Re: Last Call: <draft-ietf-dnsop-refuse-any-07.txt> (Providing Minimal-Sized Responses to DNS Queries that have QTYPE=ANY) to Proposed Standard
Ólafur Guðmundsson <olafur@cloudflare.com> Tue, 21 August 2018 16:56 UTC
Return-Path: <olafur@cloudflare.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6EB6B130F0D for <ietf@ietfa.amsl.com>; Tue, 21 Aug 2018 09:56:22 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.03
X-Spam-Level:
X-Spam-Status: No, score=-1.03 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FROM_EXCESS_BASE64=0.979, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, T_DKIMWL_WL_HIGH=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cloudflare.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id WqXoZ9_dlkIG for <ietf@ietfa.amsl.com>; Tue, 21 Aug 2018 09:56:19 -0700 (PDT)
Received: from mail-wr1-x444.google.com (mail-wr1-x444.google.com [IPv6:2a00:1450:4864:20::444]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 56045130DBE for <ietf@ietf.org>; Tue, 21 Aug 2018 09:56:19 -0700 (PDT)
Received: by mail-wr1-x444.google.com with SMTP id m27-v6so10217732wrf.3 for <ietf@ietf.org>; Tue, 21 Aug 2018 09:56:19 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cloudflare.com; s=google; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=9Bly9MfPAdr8erG9RTiKdijKnvVFG3yRULdCD18o968=; b=FH/cNNNwolbnbN9/QdxlYTvQU5QWBznDTv49iWov6scKc08Se+zSl/wfYBhWRlTmTP 2ljrPIg8BEoZrp10CMfpRwxjbtM7/DBSGylBcF8jMIdSok7xp8shN8OP+bc7S+H6eSyr iqFWxr2QZXQJtIaTQNKwQYM839RTGMTP8jAxQ=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=9Bly9MfPAdr8erG9RTiKdijKnvVFG3yRULdCD18o968=; b=TujbtGSFsHPo0HQf/ia6HkcONZ4AJ7JMFGIPPSZHZchhZ3MFyqet6E1tyZTqqnpiYs 1+DbeCX5ksHfj87yDmECEjeYUBKyuFk3y77tTb7JBHEAmOG9wQMGNXr2bsTFD1cQcDa4 ONEUvibZflUlax8jvWbAjk4IyLKP4BNDyf+QPoprJ+VDJpJw1s4nW6mwfW17jxZ4rAes earSdX/QOTqpDwKuXoI54leJYCbrtfJXtqYuN2xV81KFV22TjFsfCUeceEP3k1C5LXBm trl2nKIiNch5e0uCI9clPyLL+a7TPQBVMYAwcnnO49NsRbiHM52y8Pn//xhoTbCLuHSc dcGA==
X-Gm-Message-State: AOUpUlFHFQaRYx3Dq6l9V60WZfCsxx5OQ4QR03n8q/nsulDmWfnm3oG2 TFz2//aTQSzOPK56f7Qf8vgtuwYAPbNMI1ka1dU1qQ==
X-Google-Smtp-Source: AA+uWPyECpjwcEZn7iZvsuaEkkQCkWvXnoCf7GAAjzkijAi6yBr/fGkwEVm45nFOkPG5+xBE299DQ30wUb9UJ1dgP+k=
X-Received: by 2002:a5d:6892:: with SMTP id h18-v6mr32369811wru.108.1534870577778; Tue, 21 Aug 2018 09:56:17 -0700 (PDT)
MIME-Version: 1.0
Received: by 2002:adf:e451:0:0:0:0:0 with HTTP; Tue, 21 Aug 2018 09:56:17 -0700 (PDT)
In-Reply-To: <CA+9kkMCp3e8SPwLdFHjDjPWRPrNMwdO8SqtGA1Zfm=GBTBjaPA@mail.gmail.com>
References: <153486715184.9380.13157158969854115906.idtracker@ietfa.amsl.com> <CA+9kkMCp3e8SPwLdFHjDjPWRPrNMwdO8SqtGA1Zfm=GBTBjaPA@mail.gmail.com>
From: Ólafur Guðmundsson <olafur@cloudflare.com>
Date: Tue, 21 Aug 2018 12:56:17 -0400
Message-ID: <CAN6NTqyD4AOSHXWB1GMmFbEwuP9h2Q0Q7JN7=EWxojnzbey8gA@mail.gmail.com>
Subject: Re: Last Call: <draft-ietf-dnsop-refuse-any-07.txt> (Providing Minimal-Sized Responses to DNS Queries that have QTYPE=ANY) to Proposed Standard
To: Ted Hardie <ted.ietf@gmail.com>
Cc: IETF <ietf@ietf.org>, draft-ietf-dnsop-refuse-any@ietf.org, dnsop <dnsop@ietf.org>, dnsop-chairs <dnsop-chairs@ietf.org>
Content-Type: multipart/alternative; boundary="00000000000090b19b0573f4e735"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf/F3TSARqb-ha11_P56zM_QomJYWU>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.27
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 21 Aug 2018 16:56:22 -0000
Ted, Would it be acceptable to just do s/TCP/Connection oriented Transport/ Olafur On Tue, Aug 21, 2018 at 12:48 PM, Ted Hardie <ted.ietf@gmail.com> wrote: > Howdy, > > I note that section 4.4 calls out TCP transport and says this: > > 4.4. Behaviour with TCP Transport > > A DNS responder MAY behave differently when processing ANY queries > received over different transport, e.g. by providing a conventional > ANY response over TCP whilst using one of the other mechanisms > specified in this document in the case where a query was received > using UDP. > > Implementers SHOULD provide configuration options to allow operators > to specify different behaviour over UDP and TCP. > > Given that we now have multiple available transports for the DNS (TLS, > DTLS, HTTPS), it may be worth generalizing the heading and updating the > text to handle those cases. I suspect that involves a bit more work than > just adding the transport names to the paragraph, unfortunately. All of > the newer transports provide return routability, which means, as for TCP, > that ANY doesn't create DNS amplification for them. But they also have > other characteristics (e.g. channel confidentiality and/or additional > caching layers) that may make for other decision points. Some text on that > would be useful, at least in my opinion. > > regards, > > Ted Hardie > > On Tue, Aug 21, 2018 at 8:59 AM, The IESG <iesg-secretary@ietf.org> wrote: > >> >> The IESG has received a request from the Domain Name System Operations WG >> (dnsop) to consider the following document: - 'Providing Minimal-Sized >> Responses to DNS Queries that have QTYPE=ANY' >> <draft-ietf-dnsop-refuse-any-07.txt> as Proposed Standard >> >> The IESG plans to make a decision in the next few weeks, and solicits >> final >> comments on this action. Please send substantive comments to the >> ietf@ietf.org mailing lists by 2018-09-04. Exceptionally, comments may be >> sent to iesg@ietf.org instead. In either case, please retain the >> beginning of >> the Subject line to allow automated sorting. >> >> Abstract >> >> >> The Domain Name System (DNS) specifies a query type (QTYPE) "ANY". >> The operator of an authoritative DNS server might choose not to >> respond to such queries for reasons of local policy, motivated by >> security, performance or other reasons. >> >> The DNS specification does not include specific guidance for the >> behaviour of DNS servers or clients in this situation. This document >> aims to provide such guidance. >> >> This document updates RFC 1034 and RFC 1035. >> >> >> >> >> The file can be obtained via >> https://datatracker.ietf.org/doc/draft-ietf-dnsop-refuse-any/ >> >> IESG discussion can be tracked via >> https://datatracker.ietf.org/doc/draft-ietf-dnsop-refuse-any/ballot/ >> >> >> No IPR declarations have been submitted directly on this I-D. >> >> >> >> >> > -- Ólafur Gudmundsson | Engineering Director www.cloudflare.com blog.cloudflare.com
- Re: Last Call: <draft-ietf-dnsop-refuse-any-07.tx… Ted Hardie
- Re: Last Call: <draft-ietf-dnsop-refuse-any-07.tx… Ólafur Guðmundsson
- Re: [DNSOP] Last Call: <draft-ietf-dnsop-refuse-a… Paul Wouters
- Re: [DNSOP] Last Call: <draft-ietf-dnsop-refuse-a… Ted Hardie
- Re: [DNSOP] Last Call: <draft-ietf-dnsop-refuse-a… Bob Harold
- Re: [DNSOP] Last Call: <draft-ietf-dnsop-refuse-a… Tony Finch