Re: [Doh] [Ext] Warren Kumari's No Objection on draft-ietf-doh-dns-over-https-13: (with COMMENT)
Warren Kumari <warren@kumari.net> Wed, 15 August 2018 16:55 UTC
Return-Path: <warren@kumari.net>
X-Original-To: doh@ietfa.amsl.com
Delivered-To: doh@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 40074131016 for <doh@ietfa.amsl.com>; Wed, 15 Aug 2018 09:55:10 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.909
X-Spam-Level:
X-Spam-Status: No, score=-1.909 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, T_DKIMWL_WL_MED=-0.01, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=kumari-net.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Qh4fUGlKDVqH for <doh@ietfa.amsl.com>; Wed, 15 Aug 2018 09:55:08 -0700 (PDT)
Received: from mail-wr1-x444.google.com (mail-wr1-x444.google.com [IPv6:2a00:1450:4864:20::444]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DD451131001 for <doh@ietf.org>; Wed, 15 Aug 2018 09:55:05 -0700 (PDT)
Received: by mail-wr1-x444.google.com with SMTP id h14-v6so1674137wrw.13 for <doh@ietf.org>; Wed, 15 Aug 2018 09:55:05 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=kumari-net.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=4ImMZQ0ldn7Qptx2Gwt/JTveVhM21ZNWByQUZLyeGbY=; b=vrU777lNqneWwVQmeCa78j8x449feQ6cNFfE/217lscxjchIM+uPEi8swd1wBO7JGD Vs9+LHMTkgquBKDosTnSYwpmGN1THa5f132gnUA7h2EGFJpwST/2f8DijWPbK/nrUuGH MKGoxJHMwln8qFjc9gC3sAtd5Mk7wGNPKF2uAA2oPd5xzEolAm9rb/2o89o4c24VzH6G 0fnzSoGJUIASBVoVo1JIxr8mhtgXXMVwQz+ss8g6owjXVKGa63Q0UG2KgEN+rVEkqd6i JKa4UvCfrWvHiqrzFZ/oKJJ1UzH3NXLrXfDrY1NIpoZ4ozorCIc16MC7mBs0+JaJ1OIn lojw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=4ImMZQ0ldn7Qptx2Gwt/JTveVhM21ZNWByQUZLyeGbY=; b=fsWLdGxc3+xxDJD/OmvxzHSA4dZ70B5vLPGEIigmI+u0lVpLRviwDXvacdoERzJOPX DyyKZBOUcS+kD1pGP4l5h0ZmVzBGEOvVQa54VdQwIL2Iy/jYNbMHXaUemnm/xvxFxxyx qFjlK6ROniIEYihuefdV+zyRBw08PU9wQWtuSNwyJS1m08YaPtVAIzQDzovewCtL5NrK LXKtZWktRsM73BzE04hYB7ayf38xIshUgZQtDwr/zgLhoPbGD0hOMpPXi/VktHRptfYb IHzOqepZSMMZ3T2Q6h3E6CsZdvIlrIFJQzjS3GKmNhnCuDfnPsQRlgDLusg8ST3t6hk3 cxMw==
X-Gm-Message-State: AOUpUlGpaw3Ygp5SyCvJZKpi1tQ30JCsWeVCUVhpwBpZVMEz1hCE6iNJ YWqzriDh8HbJ/jjQOe72fujxF3CUu/GaBDpGoboE/A==
X-Google-Smtp-Source: AA+uWPxTQaAUrYTKByQZdSEYhxB1T/MDsctf3vE40Uz8bmwYrtX8Mo5Rkq9aqcMsmlwvNtNICiU9fbpnWGSpfMsG04c=
X-Received: by 2002:adf:c44c:: with SMTP id a12-v6mr16791988wrg.20.1534352104033; Wed, 15 Aug 2018 09:55:04 -0700 (PDT)
MIME-Version: 1.0
References: <153435028609.14458.3744003304771066071.idtracker@ietfa.amsl.com> <041E52A4-E854-4D06-A25D-5C50762DCFCF@icann.org>
In-Reply-To: <041E52A4-E854-4D06-A25D-5C50762DCFCF@icann.org>
From: Warren Kumari <warren@kumari.net>
Date: Wed, 15 Aug 2018 12:54:27 -0400
Message-ID: <CAHw9_iLFTgZTXLhfaxJLQNY8N0+5qgLktP6SQzS9ENnob-Kuvw@mail.gmail.com>
To: Paul Hoffman <paul.hoffman@icann.org>
Cc: The IESG <iesg@ietf.org>, draft-ietf-doh-dns-over-https@ietf.org, doh-chairs@ietf.org, DoH WG <doh@ietf.org>
Content-Type: multipart/alternative; boundary="0000000000001f1fad05737c3040"
Archived-At: <https://mailarchive.ietf.org/arch/msg/doh/TOZdX5JP8eSuXYmF8bguEArAry0>
Subject: Re: [Doh] [Ext] Warren Kumari's No Objection on draft-ietf-doh-dns-over-https-13: (with COMMENT)
X-BeenThere: doh@ietf.org
X-Mailman-Version: 2.1.27
Precedence: list
List-Id: DNS Over HTTPS <doh.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/doh>, <mailto:doh-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/doh/>
List-Post: <mailto:doh@ietf.org>
List-Help: <mailto:doh-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/doh>, <mailto:doh-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 15 Aug 2018 16:55:10 -0000
Woot. Thanks, W On Wed, Aug 15, 2018 at 12:47 PM Paul Hoffman <paul.hoffman@icann.org> wrote: > On Aug 15, 2018, at 9:24 AM, Warren Kumari <warren@kumari.net> wrote: > > ---------------------------------------------------------------------- > > COMMENT: > > ---------------------------------------------------------------------- > > > > Thank you -- I've been following this work, and so only have a few minor > > comments at this point... > > > > Section 3. Protocol Requirements > > I really think that this section should remain - it is helpful to people > new to > > the technology to understand how and why design decisions were made. If > you are > > not comfortable with it in the body of the document, perhaps it could be > made > > an Appendix. > > We've now heard this from a bunch of the IETF-wide reviewers. Patrick > pointed out earlier that the WG has seen this section as "will be removed" > during the later part of the WG process, and that it was not meant to limit > future work on DoH. Having said that, making it an appendix with some > wording to not limit future work could be nearly harmless. We'll look at > that. > > > Section 5.1. The HTTP Request > > " In order to maximize cache friendliness, DoH clients using media > formats that > > include DNS ID, such as application/dns-message, SHOULD use a DNS ID of > 0 in > > every DNS request." While this should be obvious, as this document is > talking > > about both DNS and HTTP it would be helpful to clarify **which** cache. > > This was already caught by earlier reviewers. Our working copy now says > which cache is being discussed in a more places, including here. > > > Section 6.1. Cache Interaction > > "This requirement helps assure that none of the RRsets contained in a DNS > > response are served stale from an HTTP cache." The wording of this feels > a > > little "clunky", but I don't really have a suggested fix. I also think > that it > > would be helpful if the "served stale" term could be changed, but this > might > > just be because I think of draft-ietf-dnsop-serve-stale when I see that. > > Based on an earlier comment, we made it clear that this was about > unintentionally serving stale. I agree that "stale" is not really the right > word here; RFC 1035 uses "expired", so we can use it here. > > > General: > > You *might* want RFC 8446 instead of 5077, 5246, but I'm not sure. > > Yes, definitely. > > --Paul Hoffman > > -- I don't think the execution is relevant when it was obviously a bad idea in the first place. This is like putting rabid weasels in your pants, and later expressing regret at having chosen those particular rabid weasels and that pair of pants. ---maf
- [Doh] Warren Kumari's No Objection on draft-ietf-… Warren Kumari
- Re: [Doh] [Ext] Warren Kumari's No Objection on d… Paul Hoffman
- Re: [Doh] [Ext] Warren Kumari's No Objection on d… Warren Kumari
- Re: [Doh] [Ext] Warren Kumari's No Objection on d… Rene 'Renne' Bartsch, B.Sc. Informatics