Until then, it is
printer-02 or some such?  The point is to facilitate the user who wants it
called "printer", but the old device is not quite gone yet.

--
Michael Richardson <mcr+IETF@sandelman.ca>, Sandelman Software Works
 -= IPv6 IoT consulting =-

v2.23.0 | Report a Bug | By Email