Re: [Doh] [Ext] a tad confused on response sizes

Star Brilliant <m13253@hotmail.com> Wed, 06 June 2018 04:37 UTC

Return-Path: <m13253@hotmail.com>
X-Original-To: doh@ietfa.amsl.com
Delivered-To: doh@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7BF4C130E95 for <doh@ietfa.amsl.com>; Tue, 5 Jun 2018 21:37:25 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.876
X-Spam-Level:
X-Spam-Status: No, score=-0.876 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FORGED_HOTMAIL_RCVD2=0.874, FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=hotmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 28hu1oZkQ22J for <doh@ietfa.amsl.com>; Tue, 5 Jun 2018 21:37:24 -0700 (PDT)
Received: from NAM02-BL2-obe.outbound.protection.outlook.com (mail-oln040092003061.outbound.protection.outlook.com [40.92.3.61]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6CB14130E79 for <doh@ietf.org>; Tue, 5 Jun 2018 21:37:23 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=hotmail.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=adIuRuok6O7phjLy0AMZG/YYe6t81A8/fRUS9njbNS8=; b=Za4IWBYhaVaN2LXCM3hAO/mWj3zx7AS8QJ2iG0lP2QH6c7QdvkyVH+/OY7tQnc4vUyRsbMnHdiF8+Wi1f4kh/2XkKQESGBEhJO4jYZ2V1G3OkgSo2oYz84QTtN7ReTvNPRkeONyeDY1nl3A0K56qghdzDjoLCTtiL4QHoOfMMzK900HtZue6s/AEdTGKcmBwmqGDXJcq8UBbCSCFgXE+HL+hjedJ8Ilo588zVKSKEGwJZ+LZqD35ndHImr+uT35p6xHrNmOsgfMVhjHDWV/ShbbGogUJyWRdXrc3Kc7g8d/pEj020xFbmTYOCCBjRYrGZ0rkaJoj8F538U6i/mYvOg==
Received: from BL2NAM02FT033.eop-nam02.prod.protection.outlook.com (10.152.76.59) by BL2NAM02HT075.eop-nam02.prod.protection.outlook.com (10.152.76.95) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.841.10; Wed, 6 Jun 2018 04:37:21 +0000
Received: from BYAPR19MB2248.namprd19.prod.outlook.com (10.152.76.54) by BL2NAM02FT033.mail.protection.outlook.com (10.152.77.163) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.841.10 via Frontend Transport; Wed, 6 Jun 2018 04:37:21 +0000
Received: from BYAPR19MB2248.namprd19.prod.outlook.com ([fe80::c536:6718:b509:85cb]) by BYAPR19MB2248.namprd19.prod.outlook.com ([fe80::c536:6718:b509:85cb%4]) with mapi id 15.20.0820.015; Wed, 6 Jun 2018 04:37:21 +0000
From: Star Brilliant <m13253@hotmail.com>
To: "doh@ietf.org" <doh@ietf.org>
Thread-Topic: [Doh] [Ext] a tad confused on response sizes
Thread-Index: AQHT/NdXdt//5ho9S02KYza5xDwOp6RRtiwAgAAIrgCAAAVeAIAABIeAgAAO1QCAAAOGWIAADJIAgAAEt62AAAt4gIAAAOwYgAAkcACAAB0lgIAABGsAgABlzM8=
Date: Wed, 06 Jun 2018 04:37:21 +0000
Message-ID: <BYAPR19MB2248C54302A11BB5967F529994650@BYAPR19MB2248.namprd19.prod.outlook.com>
References: <20180605120510.GA29047@server.ds9a.nl> <CFEAAD6E-4F9D-4DB5-A362-21775D74F84A@icann.org> <alpine.DEB.2.11.1806051515510.1809@grey.csi.cam.ac.uk> <663E7B21-9107-4A2B-9DEB-E13475A4E5FF@icann.org> <alpine.DEB.2.11.1806051604150.1809@grey.csi.cam.ac.uk> <20180605152355.6tlbeqvt7luklwjl@nic.fr> <alpine.DEB.2.11.1806051710290.1809@grey.csi.cam.ac.uk> <BYAPR19MB22489BE90FE768BCB13BD40B94660@BYAPR19MB2248.namprd19.prod.outlook.com> <alpine.DEB.2.11.1806051759430.1809@grey.csi.cam.ac.uk> <BYAPR19MB2248B0ADD763FF82E8C6C2E194660@BYAPR19MB2248.namprd19.prod.outlook.com> <alpine.DEB.2.11.1806051908040.1809@grey.csi.cam.ac.uk> <BYAPR19MB22489076D7E7A6780F78CCF094660@BYAPR19MB2248.namprd19.prod.outlook.com> <alpine.DEB.2.11.1806052125170.1809@grey.csi.cam.ac.uk> <8CB4E291-95D8-4AC2-9CBA-84D54A6E93DA@icann.org>, <1FA8A1B3-82F9-4D1E-A555-C82A8E745B53@dotat.at>
In-Reply-To: <1FA8A1B3-82F9-4D1E-A555-C82A8E745B53@dotat.at>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
x-incomingtopheadermarker: OriginalChecksum:4C0CA6295C82EF8C654AC1EBB51804116ED5BDF393561344311FC1B839EEB7B7; UpperCasedChecksum:7580FC0A0C3C4805EA55ACA00D8D5C24C507563F72CC660FB9735095BDD1BB34; SizeAsReceived:8005; Count:46
x-ms-exchange-messagesentrepresentingtype: 1
x-tmn: [GDKV3R6zrLsEdKHRwKKAQOLdCgWvdH7ksOlNTJEGtiI4901M4T60dQ==]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; BL2NAM02HT075; 7:GbPdUwpbp7Lc42A+SPFuUIpN9M3lm4TFO7elRY3/+TpLRkNZ+xDVUVuL8Mk6n+F9jm6V9tsPEN85X7J7v4mZO/uubvlE0CS5rY/VjCx0SwcpxW8cti1ZXBXrOAcPjz8k/nGAZbztJ6Nj203c+bBE+kRdg9Q6b9rBcRQOCd6X6PB96REY6HOTZ1D1q4GRMzQJzXfbLYqQGxDV4wl5zyz+qdJBO4WUxkligoeUbB/Pm4LhwzV7WQG9hOXx+PRf5k1V
x-incomingheadercount: 46
x-eopattributedmessage: 0
x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(7020095)(201702061078)(5061506573)(5061507331)(1603103135)(2017031320274)(2017031324274)(2017031323274)(2017031322404)(1603101448)(1601125500)(1701031045); SRVR:BL2NAM02HT075;
x-ms-traffictypediagnostic: BL2NAM02HT075:
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(444000031); SRVR:BL2NAM02HT075; BCL:0; PCL:0; RULEID:; SRVR:BL2NAM02HT075;
x-forefront-prvs: 06952FC175
x-forefront-antispam-report: SFV:NSPM; SFS:(7070007)(52314003)(189003)(199004)(6436002)(229853002)(11346002)(8936002)(446003)(476003)(9686003)(5660300001)(486006)(53546011)(6506007)(73972006)(59450400001)(6916009)(6346003)(102836004)(5640700003)(99286004)(83332001)(1730700003)(76176011)(7696005)(86362001)(8676002)(2351001)(3660700001)(3280700002)(20460500001)(81156014)(104016004)(5890100001)(93886005)(14454004)(305945005)(74316002)(68736007)(33656002)(6246003)(25786009)(105586002)(2501003)(55016002)(5250100002)(46003)(82202002)(106356001)(2900100001)(97736004)(99936001)(87572001)(15852004)(42262002); DIR:OUT; SFP:1901; SCL:1; SRVR:BL2NAM02HT075; H:BYAPR19MB2248.namprd19.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords; MX:1; A:1; LANG:;
received-spf: None (protection.outlook.com: hotmail.com does not designate permitted sender hosts)
authentication-results: spf=none (sender IP is ) smtp.mailfrom=m13253@hotmail.com;
x-microsoft-antispam-message-info: X+LNSdCWfXGJVXlT/e0/AZqOKeR4Ji+zFOdw0348MIP/BIlf1pb5Nu7zhJfGJLsGK0K9Ah6ulsY3h+Ba/X6GIRSeg5u0rwOQza9UUf+Rj1A5lcHexjgESSLB+XmEsTA3dr+hQfjKYnHrTYcIbWhI1ea5y4Cxtt1KyYeu4Uyc4Wr5LIO36lZIOgHogW2tic9v
Content-Type: multipart/mixed; boundary="_002_BYAPR19MB2248C54302A11BB5967F529994650BYAPR19MB2248namp_"
MIME-Version: 1.0
X-MS-Office365-Filtering-Correlation-Id: 8ad40d1b-6376-4894-a39c-08d5cb673177
X-OriginatorOrg: hotmail.com
X-MS-Exchange-CrossTenant-RMS-PersistedConsumerOrg: c001924d-3e68-4f40-89c2-901a49278da7
X-MS-Exchange-CrossTenant-Network-Message-Id: 8ad40d1b-6376-4894-a39c-08d5cb673177
X-MS-Exchange-CrossTenant-rms-persistedconsumerorg: c001924d-3e68-4f40-89c2-901a49278da7
X-MS-Exchange-CrossTenant-originalarrivaltime: 06 Jun 2018 04:37:21.3896 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Internet
X-MS-Exchange-CrossTenant-id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BL2NAM02HT075
Archived-At: <https://mailarchive.ietf.org/arch/msg/doh/zFdwuzo_V-3ixdgcF8QHHeSGu2U>
Subject: Re: [Doh] [Ext] a tad confused on response sizes
X-BeenThere: doh@ietf.org
X-Mailman-Version: 2.1.26
Precedence: list
List-Id: DNS Over HTTPS <doh.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/doh>, <mailto:doh-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/doh/>
List-Post: <mailto:doh@ietf.org>
List-Help: <mailto:doh-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/doh>, <mailto:doh-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 06 Jun 2018 04:37:26 -0000

On Wed, Jun 6, 2018 at 6:26 AM Tony Finch <dot@dotat.at> wrote:
> In my experience this results in a SERVFAIL.

What is your "experience"? In my experience, Google does produce TC (see attachment picture).
In other words, even if the RFC is changed to "the DoH server never produces TC bit", your client should still be ready for a TC bit, simply because such implementations already exist.


>  RFC 2181 has a specific instruction not to do what you suggest:

RFC 2181 defines what a DNS server and a DNS client should do, *not a DoH server or client*.
A DoH server or client is not a DNS client or server, because it does not necessarily need to fully understand everything inside a DNS packet (although it can, for cache or whatever reason)

A DoH server *never* touches the TC bit, it's the buggy upstream DNS server that sets the TC bit on a TCP connection. (It's their fault, not DoH's.)
A DoH client *never* reads the TC bit, it just verbatim passes the response to the downstream DNS client. It's the downstream's responsibility to either drop or consume the response.

In your case, you don't have a downstream DNS client, then just imagine two modules in your code.
Anyway, whatever DoH does is not violating RFC 2181, as long as DoH does not touch the TC bit.


"Garbage in, garbage out."
If your network software can't consume garbage produced by others, you are out. (Hi Netscape!)
your software loses users and loses the competition. That's simple.


P.S. I'm not going to talk about this issue any more since I don't think the current specification is inappropriate. Also practice shows it is working.
And just for joke, I'm just too lazy to change the behavior of my software that some hundred people are already relying on. :-)