Re: [dnssd] Please review substantive changes to Update Lease
Tim Wicinski <tjw.ietf@gmail.com> Thu, 02 February 2023 23:05 UTC
Return-Path: <tjw.ietf@gmail.com>
X-Original-To: dnssd@ietfa.amsl.com
Delivered-To: dnssd@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 54A55C15152F for <dnssd@ietfa.amsl.com>; Thu, 2 Feb 2023 15:05:09 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.095
X-Spam-Level:
X-Spam-Status: No, score=-7.095 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id gyvcx6JygQXq for <dnssd@ietfa.amsl.com>; Thu, 2 Feb 2023 15:05:05 -0800 (PST)
Received: from mail-ej1-x634.google.com (mail-ej1-x634.google.com [IPv6:2a00:1450:4864:20::634]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id ED4E1C151527 for <dnssd@ietf.org>; Thu, 2 Feb 2023 15:05:04 -0800 (PST)
Received: by mail-ej1-x634.google.com with SMTP id hx15so10472016ejc.11 for <dnssd@ietf.org>; Thu, 02 Feb 2023 15:05:04 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=cM/Wez8vDqr212MTX2nUoO3F9p9sDoUT6ZxgwLLdbaY=; b=em5gRmzy6QTVh3TlnrAAoEh/Szjr/yd58ctBmDLp4HqjS/Qd3PdByKNAigW0ywUjzX Lz5csn2FIDtmxiEaUtPQxH1hVGXu8xHzPp2ih4DHI4yu1QjSZwNE+tT9gI07teAgcQEZ kth+1vGlbsE1I79nS8MRfeU+BTsFrryhqE2IaMXylRRrojUXuubPGucblkqqrctXxA84 Y4oIWdmV8HZqKb2KaS5gJxpaZuw/F3DBKiitXf3QJNMw7vZh3WR0Idj3iujsR8rhMy7r bXa5/zPjsPlsg6Jmkz9zt8h0NfD8KAFEC4JREfN1r+wNWglZGRWFQZVEQs1WyBdSznG5 HvPA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=cM/Wez8vDqr212MTX2nUoO3F9p9sDoUT6ZxgwLLdbaY=; b=Ru14HD/lu+VYPlA5wdkRhTBAR9dndqGCb59u+QIMDB2EZsQrfWDADP54rCFQQnzZIj M7HXVfsU/bSHAXK7V2+H4tlEDW/yGQU+IFiU8z7GF1NAVCKSFaoG4PkF7nzpDJGQ+GIx mScf2aCcCdPwcM6581rRMJfFv/+TScTb3FuN0cAf+x6W7q0cBWpyiVlZzEN/QP4RTCOU lUw7Sag8sR0F26PcG1n+uI3DR7J8/x5P/FAc+wu8O357EtFssddeevPztYnp52fnE0a7 YQcNKqW/QGJh/wdv8x9Emkbc/mt4VVe/FLPhM+UJOJawQN36ZIdCTE3Wcpa77O2fKyc4 2B/A==
X-Gm-Message-State: AO0yUKWPt0EPAmZEsBGNyn7XQzSRtnqAc8KZ0Fbb4nVZD6OyJg0D/rwX d4G5P1yPMznoS1FFLEuOqZa+6YgGRXe8HgDWXpQ=
X-Google-Smtp-Source: AK7set+EvgoD9qZzYjkZsxEDTHkGBJL0EZgXbmSkzhUncKk66ZxZbcRoamNq6Ix1oFX7tNmQGNythBTU3tOkM/chwfk=
X-Received: by 2002:a17:907:9917:b0:878:5f93:e797 with SMTP id ka23-20020a170907991700b008785f93e797mr1982639ejc.4.1675379103375; Thu, 02 Feb 2023 15:05:03 -0800 (PST)
MIME-Version: 1.0
References: <CAPt1N1mZ9+o5vZ3Ut7RH6hdQgQsQqxz36uvyT+7H7GFPyHz1Fg@mail.gmail.com> <CACJ6M179+Rf+Qw-t7P+xKNQeRYcfRma_YRyT3Ayy-Osu8rcgsQ@mail.gmail.com> <CADyWQ+F1-nj5dx7bEAWkUQ9TmNf9pLCQccERi9YzLAiyyQqycw@mail.gmail.com> <CAPt1N1n0FgHzEA=cj_rK_-AEzRzwAsV95-Wrv5gcawbsyspR=g@mail.gmail.com> <CAPt1N1kfQ4wVyLTs0+-5xxCi-pxJJtwDmVnrGVpasWTr0G3+rQ@mail.gmail.com>
In-Reply-To: <CAPt1N1kfQ4wVyLTs0+-5xxCi-pxJJtwDmVnrGVpasWTr0G3+rQ@mail.gmail.com>
From: Tim Wicinski <tjw.ietf@gmail.com>
Date: Thu, 02 Feb 2023 18:04:51 -0500
Message-ID: <CADyWQ+FNOZsN49NcHKXhcQUnp8bJPrPqC=R05wRpOPSKmXi3Gg@mail.gmail.com>
To: Ted Lemon <mellon@fugue.com>
Cc: Chris Box <chris.box.ietf@gmail.com>, dnssd <dnssd@ietf.org>
Content-Type: multipart/alternative; boundary="00000000000052267105f3bf98ad"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnssd/VCerC8-L8TQDGN5FDpyLaDjBbHI>
Subject: Re: [dnssd] Please review substantive changes to Update Lease
X-BeenThere: dnssd@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Discussion of extensions to DNS-based service discovery for routed networks." <dnssd.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnssd>, <mailto:dnssd-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnssd/>
List-Post: <mailto:dnssd@ietf.org>
List-Help: <mailto:dnssd-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnssd>, <mailto:dnssd-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 02 Feb 2023 23:05:09 -0000
Aha Ted - you mean here https://github.com/dnssd-wg/draft-ietf-dnssd-update-lease/issues (I'm a little slow sometimes) On Thu, Feb 2, 2023 at 6:01 PM Ted Lemon <mellon@fugue.com> wrote: > I have added issues in the tracker for the points that you and Chris have > raised. > > On Thu, Feb 2, 2023 at 2:51 PM Ted Lemon <mellon@fugue.com> wrote: > >> On Thu, Feb 2, 2023 at 2:40 PM Tim Wicinski <tjw.ietf@gmail.com> wrote: >> >>> When sending an initial update, the requestor MUST delay the initial >>>>> transmission by a random amount of time across the range of 0-3000 >>>>> milliseconds, with a granularity of no more than 10 milliseconds. This >>>>> prevents synchronization of multiple devices of the same type at a site >>>>> upon recovery from a power failure. This requirement applies only to the >>>>> initial update on startup: since renews include a random factor as well, >>>>> any synchronization that occurs after such an event should quickly >>>>> normalize. >>>> >>>> >>>> My personal thought on this, wearing no hats, is to wonder how >>>> realistic is 10ms accuracy for a low-power device? I understand the >>>> rationale, which is to permit 300 different slots in which the transmission >>>> could occur. However I wonder if the granularity ought to be a softer >>>> requirement. Views from implementers needed. >>>> >>> >>> I figure folks are also considering the more and more movement to PTP on >>> devices in general. >>> >> >> What does "PTP" stand for? >> >> >>> This sentence seems wonky: >>> >>> If the requestor uses UDP, the requestor MUST NOT coalesce Refresh >>> messages if doing so would cause truncation of the message; >>> in this case, the requestor should either send multiple messages should >>> use TCP to send the entire update at once. >>> >>> Maybe "or should use TCP to send the entire update"? >>> >> >> Grammar is hard. >> >> >>> Finally, section 8's security considerations are rewritten and greatly >>>> expanded. The commit was >>>> https://github.com/dnssd-wg/draft-ietf-dnssd-update-lease/pull/19/files >>>> . >>>> >>>> Section 8 <https://rfc-editor.org/rfc/rfc2136#section-8> of [RFC2136 >>>>> <https://www.ietf.org/archive/id/draft-ietf-dnssd-update-lease-04.html#RFC2136>] >>>>> describes problems that can occur around DNS updates. Servers implementing >>>>> this specification should follow these recommendations. >>>>> Several additional issues can arise when relying on Update Lease. >>>>> First, a too-long lease time is not much different than no lease time: the >>>>> records associated with this lease time will effectively never be cleaned >>>> >>>> >>> "Several additional issues can arise when relying on Update Lease." >>> >>> could this be "when relying on an Update Lease"? >>> >> >> Hm, maybe so. I was referring to the document, but that's probably not >> correct. >> >> >>> up. Servers implementing Update Lease should have a default upper bound >>>>> on the maximum acceptable value both for the LEASE and KEY-LEASE values >>>>> sent by the client. Servers MAY provide a way for the operator to change >>>>> this upper limit. We recommend that the default values for these limits >>>>> should be 24 hours and 7 days, respectively. >>>>> The second issue is that a too-short lease can result in increased >>>>> server load and a failure to persist data subject to such a short lease. >>>>> Servers implementing Update Lease MUST have a default minimum lease >>>> >>>> >>> This sentence reads odd to me (but this could be me). >>> >>> The second issue is that a lease which is too short can result in >>> increased server load and a failure to persist data for such a lease. >>> >> >> OK. >> >> Key management strategy is out of scope for this document, however. >>> >>> Can we drop the "however"? It just is. >>> >> >> Be or be not. There is no try. >> >> thanks for grinding this out Ted >>> >> >> :) >> >
- [dnssd] New version of Update Lease Ted Lemon
- [dnssd] Please review substantive changes to Upda… Chris Box
- Re: [dnssd] Please review substantive changes to … Ted Lemon
- Re: [dnssd] Please review substantive changes to … Tim Wicinski
- Re: [dnssd] Please review substantive changes to … Ted Lemon
- Re: [dnssd] Please review substantive changes to … Ted Lemon
- Re: [dnssd] Please review substantive changes to … Tim Wicinski
- Re: [dnssd] Please review substantive changes to … Ted Lemon
- Re: [dnssd] Please review substantive changes to … Tim Wicinski
- Re: [dnssd] Please review substantive changes to … Tim Wicinski
- Re: [dnssd] Please review substantive changes to … Ted Lemon