Re: [Doh] [Ext] DNS Camel thoughts: TC and message size

Patrick McManus <> Thu, 07 June 2018 14:17 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id B237B130EF1 for <>; Thu, 7 Jun 2018 07:17:35 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.233
X-Spam-Status: No, score=-1.233 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, SPF_SOFTFAIL=0.665, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id B7CFSR_tujSP for <>; Thu, 7 Jun 2018 07:17:33 -0700 (PDT)
Received: from ( [IPv6:2600:3c02::f03c:91ff:fe6e:e8da]) by (Postfix) with ESMTP id C4BB0130EF7 for <>; Thu, 7 Jun 2018 07:17:33 -0700 (PDT)
Received: from ( []) by (Postfix) with ESMTPSA id 662FB3A05A for <>; Thu, 7 Jun 2018 10:17:32 -0400 (EDT)
Received: by with SMTP id f79-v6so8752496oib.7 for <>; Thu, 07 Jun 2018 07:17:32 -0700 (PDT)
X-Gm-Message-State: APt69E1UIhDRS3fjjVi7lGm738WSQBHims+5dTkPU3nupw3qdaRL3W1G UpTlwS7tm5qWOrVT0NaGIa8KhyD7MgUMYZ78+Lw=
X-Google-Smtp-Source: ADUXVKLb31vnsmsHyB+KGEThe9gITbr5ACWycblc9ZDpSUXVzZrDs88gVhLlmkJr/oLxpDHao98ZyTXw/DGQIwuUcmc=
X-Received: by 2002:aca:f3c5:: with SMTP id r188-v6mr676260oih.17.1528381052138; Thu, 07 Jun 2018 07:17:32 -0700 (PDT)
MIME-Version: 1.0
Received: by 2002:a4a:8a32:0:0:0:0:0 with HTTP; Thu, 7 Jun 2018 07:17:31 -0700 (PDT)
In-Reply-To: <>
References: <> <> <> <> <>
From: Patrick McManus <>
Date: Thu, 7 Jun 2018 16:17:31 +0200
X-Gmail-Original-Message-ID: <>
Message-ID: <>
To: bert hubert <>
Cc: Patrick McManus <>, Paul Hoffman <>, DoH WG <>
Content-Type: multipart/alternative; boundary="000000000000b1c771056e0df174"
Archived-At: <>
Subject: Re: [Doh] [Ext] DNS Camel thoughts: TC and message size
X-Mailman-Version: 2.1.26
Precedence: list
List-Id: DNS Over HTTPS <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Thu, 07 Jun 2018 14:17:36 -0000

On Thu, Jun 7, 2018 at 11:36 AM, bert hubert <>;

> On Thu, Jun 07, 2018 at 09:19:06AM +0200, Patrick McManus wrote:
> > it seems possible that this is a property of the default media type not
> of
> > DoH. e.g. a negotiated json response wouldn't have this kind of
> limitation.
> > Does that make sense?
> Firstly, it is not a media type limitation. It is a question of if we want
> to extend DNS into a territory where it has never been before. The moment
> 100 kilobyte DNS answers become possible, we need to redo a ton of
> software.
> This is true if the end transport is JSON or a DNS message wrapped into an
> HTTP response.
I still think that your argument only applies to the *wireformat media

New types mean new parsers. It seems your concerns are about existing
parsers that, by definition, can't parse the new types. So I'm not
concerned about them with new types.

> Before typing a lot more characters on this, can I ask who is actually
> arguing that we need bigger DNS messages?  Who is hurting under the 65536
> byte constraint?  DNS over HTTPS implies that we have access to HTTPS.
> This
> protocol supports messages as large as you want.
I don't want to constrain what those new types might do based on our
current understanding. For instance some media types might be very space
inefficient but super efficient to access.. and we might fix that on the
wire with a http compression encoding. heck maybe they come back as jpeg
visualizations; I'm not here to judge.

If we buy my argument then we don't so much as restrict DoH as note that
the wireformat media types effectively have this limitation already that
needs to be respected.