IETF Logo Mail Archive

Re: [dnssd] WGLC for draft-ietf-dnssd-update-lease

Ted Lemon <mellon@fugue.com> Wed, 12 October 2022 13:42 UTC

Return-Path: <mellon@fugue.com>
X-Original-To: dnssd@ietfa.amsl.com
Delivered-To: dnssd@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 13824C14F6E7 for <dnssd@ietfa.amsl.com>; Wed, 12 Oct 2022 06:42:48 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.905
X-Spam-Level:
X-Spam-Status: No, score=-6.905 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=fugue-com.20210112.gappssmtp.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KCjRbTvHCfh4 for <dnssd@ietfa.amsl.com>; Wed, 12 Oct 2022 06:42:44 -0700 (PDT)
Received: from mail-yb1-xb34.google.com (mail-yb1-xb34.google.com [IPv6:2607:f8b0:4864:20::b34]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 27632C14F607 for <dnssd@ietf.org>; Wed, 12 Oct 2022 06:42:44 -0700 (PDT)
Received: by mail-yb1-xb34.google.com with SMTP id r3so5344027yba.5 for <dnssd@ietf.org>; Wed, 12 Oct 2022 06:42:44 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fugue-com.20210112.gappssmtp.com; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=SDXPuUoIwGS0LpPl8TO9Zzc0hTNeNKTgqXPX8YsLcdc=; b=kpXbAjy1sXuCfC6SEvBUgfDs5WbSfp/poIK3dcg66qOYXXI/SnjTiprXtbpjwLWZjS sureuWtBP1bMeg75f3Xrs5aFVKixU/i8VFv0jwL3w5oF9l7juaJLPYJNDkiI/rRAvq7L sN2m4gdUZqmYkIN3pVWnHEbHeoznpCeljEk28qKJGmPNeYeIyiZzERTsaT+/iwXCAMG/ UervniNmT4yb18oFEnOa+ycGTO4ilULHj685tjNZRZpesw0BscJtCi1auheHPn68D9Un BEv+jjYMCBW8J1KesjSsbAP17Q7rolgzHsEz7iBYnEcO6E4Pc/Yc7PcUMYBvqNXFjV91 Yg5g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=SDXPuUoIwGS0LpPl8TO9Zzc0hTNeNKTgqXPX8YsLcdc=; b=1dlLDuKrG3Ik5jCameCsfw/S6MErxWoH/uDNfgo5F4YprZukGlI+gur85ZzPSFUumH UrEQE9GnkuLROD5Uq5dgC7GGoerabkJXV+K37iGjn/+A0GMduTs43n2qf6859BQ5nmEh YN7VB3hYoKT8qIrsWToNm3xY4SdPdBthRY9Pvnch9bnexWiFk7wmnuty9UsOT3/lVQZB 0G6+65+g46f8G2UATj6IMCJe0f1yAVIADNZ316A395aZQeW9pYmkua33IIJyyH98FHE+ HsHdxvEzCj6Hew3RE7QEVVyBliXEaxgPaNHYoG5gYj6DVePACWw7/c88KOe6DLebq5nL iKJw==
X-Gm-Message-State: ACrzQf12lfI5iEhJart8Ir9j7Bkb4pPOKBXlnzw6x9/D7weR7uqUDu/k cEWheZkkJi1Sg2SZJ/ts5n1aikPC34qJulIj5jM8Ww==
X-Google-Smtp-Source: AMsMyM4UccKhtO+yriCcCj235I+yhEDHXpsLUjyDlfqT/gxkzKBmhWfyx06UUO9kgC61sfIwQOxQyQX5V6NESX04nwE=
X-Received: by 2002:a25:3c04:0:b0:6bf:e137:6882 with SMTP id j4-20020a253c04000000b006bfe1376882mr21681080yba.142.1665582162703; Wed, 12 Oct 2022 06:42:42 -0700 (PDT)
MIME-Version: 1.0
References: <CAPDSy+60hp4P2PKzkkwoP+fqG5ECrNAN_Wqzjkx8Gz6N2Ljdkg@mail.gmail.com> <DU0P190MB1978D98964F8B3CA948C4804FD6C9@DU0P190MB1978.EURP190.PROD.OUTLOOK.COM> <CAPt1N1=YFz0iWWsHaJ9KzTrguQPis8xe8krPTtzW4r8OC9KL4A@mail.gmail.com> <DU0P190MB1978FBA6F4A5CEFCA10650A0FD229@DU0P190MB1978.EURP190.PROD.OUTLOOK.COM>
In-Reply-To: <DU0P190MB1978FBA6F4A5CEFCA10650A0FD229@DU0P190MB1978.EURP190.PROD.OUTLOOK.COM>
From: Ted Lemon <mellon@fugue.com>
Date: Wed, 12 Oct 2022 09:42:06 -0400
Message-ID: <CAPt1N1k+gnd2wLjdxATp-oUZmiF2Mn87GxqpvX5mp1O01S4HyQ@mail.gmail.com>
To: Esko Dijk <esko.dijk@iotconsultancy.nl>
Cc: David Schinazi <dschinazi.ietf@gmail.com>, DNSSD <dnssd@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000270cf205ead691b7"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnssd/pZ5JLpOZP5mffPBH32KMTx-1VO4>
Subject: Re: [dnssd] WGLC for draft-ietf-dnssd-update-lease
X-BeenThere: dnssd@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Discussion of extensions to DNS-based service discovery for routed networks." <dnssd.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnssd>, <mailto:dnssd-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnssd/>
List-Post: <mailto:dnssd@ietf.org>
List-Help: <mailto:dnssd-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnssd>, <mailto:dnssd-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 12 Oct 2022 13:42:48 -0000

Yeah, theoretically it's possible that there are servers out there that
don't support 8-byte, but there's no way to make them work with clients
that send 8-byte values, and I don't think it's important to allow for
that, since in practice the only server I know of that does that is the one
that comes with mDNSResponder, and I doubt it's in use in a significant
number of installations.

On Wed, Oct 12, 2022 at 9:30 AM Esko Dijk <esko.dijk@iotconsultancy.nl>
wrote:

> Great, the new version resolves all my comments.
>
>
>
> So with the new text the Server has to support receiving either the 4-byte
> or 8-byte variant, and a client could be implemented to only support the
> 4-byte variant (for both send/receive).
>
>
>
> Esko
>
>
>
> *From:* Ted Lemon <mellon@fugue.com>
> *Sent:* Thursday, October 6, 2022 17:06
> *To:* Esko Dijk <esko.dijk@iotconsultancy.nl>
> *Cc:* David Schinazi <dschinazi.ietf@gmail.com>; DNSSD <dnssd@ietf.org>
> *Subject:* Re: [dnssd] WGLC for draft-ietf-dnssd-update-lease
>
>
>
> I've made the following changes based on your comments. I think the right
> thing to do with respect to client and server behavior is to assume that if
> the sender doesn't send the 8-byte variant, it doesn't support it. Your
> suggested behavior is probably better in principle, but what we're
> anticipating here are clients that might be out of date; there's no reason
> for example for a client to send the 4-byte variant if it supports the
> 8-byte variant. Similarly, if the server gets the 4-byte variant, most
> likely the client wouldn't know what to do with the 8-byte variant. If the
> server sends the 4-byte variant, it doesn't support the 8-byte variant.
>
>
>
> diff --git a/draft-ietf-dnssd-update-lease.xml
> b/draft-ietf-dnssd-update-lease.xml
> index 2348c4f..a1bb6d1 100644
> --- a/draft-ietf-dnssd-update-lease.xml
> +++ b/draft-ietf-dnssd-update-lease.xml
> @@ -6,7 +6,7 @@
>       symRefs="true" tocDepth="3" tocInclude="true" xml:lang="en">
>    <front>
>      <title abbrev='Dynamic DNS Update Leases'>
> -      An EDNS0 option to negotiate Leases on DNS Updates
> +      An EDNS(0) option to negotiate Leases on DNS Updates
>      </title>
>
>      <author initials='S' surname='Cheshire' fullname='Stuart Cheshire'>
> @@ -47,7 +47,7 @@
>      <keyword>I-D</keyword>
>      <keyword>Internet-Draft</keyword>
>      <abstract>
> -      <t>This document describes an EDNS0 option that can be used by DNS
> Update requestors and
> +      <t>This document describes an EDNS(0) option that can be used by
> DNS Update requestors and
>        DNS servers to include a lease lifetime in a DNS Update or
> response, allowing a server to garbage collect stale
>        resource records that have been added by DNS Updates</t>
>      </abstract>
> @@ -95,7 +95,7 @@
>
>      <section>
>        <name>Mechanisms</name>
> -      <t>The EDNS0 Update Lease option is included in a standard DNS
> Update message <xref
> +      <t>The EDNS(0) Update Lease option is included in a standard DNS
> Update message <xref
>        target="RFC2136"/> within an EDNS(0) OPT pseudo-RR <xref
> target="RFC6891"/>.</t>
>      </section>
>
> @@ -103,13 +103,13 @@
>        <name>Update Message Format</name>
>        <t>
>        Dynamic DNS Update Leases Requests and Responses are formatted as
> standard DNS Dynamic
> -      Update messages <xref target="RFC2136"/>. This update MUST include
> the EDNS0 OPT RR, as
> -      described in <xref target="RFC6891"/>.  This OPT RR MUST include an
> EDNS0 Option as shown
> +      Update messages <xref target="RFC2136"/>. This update MUST include
> the EDNS(0) OPT RR, as
> +      described in <xref target="RFC6891"/>.  This OPT RR MUST include an
> EDNS(0) Option as shown
>        below.  Note that if a TSIG resource record (<xref
> target="RFC2845"/>) is included to
>        authenticate the update, the TSIG RR MUST appear <em>after</em> the
> OPT RR, allowing the
>        message digest in the TSIG to cover the OPT RR.</t>
>
> -      <t>The Update Lease EDNS0 option is formatted as follows:</t>
> +      <t>The Update Lease EDNS(0) option is formatted as follows:</t>
>
>  <figure align="center" anchor="lease_opt" suppress-title="true"><artwork
> align="center"><![CDATA[
>  Field Name       Field Type   Description
> @@ -170,6 +170,11 @@ KEY-LEASE        u_int32_t    optional desired (or
> granted)
>         Servers MAY return different lease interval(s) than specified by
> the requestor, granting
>         relatively longer or shorter leases to reduce network traffic due
> to Refreshes, or
>         reduce stale data, respectively.</t>
> +        <t>Note that both the 4-byte and 8-byte variant are valid on both
> clients and servers.
> +        If a server receives a 4-byte variant, it MUST respond with a
> 4-byte variant. If a client
> +        sends an 8-byte variant, it MUST accept either an 8-byte variant
> or a 4-byte variant in
> +        the response. If it receives a 4-byte variant, it MUST assume
> that both the key lease and
> +        update lease values are the same on the server.</t>
>        </section>
>      </section>
>
> @@ -200,7 +205,7 @@ KEY-LEASE        u_int32_t    optional desired (or
> granted)
>
>         <t>The Update Lease option in a Refresh contains the desired new
> lease on Requests, and
>         the actual granted lease on Responses. The LEASE interval
> indicated in the Update Lease
> -       option applies to all resource records in the Update section,
> except that if a KEY-LEASE
> +       option applies to all resource records in the Update section of
> the Refresh request, except that if a KEY-LEASE
>         interval is included as well, that interval applies to any KEY
> records included in the
>         Update section.</t>
>        </section>
> @@ -209,7 +214,7 @@ KEY-LEASE        u_int32_t    optional desired (or
> granted)
>         <name>Requestor Behavior</name>
>
>         <t>A requestor that intends that its records from a previous
> update, whether an initial
> -       update or a Refresh, MUST send a Refresh message before the lease
> elapses, or else the records
> +       update or a Refresh, remain active, MUST send a Refresh message
> before the lease elapses, or else the records
>         will be removed by the server.</t>
>
>         <t>Requestors SHOULD Refresh resource records after 75% of the
> original lease has
>
>
>
> On Fri, Aug 19, 2022 at 7:17 AM Esko Dijk <esko.dijk@iotconsultancy.nl>
> wrote:
>
> Hi all,
>
>
>
> I reviewed this document in detail and have only 1 open (technical) issue
> on it, see below.   This is followed by a few minor review comments.
>
> Based on this, I believe the option is quite useful, and the document is
> ready for publication after the open technical issue is resolved by the WG.
>
>
>
> Best regards
>
> Esko
>
>
>
> --- Open issue
>
> 4.2
>
> Based on the stated requirements in 4, a server developer could assume the
> following scenarios are okay:
>
>    - requester sends the basic Option (lease time only), and the server
>    responds with the extended Option (lease / key-lease separately)
>    - requester sends extended Option and the server responds basic Option.
>
> A client developer could assume based on the same text that one or both of
> these scenarios are not okay / prohibited.
>
>
>
> To guarantee interoperability for such cases, we need to say in 4.2 either
> that a server MAY do this, or alternatively that a server MUST NOT do this
> responding with a different option format.  It could be even a rule that
> the server can “lengthen” the Option but not “shorten” it.
>
>
>
> I don’t have a preference on the solution chosen as long as we pick
> something.  Noting that for the client’s point of view, if the server
> always responds with the same Option Format it is simpler to implement.
>
> On the other hand this reduces the flexibility of the server – e.g.
> suppose the client asks for 1 week lease (short Option format) and the
> server can only grant 27 hours LEASE but can grant 2 weeks KEY-LEASE – then
> the server would like to respond with the extended Option format.
>
>
>
>
>
> ---- Minor review comments
>
>
>
> General
>
> EDNS0 vs EDNS(0) – is there a reason for the different spellings?
>
>
>
> 5.1
>
> “The LEASE interval indicated in the Update Lease option applies to all
> resource
>
>    records in the Update section, except that … ”
>
> -> “in the Update section” may be unclear here. There’s an Update section
> in the request, but is there also one in the Response (I assume not
> necessarily )?
>
> -> Easiest here would be to say maybe:
>
> “The LEASE interval indicated in the Update Lease option applies to all
> resource
>
>    records in the Update section of the Refresh request, except that … ”
>
>
>
> 5.2
>
> “A requestor that intends that its records from a previous update,
>
>    whether an initial update or a Refresh, MUST send a Refresh message”
>
> -> grammar error in sentence -that intends what? E.g. is it
>
> -> “A requestor that intends that its records from a previous update,
>
>    whether an initial update or a Refresh, *remain*  *active* MUST send a
> Refresh message”
>
>
>
>
>
>
>
> *From:* dnssd <dnssd-bounces@ietf.org> *On Behalf Of *David Schinazi
> *Sent:* Tuesday, August 9, 2022 00:45
> *To:* DNSSD <dnssd@ietf.org>
> *Subject:* [dnssd] WGLC for draft-ietf-dnssd-update-lease
>
>
>
> Hi DNSSD enthusiasts,
>
>
>
> As promised during our meeting at IETF 114 two weeks ago, we are starting
> a Working Group Last Call (WGLC) for draft-ietf-dnssd-update-lease. As a
> reminder of our timeline, this document was adopted by the DNSSD WG in
> September 2021, folks made comments during that adoption call, and those
> comments were addressed by the authors in July 2022. Additionally,
> progressing this document is required for us to publish
> draft-ietf-dnssd-srp. This WGLC will last for two weeks until 2022-08-22 at
> 23:59 UTC. We're interested in hearing whether folks have read this
> document and think it is ready for publication. We're also interested in
> hearing from folks who think the document isn't ready, or who see issues
> that need to be resolved before publication.
>
>
>
> The latest draft is available here:
>
> https://datatracker.ietf.org/doc/draft-ietf-dnssd-update-lease/
>
>
>
> Please send responses to the DNSSD list as replies to this email.
>
>
>
> Thanks,
>
> David and Chris
>
>

v2.23.0 | Report a Bug | By Email