Re: [Doh] [DNSOP] Fwd: New Version Notification for draft-ietf-dnsop-dns-wireformat-http-02.txt
Bob Harold <rharolde@umich.edu> Thu, 22 March 2018 17:04 UTC
Return-Path: <rharolde@umich.edu>
X-Original-To: doh@ietfa.amsl.com
Delivered-To: doh@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C492312711A for <doh@ietfa.amsl.com>; Thu, 22 Mar 2018 10:04:46 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.7
X-Spam-Level:
X-Spam-Status: No, score=-2.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=umich.edu
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id YeYcWoW5NWLC for <doh@ietfa.amsl.com>; Thu, 22 Mar 2018 10:04:44 -0700 (PDT)
Received: from mail-lf0-x230.google.com (mail-lf0-x230.google.com [IPv6:2a00:1450:4010:c07::230]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5302D12704A for <doh@ietf.org>; Thu, 22 Mar 2018 10:04:44 -0700 (PDT)
Received: by mail-lf0-x230.google.com with SMTP id v207-v6so14256630lfa.10 for <doh@ietf.org>; Thu, 22 Mar 2018 10:04:44 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=umich.edu; s=google-2016-06-03; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=i8NYIl9jNr4b+HnuNupo/BFBGPHp7WH3p8IutNzTCQo=; b=LRuzS3sokvA0E54Er6JOE1jnY7zoC7n9DegTYcRKt6c9Tfp6gn0AKJ9XBQg0T10YVZ y/lYsSPNnzPBzouwXAhKDCNoSG0MMfflJ9yMKX0X6CtReAfCKjAF0wkvNuBmWKVImFWy 59uA8Nd/taX7J4d2WFe30DGYI+zyLYOFCHFr5vlE+ZgByi9LJUeV2ZKvsf+foS00bQ5n abbgw+7FXsociC6mt/hYGzQKPjpI9A1SIzIJ1a6rSjRGAhZNqCw8o931XOm4tgfjBfmy 4MIjVfJAUnFESNsV10rm836MvKrXtvaL+QfVFMNCB4UHJCQUEHWgY6TgoOitYb9xOsWk 12lw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=i8NYIl9jNr4b+HnuNupo/BFBGPHp7WH3p8IutNzTCQo=; b=Q1GcwG1OWQpB+ObvjQmKDt+Vb92kkCiKEAzm2PxTH6RfVyudavP9r3RQ8+L6cNjamG hnhgdVTNJ568SYovhrOU8BQwICitSZAGOYTZ4TyNHjSyLx7ZA+cNi7+cFeAi74Trkt5T N/WfmEIhO7s8EkvxAziOl8+Gba3YU3gulsfkbQkK8Bm54zeNE6x8z9017iUqiq6Wpvl1 1hY3jvGPZJcX2dt0n4Jw1xAdwxeoWpbBKXAq755Lua7KzylbXGh0JzO25LNpovAdw/ze kcoqU3mzSLPtOHDKATt5qcL9kNc7NjJ2/YrMQDVtXSzGgSDFkGQGycQIS2ST4oICryAw DR+A==
X-Gm-Message-State: AElRT7EVSbyYGmH8JQLXeRMsVNhbSNy7YiHg9LIiddH5J265fsrjhF6L Esvwu3GQWHKjmyaMnarHAIkpRE1eaEXWlsx9tn6mnAc3
X-Google-Smtp-Source: AG47ELtfwK7OXXfLU6ah3CCSXtf1buB3ZghQ5hfrsDloGrqa1Opx5N21sn4UUWifA4kqS9OYrqXq/b+aPnm5y333vTo=
X-Received: by 10.46.127.30 with SMTP id a30mr2340046ljd.93.1521738282487; Thu, 22 Mar 2018 10:04:42 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.46.155.140 with HTTP; Thu, 22 Mar 2018 10:04:41 -0700 (PDT)
In-Reply-To: <23219.56569.2064.711002@gro.dd.org>
References: <152168039295.5550.9572034766968749020.idtracker@ietfa.amsl.com> <CAAObRXLm3c-p9rZkn6H6tcEoh3-UT5JW06NXQ_FMyyr2NFMmyw@mail.gmail.com> <23219.33838.166003.614689@gro.dd.org> <CAAObRX+xF5SwVd3x3iXSWd-A0Kpr_ubbOJzn0yTrSk8pc+tm6Q@mail.gmail.com> <23219.56569.2064.711002@gro.dd.org>
From: Bob Harold <rharolde@umich.edu>
Date: Thu, 22 Mar 2018 13:04:41 -0400
Message-ID: <CA+nkc8ANQh2wAr6==eNuM82mbD+E2ELzHGizdqF_sGdY-kkOqg@mail.gmail.com>
To: Dave Lawrence <tale@dd.org>
Cc: dnsop <dnsop@ietf.org>, doh@ietf.org
Content-Type: multipart/alternative; boundary="089e082f4198c4dfd70568034d9e"
Archived-At: <https://mailarchive.ietf.org/arch/msg/doh/uslCE86VxvV8w_VL866-SGCUq8c>
Subject: Re: [Doh] [DNSOP] Fwd: New Version Notification for draft-ietf-dnsop-dns-wireformat-http-02.txt
X-BeenThere: doh@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: DNS Over HTTPS <doh.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/doh>, <mailto:doh-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/doh/>
List-Post: <mailto:doh@ietf.org>
List-Help: <mailto:doh-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/doh>, <mailto:doh-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 22 Mar 2018 17:04:47 -0000
On Thu, Mar 22, 2018 at 12:42 PM, Dave Lawrence <tale@dd.org> wrote: > Davey Song writes: > > To keep the transparency of DOH proxy, the proxy server should use > > the same transport as the proxy client receive queries from > > stub-resolver, transports patterns like UDP-DOH-UDP, and > > TCP-DOH-TCP. So the proxy client should signal the proxy server the > > initial transport recieve from stub-client. > > I'm really not digging this as a good use of a media type, especially > when the draft says: > > "If proxy client receives the query via TCP, then it > will carry a new media type defined in this document "application/ > dns-tcpwireformat" and speak DOH with proxy server with the same > DNS query without the two-byte length field defined in DNS over > TCP" > > So, dns-tcpwireformat and dns-udpwireformat are byte-for-byte > identical on the wire, and you're just using it as a signal for the > transport you want the DOH Proxy Server to use when talking to a > resolver (if indeed it is talking to separate resolver at all), is > that right? If a transparent DOH proxy client is talking to a > co-operating DOH proxy server, shouldn't they have a better signaling > mechanism than that? Is there any other media type that directs a > server on transport issues? > > The use case also doesn't really address why it is important to > preserve the stub's udp-vs-tcp choice to its presumptive resolver, but > rather only refers only vaguely to the transparency issue. It would > be nice to have a clearer statement of what's driving this proposal. > > Unfortunately, the resolver needs to make decisions based on the original transport, for example if the transport is TCP, it can send any size response. But if UDP, it needs to fit in a smaller size, and it often sends less info in the response. Likewise, session signalling, anti-spoofing decisions, etc depend on the transport. That brings up another question. Would it also need to know the MTU of the original connection, or any other info? (Assuming EDNS is not used) In that case, a different media type is not enough, and we need to change the format to add some 'header" info. -- Bob Harold
- [Doh] Fwd: New Version Notification for draft-iet… Davey Song
- Re: [Doh] [DNSOP] Fwd: New Version Notification f… Richard Gibson
- Re: [Doh] [DNSOP] Fwd: New Version Notification f… Dave Lawrence
- Re: [Doh] [DNSOP] Fwd: New Version Notification f… Davey Song
- Re: [Doh] [DNSOP] Fwd: New Version Notification f… Bob Harold
- Re: [Doh] [DNSOP] Fwd: New Version Notification f… Davey Song
- Re: [Doh] [DNSOP] Fwd: New Version Notification f… Dave Lawrence
- Re: [Doh] [DNSOP] Fwd: New Version Notification f… Paul Vixie
- Re: [Doh] [DNSOP] Fwd: New Version Notification f… Bob Harold
- Re: [Doh] [DNSOP] Fwd: New Version Notification f… Paul Vixie
- [Doh] Alternate proposal for transport indication… Paul Hoffman
- Re: [Doh] [DNSOP] Alternate proposal for transpor… Paul Vixie
- Re: [Doh] [Ext] Re: [DNSOP] Alternate proposal fo… Paul Hoffman
- Re: [Doh] [DNSOP] Alternate proposal for transpor… Davey Song
- Re: [Doh] [Ext] Re: [DNSOP] Alternate proposal fo… Davey Song
- Re: [Doh] [Ext] Re: [DNSOP] Alternate proposal fo… Paul Hoffman
- Re: [Doh] Alternate proposal for transport indica… Martin Thomson
- Re: [Doh] Alternate proposal for transport indica… Davey Song
- Re: [Doh] Alternate proposal for transport indica… Martin Thomson
- Re: [Doh] [Ext] Re: Alternate proposal for transp… Paul Hoffman
- Re: [Doh] [DNSOP] Alternate proposal for transpor… Dave Lawrence
- Re: [Doh] Alternate proposal for transport indica… Davey Song
- Re: [Doh] [Ext] Re: Alternate proposal for transp… Martin Thomson
- Re: [Doh] [DNSOP] [Ext] Re: Alternate proposal fo… Dave Lawrence
- Re: [Doh] [Ext] Re: Alternate proposal for transp… Davey Song
- Re: [Doh] [DNSOP] [Ext] Re: Alternate proposal fo… Ray Bellis
- Re: [Doh] [DNSOP] [Ext] Re: Alternate proposal fo… Ray Bellis
- Re: [Doh] [DNSOP] [Ext] Re: Alternate proposal fo… Paul Vixie
- Re: [Doh] [DNSOP] [Ext] Re: Alternate proposal fo… Ted Lemon
- Re: [Doh] [DNSOP] [Ext] Re: Alternate proposal fo… Ray Bellis
- Re: [Doh] [DNSOP] [Ext] Re: Alternate proposal fo… Paul Vixie
- Re: [Doh] [DNSOP] [Ext] Re: Alternate proposal fo… Ted Lemon
- Re: [Doh] [DNSOP] [Ext] Re: Alternate proposal fo… Paul Vixie
- Re: [Doh] [DNSOP] [Ext] Re: Alternate proposal fo… Ted Lemon
- Re: [Doh] [DNSOP] [Ext] Re: Alternate proposal fo… Tony Finch
- Re: [Doh] [DNSOP] [Ext] Re: Alternate proposal fo… Paul Vixie
- Re: [Doh] [DNSOP] [Ext] Re: Alternate proposal fo… Paul Vixie
- Re: [Doh] [DNSOP] [Ext] Re: Alternate proposal fo… Paul Vixie
- Re: [Doh] [DNSOP] [Ext] Re: Alternate proposal fo… Ben Schwartz
- Re: [Doh] [DNSOP] [Ext] Re: Alternate proposal fo… Paul Vixie
- Re: [Doh] [DNSOP] [Ext] Re: Alternate proposal fo… Ted Lemon
- Re: [Doh] [DNSOP] [Ext] Re: Alternate proposal fo… Paul Vixie
- Re: [Doh] [DNSOP] [Ext] Re: Alternate proposal fo… Ted Lemon
- Re: [Doh] [DNSOP] [Ext] Re: Alternate proposal fo… Paul Vixie
- Re: [Doh] [DNSOP] [Ext] Re: Alternate proposal fo… Ted Lemon
- Re: [Doh] [DNSOP] [Ext] Re: Alternate proposal fo… Paul Vixie
- Re: [Doh] [DNSOP] [Ext] Re: Alternate proposal fo… Ted Lemon
- Re: [Doh] [DNSOP] [Ext] Re: Alternate proposal fo… Tony Finch
- Re: [Doh] [DNSOP] [Ext] Re: Alternate proposal fo… Martin Thomson