IETF Logo Mail Archive

Re: [dnsext] draft-mohan-dns-query-xml-00.txt

Paul Vixie <vixie@isc.org> Mon, 03 October 2011 18:38 UTC

Return-Path: <dnsext-bounces@ietf.org>
X-Original-To: namedroppers-archive-gleetwall6@lists.ietf.org
Delivered-To: ietfarch-namedroppers-archive-gleetwall6@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 885C821F8D4D; Mon, 3 Oct 2011 11:38:41 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=ietf.org; s=ietf1; t=1317667121; bh=ds0+h6wwH0hTyD8unmJKTn+FtIDV4qFwuDWUVymR4gg=; h=From:To:Date:References:In-Reply-To:MIME-Version:Message-Id: Subject:List-Id:List-Unsubscribe:List-Archive:List-Post:List-Help: List-Subscribe:Content-Type:Content-Transfer-Encoding:Sender; b=METyv5ef6tJqxJ1wx7RzsBnCgamsjlaLM0E3krhw0RDAtuRzMAM0VTrDURikT5JzU 8TWoKP6OEnuqe90St+x4B+onzZQKv6+GasVQE6IQcRg0yEpZj+Zq+m3pf/A+vigTHD 3UIXeRqzcEH1Cidf/ms30B7OJH2RCGMuO/4uNfBQ=
X-Original-To: dnsext@ietfa.amsl.com
Delivered-To: dnsext@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B05F021F8D4D for <dnsext@ietfa.amsl.com>; Mon, 3 Oct 2011 11:38:39 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ByJjrauAE4rs for <dnsext@ietfa.amsl.com>; Mon, 3 Oct 2011 11:38:39 -0700 (PDT)
Received: from nsa.vix.com (nsa.vix.com [IPv6:2001:4f8:3:30::3]) by ietfa.amsl.com (Postfix) with ESMTP id 3EC9121F8D2B for <dnsext@ietf.org>; Mon, 3 Oct 2011 11:38:39 -0700 (PDT)
Received: from nsa.vix.com (localhost [127.0.0.1]) by nsa.vix.com (Postfix) with ESMTP id 168B6A1058 for <dnsext@ietf.org>; Mon, 3 Oct 2011 18:41:42 +0000 (UTC) (envelope-from vixie@isc.org)
Received: from six.localnet (six.vix.com [IPv6:2001:4f8:3:30::2]) by nsa.vix.com (Postfix) with ESMTP id E4076A1021 for <dnsext@ietf.org>; Mon, 3 Oct 2011 18:41:41 +0000 (UTC) (envelope-from vixie@isc.org)
From: Paul Vixie <vixie@isc.org>
Organization: ISC
To: dnsext@ietf.org
Date: Mon, 3 Oct 2011 18:41:41 +0000
User-Agent: KMail/1.13.5 (FreeBSD/8.1-RELEASE; KDE/4.4.5; amd64; ; )
References: <CACU5sDnBx5AijEgFXKNPjtcVdtBnBJamsn-f_ye0Jm3TQq0mvw@mail.gmail.com> <201110031816.32959.vixie@isc.org> <EA70785432657FDF8A31D31C@nimrod.local>
In-Reply-To: <EA70785432657FDF8A31D31C@nimrod.local>
MIME-Version: 1.0
Message-Id: <201110031841.41629.vixie@isc.org>
X-Virus-Scanned: ClamAV using ClamSMTP
Subject: Re: [dnsext] draft-mohan-dns-query-xml-00.txt
X-BeenThere: dnsext@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: DNS Extensions working group discussion list <dnsext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsext>, <mailto:dnsext-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dnsext>
List-Post: <mailto:dnsext@ietf.org>
List-Help: <mailto:dnsext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsext>, <mailto:dnsext-request@ietf.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: dnsext-bounces@ietf.org
Errors-To: dnsext-bounces@ietf.org

On Monday, October 03, 2011 18:31:52 Alex Bligh wrote:
> I presume we could base64 encode POST data if we couldn't send it
> binary, whereas IIRC we couldn't do much more than hex encode GET URLs.

the ability to base64-encode POST data is part of the HTTP spec, so yes.  the 
response could also come back encoded that way.  this is supposed to be "just 
web traffic."

> So +1 for POST here, with body content as close to UDP message format
> as possible, save that we should surely be able to junk a pile of UDP
> restrictions (e.g. we can surely mandate EDNS, assume 'packet' size
> can 2^32 bytes, etc.). I presume we also don't need UDP headers etc.

i don't think we should overly constrain the message (like mandating EDNS) 
since this adds test cases to compliance suites and precludes future DNS 
protocol extensions that could be better than EDNS.

we would only include the DNS message, which UDP thinks of as a "payload";
not the transport or network headers.  also note, this isn't necessarily a 
tunneling protocol -- if it's used by a stub then there is no underlying UDP 
packet to pull anything from.  and where it is used as a tunneling protocol, 
the underlying DNS message could have arrived via TCP/53 or even HTTP.

paul
_______________________________________________
dnsext mailing list
dnsext@ietf.org
https://www.ietf.org/mailman/listinfo/dnsext

v2.8.7 | Report a Bug | By Email