Hello Ashu,
Thanks for the review - responses as follows: (sorry for the crappy style, this
is from mobile)
- First point: the keywords here are 'if a Responder detects'... Which means
that if it's unaware of the option or elects to not check it, it doesn't need
to respond with a FORMERR. But if it does check the option, it MUST respond
with an formerr.
- Proxies: as far as I understand, EDNS is always hop to hop. So both legs of a
proxy could process the option independently. A recursor might want to do
padding downstream to stub resolvers, but might not pad upstream to Auth
servers.
- One option: I believe this is correct, but I'm happy to be learn more? EDNS
options can be used several times in a single opt RR record, so thistext
restricts the padding option use to a single occurrence.
- padding MUST NOT be done if that wounded to truncation. I believe this is
stated indirectly in the draft already. Do you feel this should be expressed
differently?
Thanks again for the review!
Alex
---- Kumar Ashutosh schrieb ----
><!-- /* Font Definitions */ @font-face {font-family:Wingdings;
>panose-1:5 0 0 0 0 0 0 0 0 0;} @font-face {font-family:"Cambria Math";
> panose-1:2 4 5 3 5 4 6 3 2 4;} @font-face {font-family:Calibri;
>panose-1:2 15 5 2 2 2 4 3 2 4;} /* Style Definitions */ p.MsoNormal,
>li.MsoNormal, div.MsoNormal {margin:0in; margin-bottom:.0001pt;
>font-size:12.0pt; font-family:"Times New Roman",serif;} a:link,
>span.MsoHyperlink {mso-style-priority:99; color:blue;
>text-decoration:underline;} a:visited, span.MsoHyperlinkFollowed
>{mso-style-priority:99; color:purple; text-decoration:underline;} p
> {mso-style-priority:99; mso-margin-top-alt:auto;
>margin-right:0in; mso-margin-bottom-alt:auto; margin-left:0in;
> font-size:12.0pt; font-family:"Times New Roman",serif;}
>p.MsoListParagraph, li.MsoListParagraph, div.MsoListParagraph
>{mso-style-priority:34; margin-top:0in; margin-right:0in;
> margin-bottom:0in; margin-left:.5in; margin-bottom:.0001pt;
>font-size:12.0pt; font-family:"Times New Roman",serif;} p.msonormal0,
>li.msonormal0, div.msonormal0 {mso-style-name:msonormal;
>mso-margin-top-alt:auto; margin-right:0in;
>mso-margin-bottom-alt:auto; margin-left:0in; font-size:12.0pt;
> font-family:"Times New Roman",serif;} span.EmailStyle19
>{mso-style-type:personal-reply; font-family:"Calibri",sans-serif;
> color:#1F497D;} .MsoChpDefault {mso-style-type:export-only;} @page
>WordSection1 {size:8.5in 11.0in; margin:1.0in 1.0in 1.0in 1.0in;}
>div.WordSection1 {page:WordSection1;} /* List Definitions */ @list l0
>{mso-list-id:2103380202; mso-list-type:hybrid;
>mso-list-template-ids:569944682 1392397606 67698691 67698693 67698689 67698691
>67698693 67698689 67698691 67698693;} @list l0:level1
>{mso-level-start-at:0; mso-level-number-format:bullet;
>mso-level-text:; mso-level-tab-stop:none;
>mso-level-number-position:left; margin-left:.75in;
>text-indent:-.25in; font-family:Wingdings;
>mso-fareast-font-family:Calibri; mso-bidi-font-family:"Times New
>Roman";} @list l0:level2 {mso-level-number-format:bullet;
>mso-level-text:o; mso-level-tab-stop:none;
>mso-level-number-position:left; margin-left:1.25in;
>text-indent:-.25in; font-family:"Courier New";} @list l0:level3
>{mso-level-number-format:bullet; mso-level-text:;
>mso-level-tab-stop:none; mso-level-number-position:left;
>margin-left:1.75in; text-indent:-.25in; font-family:Wingdings;} @list
>l0:level4 {mso-level-number-format:bullet; mso-level-text:;
> mso-level-tab-stop:none; mso-level-number-position:left;
>margin-left:2.25in; text-indent:-.25in; font-family:Symbol;} @list
>l0:level5 {mso-level-number-format:bullet; mso-level-text:o;
>mso-level-tab-stop:none; mso-level-number-position:left;
>margin-left:2.75in; text-indent:-.25in; font-family:"Courier New";}
>@list l0:level6 {mso-level-number-format:bullet; mso-level-text:;
> mso-level-tab-stop:none; mso-level-number-position:left;
>margin-left:3.25in; text-indent:-.25in; font-family:Wingdings;} @list
>l0:level7 {mso-level-number-format:bullet; mso-level-text:;
> mso-level-tab-stop:none; mso-level-number-position:left;
>margin-left:3.75in; text-indent:-.25in; font-family:Symbol;} @list
>l0:level8 {mso-level-number-format:bullet; mso-level-text:o;
>mso-level-tab-stop:none; mso-level-number-position:left;
>margin-left:4.25in; text-indent:-.25in; font-family:"Courier New";}
>@list l0:level9 {mso-level-number-format:bullet; mso-level-text:;
> mso-level-tab-stop:none; mso-level-number-position:left;
>margin-left:4.75in; text-indent:-.25in; font-family:Wingdings;} ol
> {margin-bottom:0in;} ul {margin-bottom:0in;} -->
>
>Hi
>
>I reviewed the draft and here are a few comments:
>
>“The PADDING octects MUST be set to 0x00. If a Responder detects non-
>
> 0x00 octects in the padding of a query, a FORMERR (RCODE=1) MUST be
>
> returned.”
>
>è Is MUST necessary here? There might be existing responders that may be
>agnostic to this and not parse this option code. They may not return Formerr.
>For quick adoption changing this to SHOULD or providing option to ignore this
>will be useful.
>
>è What is the guidance for the proxy systems used in front of DNS servers
>(load balancer or traffic managers)? Should they be validating this option for
>correctness or be plain tunnels?
>
>è What if the packet does not have space to pad? Do we have a Padding option
>with length 0? Or we truncate messages?
>
>
>
>The 'Padding'
>
> option MUST occur at most once per OPT meta-RR.
>
>è Is not there only one OPT RR per packet? There can be multiple option IDs
>but RR is only one. Just checking if the statement above is semantically
>correct.
>
>
>
>Also, +1 for approval
>
>Thanks
>
>Ashu
>
>Microsoft
>
>
>
>From: dns-privacy [mailto:[email protected]] On Behalf Of Alex
>Mayrhofer
>Sent: Thursday, November 5, 2015 9:21 AM
>To: [email protected]; Tim WIcinski <[email protected]>
>Subject: Re: [dns-privacy] Call for Adoption: draft-mayrhofer-edns0-padding
>
>
>
>I've submitted a -00 WG version of the draft, which is now pending WG Chairs
>approval.
>
>Hope I got everything right, since the draft was edited from a phone onboard a
>ferry with crappy wifi and while coloring a pirates book with a 3yo ;-)
>
>Alex
>
>
>
>---- Tim Wicinski schrieb ----
>
>
>During the meeting on Monday, it was obvious the Working Group wanted to
>make this an official EDNS option. We reached out to the author and
>while he is traveling for an extended period of time, he is happy to
>work on edits (with a small delay built in, but nothing this impatient
>chair finds too onerous).
>
>This starts a Call for Adoption fordraft-mayrhofer-edns0-padding
>
>The draft is available here:
>https://datatracker.ietf.org/doc/draft-mayrhofer-edns0-padding/
>
>Please review this draft to see if you think it is suitable for adoption
>by DPRIVE, and comments to the list, clearly stating your view.
>
>Please also indicate if you are willing to contribute text, review, etc.
>
>This call for adoption ends 17 November, 2015 12:00 UTC
>
>Thanks,
>tim wicinski
>
>_______________________________________________
>dns-privacy mailing list
>[email protected]
>https://www.ietf.org/mailman/listinfo/dns-privacy
>
_______________________________________________
dns-privacy mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dns-privacy
