Return-Path: <owner-namedroppers@ops.ietf.org>
X-Original-To: ietfarch-namedroppers-archive-gleetwall6@core3.amsl.com
Delivered-To: ietfarch-namedroppers-archive-gleetwall6@core3.amsl.com
Received: from localhost (localhost [127.0.0.1])
 by core3.amsl.com (Postfix) with ESMTP id A567F3A6808;
 Mon, 21 Jul 2008 14:36:39 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.199
X-Spam-Level: 
X-Spam-Status: No, score=-3.199 tagged_above=-999 required=5 tests=[AWL=0.100, 
 BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_UK=1.749, 
 RCVD_IN_DNSWL_MED=-4, RDNS_NONE=0.1]
Received: from mail.ietf.org ([64.170.98.32])
 by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id EMP0z57EgpzB; Mon, 21 Jul 2008 14:36:38 -0700 (PDT)
Received: from psg.com (psg.com [IPv6:2001:418:1::62])
 by core3.amsl.com (Postfix) with ESMTP id 82D113A67F2;
 Mon, 21 Jul 2008 14:36:38 -0700 (PDT)
Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD))
 (envelope-from <owner-namedroppers@ops.ietf.org>) id 1KL30E-000Ob1-0S
 for namedroppers-data@psg.com; Mon, 21 Jul 2008 21:33:06 +0000
Received: from [213.248.199.23] (helo=mx3.nominet.org.uk)
 by psg.com with esmtp (Exim 4.69 (FreeBSD))
 (envelope-from <roy@nominet.org.uk>) id 1KL309-000OaU-VK
 for namedroppers@ops.ietf.org; Mon, 21 Jul 2008 21:33:04 +0000
DomainKey-Signature: s=main.dk.nominet.selector; d=nominet.org.uk; c=nofws;
 q=dns; 
 h=X-IronPort-AV:Received:In-Reply-To:References:To:Cc:
 Subject:MIME-Version:X-Mailer:Message-ID:From:Date:
 X-MIMETrack:Content-Type;
 b=UF6ABhoZdXVPUTOBz3MEmQvsUGeTFwPCS/z16u2ZXMocTLIxOmObmAwi
 Yg1kzFnKeQEn3d3uQIq1NRT2x/IoBeYLd5MCCf+03VoKWYIA0gyvlyYH7
 bpD9E/2sbvdm2yv;
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple;
 d=nominet.org.uk; i=roy@nominet.org.uk; q=dns/txt;
 s=main.dkim.nominet.selector; t=1216675982; x=1248211982;
 h=from:sender:reply-to:subject:date:message-id:to:cc:
 mime-version:content-transfer-encoding:content-id:
 content-description:resent-date:resent-from:resent-sender:
 resent-to:resent-cc:resent-message-id:in-reply-to:
 references:list-id:list-help:list-unsubscribe:
 list-subscribe:list-post:list-owner:list-archive;
 z=From:=20"Roy=20Arends"=20<roy@nominet.org.uk>|Subject:
 =20Re:=20increasing=20DNS=20message=20entropy,=20a=20solu
 tion=20for=20NATs|Date:=20Mon,=2021=20Jul=202008=2023:32:
 44=20+0200|Message-ID:=20<OF9C39C0E6.427EAAD8-ON8025748D.
 007648EF-C125748D.00765B21@nominet.org.uk>|To:=20Joe=20Ab
 ley=20<jabley@ca.afilias.info>|Cc:=20Alessandro.Linari@no
 minet.org.uk,=0D=0A=09Alex=20Bligh=20<alex@alex.org.uk>,
 =0D=0A=09namedroppers@ops.ietf.org|MIME-Version:=201.0
 |In-Reply-To:=20<B66AEB39-C12F-4CF5-A3E8-46651B982F1E@ca.
 afilias.info>|References:=20<OF6B63EC19.5E0A6D58-ON802574
 8D.003A54A9-C125748D.003E1133@nominet.org.uk>=20=20<E4C60
 1CA-7E9F-404F-B5FB-8F9B3AA53044@ca.afilias.info>=20<OF6B9
 0888C.498EE25C-ON8025748D.0070B825-C125748D.0071405C@nomi
 net.org.uk>=20<E6AACBEFB62DA241DD07841C@Ximines.local>=20
 <OF3E005C60.17A176BF-ON8025748D.0073F0B5-C125748D.007443D
 A@nominet.org.uk>=20<B66AEB39-C12F-4CF5-A3E8-46651B982F1E
 @ca.afilias.info>;
 bh=xrmT3ti46M52WkNwCTmSfIyyDQ199N38WXm/B+VWs3Q=;
 b=obLTKyNCqd8mMHQ//kwc8+NicXm9UBfix0WF9+BeXohm7BA5H5kmyJFg
 0JoDD+HYGBF0EOSBDxti7bmqDhyG72zqpPyi6BCxXoG+VxgtBIVsPhvam
 5Vv4b5qKr7gjHm2;
X-IronPort-AV: E=Sophos;i="4.31,225,1215385200"; 
   d="scan'208";a="5315977"
Received: from notes1.nominet.org.uk ([213.248.197.128])
 by mx3.nominet.org.uk with ESMTP; 21 Jul 2008 22:32:47 +0100
In-Reply-To: <B66AEB39-C12F-4CF5-A3E8-46651B982F1E@ca.afilias.info>
References: <OF6B63EC19.5E0A6D58-ON8025748D.003A54A9-C125748D.003E1133@nominet.org.uk>
 <E4C601CA-7E9F-404F-B5FB-8F9B3AA53044@ca.afilias.info>
 <OF6B90888C.498EE25C-ON8025748D.0070B825-C125748D.0071405C@nominet.org.uk>
 <E6AACBEFB62DA241DD07841C@Ximines.local>
 <OF3E005C60.17A176BF-ON8025748D.0073F0B5-C125748D.007443DA@nominet.org.uk>
 <B66AEB39-C12F-4CF5-A3E8-46651B982F1E@ca.afilias.info>
To: Joe Abley <jabley@ca.afilias.info>
Cc: Alessandro.Linari@nominet.org.uk, Alex Bligh <alex@alex.org.uk>,
 namedroppers@ops.ietf.org
Subject: Re: increasing DNS message entropy, a solution for NATs
MIME-Version: 1.0
X-Mailer: Lotus Notes Build VMac_Beta85_20080115_MM2 January 15, 2008
Message-ID: <OF9C39C0E6.427EAAD8-ON8025748D.007648EF-C125748D.00765B21@nominet.org.uk>
From: "Roy Arends" <roy@nominet.org.uk>
Date: Mon, 21 Jul 2008 23:32:44 +0200
X-MIMETrack: Serialize by Router on notes1/Nominet(Release 7.0.1FP1 | May 25,
 2006) at 21/07/2008 10:32:47 PM,
 Serialize complete at 21/07/2008 10:32:47 PM
Content-Type: text/plain; charset="US-ASCII"
Sender: owner-namedroppers@ops.ietf.org
Precedence: bulk
List-ID: <namedroppers.ops.ietf.org>

Joe Abley <jabley@ca.afilias.info> wrote on 07/21/2008 11:16:07 PM:

> On 21 Jul 2008, at 17:09, Roy Arends wrote:
> 
> > At a single point in time,
> 
> There is no single point of time to do two things, in practice (at 
> least, in general).

Joe, you're splitting hairs here.

> > issue two queries with the same question
> > section. For more entropy, randomize everything else: source address,
> > destination address, query ID, source port.
> 
> So, considering there are well-documented examples of TLD, root, and 
> other DNS infrastructure which will, by design, respond with different 
> answers to these two queries, what conclusions should such a resolver 
> draw from the observed incoherence?

if different, use either, cache neither.

Roy


--
to unsubscribe send a message to namedroppers-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://ops.ietf.org/lists/namedroppers/>