> On 3 Jan 2018, at 1:33 pm, Geoff Huston <g...@apnic.net> wrote: > >> This answer doesn't seem to fully address Robert's and Ray's questions. Why >> use an A/AAAA query if you aren't going to do anything with the result? If >> you are going to use A/AAAA, you have to tell resolvers what to return in >> the results. Using a new RRtype would have clearer semantics. > > > The motivation behind this draft is to be able to perform a large scale > measurement of the readiness of users for a pending roll of the KSK, or the > measurement of the extent to which users are using a DNS environment that is > NOT ready for a KSK roll. > > Large scale user measurement is not easy - small scale measurements tend to > have a problem in measurement bias, so if we are looking for some random > selection mechanism that can measurement in the order of millions of sample > points each day then either one would need to place the test on a very > popular web site used across the entire Internet, or use online ads. > > In both cases the measurement uses a browser to perform the text, scripting > the test using HTML5. The simplest form of such a test is to GET a URL - if > the client contacts the http(s) server then as long as the DNS name is > suitably unique, we have a decent signal that the client’s DNS was able to > resolver the DNS name. But in a browser you cannot perform an arbitrary DNS > query - the DNS query made by the browser is the side-effect of a GET and > therefore the query is for an A or AAAA record. > > To keep things simple we look for the outcome of the DNS by implication: if > the client contacts the HTTP(s) server then we can infer that the client’s > DNS resolved correctly. >
I have been asked off-list the question: “Which HTTP(s) server are you referring to here?” At the risk of heading waaaay down potentially spurious ratholes here let me quickly explain what I meant. Within the structure of a browser-based scripted test, such as you might find in an online ad script, the common operation within the script is to perform a GET of a URL. A common approach in measurements of this form is to direct all the GET operations to a server that is part of the experiment rig. That way you don;t need the client running the measurement script to report its own results - the results can be constructed from analysis of the logs of the HTTP(s) servers. An examination of the HTTP log files can reveal which URL name was used to retrieve a named URL web object, and if the experiment is careful to present a uniquely-named DNS name within each URL, then the URL names collected by the experiment’s servers can infer which clients were able to successfully resolve the corresponding DNS names. _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
