IETF Logo Mail Archive

Re: deprecating dangerous bit patterns and non-TC non-AXFR

Mohsen Souissi <mohsen.souissi@nic.fr> Thu, 21 August 2008 17:22 UTC

Return-Path: <owner-namedroppers@ops.ietf.org>
X-Original-To: ietfarch-namedroppers-archive-gleetwall6@core3.amsl.com
Delivered-To: ietfarch-namedroppers-archive-gleetwall6@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id BD58B3A6A94; Thu, 21 Aug 2008 10:22:21 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.698
X-Spam-Level:
X-Spam-Status: No, score=-4.698 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_EQ_FR=0.35, RCVD_IN_DNSWL_MED=-4, RDNS_NONE=0.1]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ejpVAaFWqFN9; Thu, 21 Aug 2008 10:22:20 -0700 (PDT)
Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id 6462C3A69D1; Thu, 21 Aug 2008 10:22:20 -0700 (PDT)
Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from <owner-namedroppers@ops.ietf.org>) id 1KWDlt-000310-7d for namedroppers-data@psg.com; Thu, 21 Aug 2008 17:16:29 +0000
Received: from [192.134.4.11] (helo=mx2.nic.fr) by psg.com with esmtp (Exim 4.69 (FreeBSD)) (envelope-from <mohsen.souissi@nic.fr>) id 1KWDlo-00030L-UV for namedroppers@ops.ietf.org; Thu, 21 Aug 2008 17:16:27 +0000
Received: from mx2.nic.fr (localhost [127.0.0.1]) by mx2.nic.fr (Postfix) with SMTP id DDD031C0134; Thu, 21 Aug 2008 19:16:21 +0200 (CEST)
Received: from relay2.nic.fr (relay2.nic.fr [192.134.4.163]) by mx2.nic.fr (Postfix) with ESMTP id D80E41C012F; Thu, 21 Aug 2008 19:16:21 +0200 (CEST)
Received: from kerkenna.nic.fr (kerkenna.nic.fr [192.134.4.98]) by relay2.nic.fr (Postfix) with ESMTP id CC8307B0052; Thu, 21 Aug 2008 19:16:21 +0200 (CEST)
Received: from kerkenna.nic.fr (localhost [127.0.0.1]) by kerkenna.nic.fr (8.13.8/8.13.8) with ESMTP id m7LHGK87074754; Thu, 21 Aug 2008 19:16:21 +0200 (CEST) (envelope-from souissi@kerkenna.nic.fr)
Received: (from souissi@localhost) by kerkenna.nic.fr (8.13.8/8.13.8/Submit) id m7LHGJJW074753; Thu, 21 Aug 2008 19:16:19 +0200 (CEST) (envelope-from souissi)
Date: Thu, 21 Aug 2008 19:16:19 +0200
From: Mohsen Souissi <mohsen.souissi@nic.fr>
To: Paul Vixie <vixie@vix.com>
Cc: namedroppers@ops.ietf.org
Subject: Re: deprecating dangerous bit patterns and non-TC non-AXFR
Message-ID: <20080821171619.GA68008@kerkenna.nic.fr>
References: <g3od3qnuy1.fsf@nsa.vix.com> <82myj85dt4.fsf@mid.bfk.de> <72546.1219243301@nsa.vix.com> <82bpzn3etu.fsf@mid.bfk.de> <81795.1219246023@nsa.vix.com> <20080820172800.GF95996@kerkenna.nic.fr> <56470.1219266519@nsa.vix.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
In-Reply-To: <56470.1219266519@nsa.vix.com>
User-Agent: Mutt/1.4.2.3i
Sender: owner-namedroppers@ops.ietf.org
Precedence: bulk
List-ID: <namedroppers.ops.ietf.org>

 On 20 Aug, Paul Vixie wrote:

 | i worry about
 | <http://tools.ietf.org/html/draft-heffner-frag-harmful-02> and
 | <http://tools.ietf.org/html/rfc4963>.  i mention the
 | earlier-than-final draft because its title was "Fragmentation
 | Considered Very Harmful" which was a play on WRL-87-3
 | "Fragmentation Considered Harmful" (Kent and Mogul, DECWRL 1987).
 | BIND has had to implement all kinds of fallbacks in its EDNS0
 | support due to firewalls that don't allow fragments or which do the
 | wrong thing with them.  i am therefore not as convinced today as i
 | was in RFC 2671 that fragmentation is a reasonable way to expand
 | the DNS message size beyond 512 octets.

==> Hmm, I can see. Otoh, nobody could imagine at that time (and even
10 years ago) how the network-layer would become complex and its
components (often) misbehaving (magic combination of NATs, Firewalls, Load
Balancers...). So don't blame yourself ;-)


[...]

 | there is work going on in this WG to make EDNS0 mandatory.  that will have
 | an impact far broader than what we say to eachother in the forum itself.
 | as you yourself point out:
 | 
 | > 2) It is directly related to the discussion which took place on dnsext ml
 | > while editing dns-protocol-profile:
 | > http://www.ops.ietf.org/lists/namedroppers/namedroppers.2008/msg00037.html
 | > (see section 4.2.2).
 | > 
 | > The I-D expired on Jul 22nd, a copy is available here:
 | > http://ietfreport.isoc.org/idref/draft-ietf-dnsext-dns-protocol-profile/
 | > 
 | > This I-D should be recycled in the near future as I understood from last
 | > dnsext session @ IETF. And then, the result of the current debate may be
 | > helpful for people in charge of editing next version
 | > dns-protocol-profile...
 | > 
 | > Mohsen.
 | 
 | it's possible that you (mohsen) should volunteer to the WG chairs to help
 | edit that document, since i believe its current authors are overcommitted.

==> During IETF@Dublin, Ólafur discussed that matter with the editors
(and maybe others). Stéphane Bortzmeyer (a colleague of mine) was
among them and committed with some others to taking again that task
before next IETF. Hope it will efficiently move forward by then.

Mohsen.


--
to unsubscribe send a message to namedroppers-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://ops.ietf.org/lists/namedroppers/>

v2.23.0 | Report a Bug | By Email