Re: [Doh] [Ext] a tad confused on response sizes

Star Brilliant <m13253@hotmail.com> Tue, 05 June 2018 18:28 UTC

Return-Path: <m13253@hotmail.com>
X-Original-To: doh@ietfa.amsl.com
Delivered-To: doh@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D37B11310F3 for <doh@ietfa.amsl.com>; Tue, 5 Jun 2018 11:28:23 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.875
X-Spam-Level:
X-Spam-Status: No, score=-0.875 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FORGED_HOTMAIL_RCVD2=0.874, FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=hotmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qVBg9nTpsGxj for <doh@ietfa.amsl.com>; Tue, 5 Jun 2018 11:28:22 -0700 (PDT)
Received: from NAM01-BY2-obe.outbound.protection.outlook.com (mail-oln040092001089.outbound.protection.outlook.com [40.92.1.89]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8FFFE130934 for <doh@ietf.org>; Tue, 5 Jun 2018 11:28:22 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=hotmail.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=IzGj5ejnz/j0TFRKqaV/CTfjkXB0SPdlPtK940HnBa8=; b=jed/KIc6U//G0/cjFWAOZp6zTXYW8I66Rex//C/1yIg/A5rvh0LHD6B0DHy6bX4oB5scgu2Ze2vm2UV3wHeRFWbuPi7iXCqWgXtdQWxD5x8LmGHNbq0Vd9llba8bvVokZsDYGN2794kziQ8n4MHwuHF1XZVP6wbsjhw5QFATkd3QeKMqY9nhwUO0wO/TVmAKh/VgvZIK5G1IlIPib8PhnVLK0Lbvu9oMurfhKyBuaWiaj+nV9WNYZWxK34uf9asuFMR59ndJsRJDNBdZEdBiEe6Cpf8/oxs+KpDdx/3G49ILZzr75cnNwxHs8Vz0tGRex234QR+31c5RKZS+0gAEaQ==
Received: from BY2NAM01FT039.eop-nam01.prod.protection.outlook.com (10.152.68.54) by BY2NAM01HT157.eop-nam01.prod.protection.outlook.com (10.152.68.142) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.841.10; Tue, 5 Jun 2018 18:28:21 +0000
Received: from BYAPR19MB2248.namprd19.prod.outlook.com (10.152.68.53) by BY2NAM01FT039.mail.protection.outlook.com (10.152.68.115) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.20.841.10 via Frontend Transport; Tue, 5 Jun 2018 18:28:21 +0000
Received: from BYAPR19MB2248.namprd19.prod.outlook.com ([fe80::c536:6718:b509:85cb]) by BYAPR19MB2248.namprd19.prod.outlook.com ([fe80::c536:6718:b509:85cb%4]) with mapi id 15.20.0820.015; Tue, 5 Jun 2018 18:28:21 +0000
From: Star Brilliant <m13253@hotmail.com>
To: "doh@ietf.org" <doh@ietf.org>
Thread-Topic: [Doh] [Ext] a tad confused on response sizes
Thread-Index: AQHT/NdXdt//5ho9S02KYza5xDwOp6RRtiwAgAAIrgCAAAVeAIAABIeAgAAO1QCAAAOGWIAADJIAgAAEt62AAAt4gIAAAOwY
Date: Tue, 05 Jun 2018 18:28:21 +0000
Message-ID: <BYAPR19MB22489076D7E7A6780F78CCF094660@BYAPR19MB2248.namprd19.prod.outlook.com>
References: <20180605120510.GA29047@server.ds9a.nl> <CFEAAD6E-4F9D-4DB5-A362-21775D74F84A@icann.org> <alpine.DEB.2.11.1806051515510.1809@grey.csi.cam.ac.uk> <663E7B21-9107-4A2B-9DEB-E13475A4E5FF@icann.org> <alpine.DEB.2.11.1806051604150.1809@grey.csi.cam.ac.uk> <20180605152355.6tlbeqvt7luklwjl@nic.fr>, <alpine.DEB.2.11.1806051710290.1809@grey.csi.cam.ac.uk> <BYAPR19MB22489BE90FE768BCB13BD40B94660@BYAPR19MB2248.namprd19.prod.outlook.com>, <alpine.DEB.2.11.1806051759430.1809@grey.csi.cam.ac.uk> <BYAPR19MB2248B0ADD763FF82E8C6C2E194660@BYAPR19MB2248.namprd19.prod.outlook.com>, <alpine.DEB.2.11.1806051908040.1809@grey.csi.cam.ac.uk>
In-Reply-To: <alpine.DEB.2.11.1806051908040.1809@grey.csi.cam.ac.uk>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-incomingtopheadermarker: OriginalChecksum:D43E0B5178C79F8269A2AF98D371B3DA10CE3DC740B4FBC145D1762554E54D2E; UpperCasedChecksum:6E0B4FAD7218478BC128EBED546E3F7D657463C7A4F528A25DF186535EE45E4A; SizeAsReceived:7738; Count:46
x-ms-exchange-messagesentrepresentingtype: 1
x-tmn: [oqW3dR3HNOjbypihdq23o/INEq+hHNd5U6xfGJBCSeGJZKg9EdvDcg==]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; BY2NAM01HT157; 7:M2eaDWiWPSB3OLIeK3GX39OSXmaho+2HxaZQP9hpwxf4XGsj338fF/oHarMi+bgtozEJqyYsGbKzzI6wFuuILarTZ2Wp2RraQhlw4NnK8mZsYw20SgPiuYRV+Z8qP5lLF97XtN4DDfuatYYWU+nf8hLFx2gfVqTEV7d4n68entzLlfeNVAgrfWO7iphtbKYVK6Nj8bl9jFp+X6kO81TmUnTObp5HmafkZA2rCliqtyvzs+oZ670U1KOv4gQi8TE8
x-incomingheadercount: 46
x-eopattributedmessage: 0
x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(7020095)(201702061078)(5061506573)(5061507331)(1603103135)(2017031320274)(2017031324274)(2017031323274)(2017031322404)(1603101448)(1601125466)(1701031045); SRVR:BY2NAM01HT157;
x-ms-traffictypediagnostic: BY2NAM01HT157:
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(444000031); SRVR:BY2NAM01HT157; BCL:0; PCL:0; RULEID:; SRVR:BY2NAM01HT157;
x-forefront-prvs: 0694C54398
x-forefront-antispam-report: SFV:NSPM; SFS:(7070007)(189003)(199004)(7696005)(229853002)(87572001)(99286004)(20460500001)(6506007)(2900100001)(104016004)(33656002)(6346003)(102836004)(82202002)(76176011)(73972006)(5660300001)(3660700001)(3280700002)(2501003)(446003)(11346002)(5250100002)(83332001)(6246003)(8936002)(97736004)(25786009)(6916009)(106356001)(2351001)(93886005)(105586002)(68736007)(5640700003)(86362001)(6436002)(8676002)(305945005)(46003)(486006)(14454004)(74316002)(81156014)(476003)(1730700003)(9686003)(55016002)(15852004)(42262002); DIR:OUT; SFP:1901; SCL:1; SRVR:BY2NAM01HT157; H:BYAPR19MB2248.namprd19.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords; MX:1; A:1; LANG:;
received-spf: None (protection.outlook.com: hotmail.com does not designate permitted sender hosts)
authentication-results: spf=none (sender IP is ) smtp.mailfrom=m13253@hotmail.com;
x-microsoft-antispam-message-info: 9Pv5jkWIsPRKdRglijjFRoAKg5h84ino13onZGtJMbhqpNUK/jlsUYvZelm/rtzSXenIXJOEzEJzXdSXomjqZo7EqV9BmPtzqPd3NgP6jbp70usWCh7Ol3Vy+vZ7hb4DYfzeD+NI8I8s30f7gEwtQuUk9mBcDJAPpoCQ/x1phfyNDdidYpsTs8Ycd9fMq11e
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-MS-Office365-Filtering-Correlation-Id: ef77a330-b1c4-4e42-bc2b-08d5cb121de3
X-OriginatorOrg: hotmail.com
X-MS-Exchange-CrossTenant-RMS-PersistedConsumerOrg: c001924d-3e68-4f40-89c2-901a49278da7
X-MS-Exchange-CrossTenant-Network-Message-Id: ef77a330-b1c4-4e42-bc2b-08d5cb121de3
X-MS-Exchange-CrossTenant-rms-persistedconsumerorg: c001924d-3e68-4f40-89c2-901a49278da7
X-MS-Exchange-CrossTenant-originalarrivaltime: 05 Jun 2018 18:28:21.3426 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Internet
X-MS-Exchange-CrossTenant-id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BY2NAM01HT157
Archived-At: <https://mailarchive.ietf.org/arch/msg/doh/bvkvSSSYZvfEJSV9eVSE_7RVHGM>
Subject: Re: [Doh] [Ext] a tad confused on response sizes
X-BeenThere: doh@ietf.org
X-Mailman-Version: 2.1.26
Precedence: list
List-Id: DNS Over HTTPS <doh.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/doh>, <mailto:doh-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/doh/>
List-Post: <mailto:doh@ietf.org>
List-Help: <mailto:doh-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/doh>, <mailto:doh-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 05 Jun 2018 18:28:24 -0000

Tony Finch <dot@dotat.at> wrote:

> In many cases, the DoH client will be embedded in an application as an
> alternative to a traditional stub resolver, so it doesn't have a
> downstream that can retry.

I think the problem is simpler when you state your application scenario.

In my opinion (other people may disagree with me), you could just treat a DoH response with TC as a resolve error and give the user a "network error" screen.

In other words, a DoH with TC bit can happen, and that's a common error. (Not as common as an unplugged network cable, but actually happens really frequently on a busy recursion server.)

And TC bit needed to be passed all along the way through bouncers/proxies/SLBs to the user's application, because errors should not "silently fail".


> My DoH server is a proxy that talks to a full-service resolver that I
> control.

That's good to know. Thanks.