Re: [DNSOP] The Larger Discussion on Differences in Response Drafts

william manning wrote: > > Now any v. Concurrent queries. To ensure the resolver gets all the RRs, But it doesn't want all the RRs, just the relevant ones. Tony. -- f.anthony.n.finch http://dotat.at/ - I xn--zr8h punycode Northwest Fitzroy, Sole:

Re: [DNSOP] The Larger Discussion on Differences in Response Drafts

Good thing refuse-any is just a draft then isn't it. Now any v. Concurrent queries. To ensure the resolver gets all the RRs, wouldn't you have to query for all defined RR types? Perhaps you want ALL instead of ANY? /Wm On Thursday, 25 August 2016, Tony Finch wrote: > Edward

Re: [DNSOP] The Larger Discussion on Differences in Response Drafts

Matthew Pounsett wrote: > > Also take for example the transition from not having HTTP SRV to having > it. One of the arguments against from the browser developer community is > the additional round trips. One of those extra round trips is the need to > request both the

Re: [DNSOP] The Larger Discussion on Differences in Response Drafts

Edward Lewis wrote: > The question I keep asking myself is: How is this different from a > client just hitting a server with all anticipated questions at one time? Me too :-) I can see an advantage to improving the case where the client can't predict all the questions

Re: [DNSOP] The Larger Discussion on Differences in Response Drafts

In message <99ce1d3e-18a0-42e6-949f-e78995afc...@icann.org>, Edward Lewis write s: > On 8/16/16, 08:57, "DNSOP on behalf of Tim Wicinski" on behalf of tjw.i...@gmail.com> wrote: > > I've only read briefly the drafts and see hints that issues I raise below > are still

Re: [DNSOP] The Larger Discussion on Differences in Response Drafts

On 8/19/16, 13:24, "william manning" wrote: >First off, I take exception to the use of the word "dangerous".  AXFR isn't >dangerous, it's just the best way to do the job.  If there are other query >types that are better (or only) can be done over TCP, then so be it. 

Re: [DNSOP] The Larger Discussion on Differences in Response Drafts

On 8/16/16, 08:57, "DNSOP on behalf of Tim Wicinski" wrote: I've only read briefly the drafts and see hints that issues I raise below are still lingering. There's no denying that there's a desire to solve "this". I keep in mind that

Re: [DNSOP] The Larger Discussion on Differences in Response Drafts

In message

Re: [DNSOP] The Larger Discussion on Differences in Response Drafts

Very interesting, so BIND already pushes records for the obvious optimisation cases. Did you do any research on how many clients use these records (thus don't follow up with an extra query) ? Perhaps it would be helpful to look at the it from different perspectives. As an authoritative DNS

Re: [DNSOP] The Larger Discussion on Differences in Response Drafts

Named returns associated * A/ records with MX lookups if available * A/ records with SRV lookups if available * SRV/A/ records with NAPTR lookups if available * A/ records with NAPTR lookups if available As of 9.11 named returns associated * A//TLSA records with MX lookups

Re: [DNSOP] The Larger Discussion on Differences in Response Drafts

On Thu, Aug 18, 2016 at 12:52 PM, Paul Hoffman wrote: > On 18 Aug 2016, at 11:29, Marek Vavruša wrote: > >> Or SRV. > > > I disagree that a user, when asking for a SRV record, doesn't know that it > is likely that they would want the results for the information that comes >

Re: [DNSOP] The Larger Discussion on Differences in Response Drafts

On 18 Aug 2016, at 11:29, Marek Vavruša wrote: Or SRV. I disagree that a user, when asking for a SRV record, doesn't know that it is likely that they would want the results for the information that comes back in the RDATA. These are cases where authoritative/resolver adding interesting

Re: [DNSOP] The Larger Discussion on Differences in Response Drafts

Or SRV. These are cases where authoritative/resolver adding interesting records as additionals works better. Authoritatives have been doing that with extra SOA/NS in authority for a while (for positive answers), but now resolvers can hardly use them if these records are not secure. Regardless of

Re: [DNSOP] The Larger Discussion on Differences in Response Drafts

>Are there QTYPEs that, when I ask for them, I won't know that I should >also ask for the related info? NAPTR ___ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop

Re: [DNSOP] The Larger Discussion on Differences in Response Drafts

On 18 Aug 2016, at 8:04, Matthew Pounsett wrote: On 18 August 2016 at 10:40, Paul Hoffman wrote: Are there QTYPEs that, when I ask for them, I won't know that I should also ask for the related info? Probably not. However, there may be owner names you don't know you

Re: [DNSOP] The Larger Discussion on Differences in Response Drafts

On 18 August 2016 at 10:40, Paul Hoffman wrote: > On 18 Aug 2016, at 7:19, Matthew Pounsett wrote: > > On 18 August 2016 at 01:33, william manning >> wrote: >> >> please help me get over the feeling that this argument is founded on the >>> same

Re: [DNSOP] The Larger Discussion on Differences in Response Drafts

On 18 Aug 2016, at 7:19, Matthew Pounsett wrote: On 18 August 2016 at 01:33, william manning wrote: please help me get over the feeling that this argument is founded on the same logic as that used by folks who "know" I might want, no NEED that extra bit of email

Re: [DNSOP] The Larger Discussion on Differences in Response Drafts

On 18 August 2016 at 01:33, william manning wrote: > please help me get over the feeling that this argument is founded on the > same logic as that used by folks who "know" I might want, no NEED that > extra bit of email in my inbox. As I read it, it sounds like DNS

Re: [DNSOP] The Larger Discussion on Differences in Response Drafts

please help me get over the feeling that this argument is founded on the same logic as that used by folks who "know" I might want, no NEED that extra bit of email in my inbox. As I read it, it sounds like DNS Server Spam being "PUSHED" to the Resolver who may or may not want the data. Please

Re: [DNSOP] The Larger Discussion on Differences in Response Drafts

Status Quo is good for ipv4 to ipv6 migration. Totally agree with william on PUSH/PULL. 1. Hotest internet service's RDATA always exists in recursive dns cache, PUSH is not speed up much except hit-miss. ( recursive -> authority ) 2. clients known what they want, PULL & prefething is Ockham's

Re: [DNSOP] The Larger Discussion on Differences in Response Drafts

On 16 August 2016 at 08:57, Tim Wicinski wrote: > All, > > > In Berlin we had two presentations on different methods of returning > multiple responses: > > https://datatracker.ietf.org/doc/draft-wkumari-dnsop-multiple-responses/ > >

Re: [DNSOP] The Larger Discussion on Differences in Response Drafts

On Tue, Aug 16, 2016 at 8:57 AM, Tim Wicinski wrote: > All, > > > In Berlin we had two presentations on different methods of returning > multiple responses: > > https://datatracker.ietf.org/doc/draft-wkumari-dnsop-multiple-responses/ > >

Re: [DNSOP] The Larger Discussion on Differences in Response Drafts

Hello, > From: Tim Wicinski > In Berlin we had two presentations on different methods of returning > multiple responses: > All of these documents are attempting to solve a larger problem in > different ways. > The end result is "Return Associated Answer" to the client. > >

Re: [DNSOP] The Larger Discussion on Differences in Response Drafts

from an attacker POV, I would strongly support PUSH, as it would increase DDoS effectiveness. The performance enhancement seems to be based on some presumptions about servers retaining residual knowledge of the resolver behaviours. PULL minimizes the attack surface. wrt cache coherence and delay,

Re: [DNSOP] The Larger Discussion on Differences in Response Drafts

my bad. I've been re-framed. Contextually, PUSH means (to me at least) 'do this promiscuously' and PULL means (to me at least) 'do this if asked' -which is not what I previously understood. In that case, I think PULL makes more sense: do this, if the client signals its what it wants. Otherwise,

Re: [DNSOP] The Larger Discussion on Differences in Response Drafts

On 16 Aug 2016, at 5:57, Tim Wicinski wrote: - Do we want to Server to PUSH any or all Associated Answers, or - Do we want the Client to PULL any or all Associated Answers, or - Do we want the Status Quo? Client pull, which is really just the client saying "if you have this, send it to me

Re: [DNSOP] The Larger Discussion on Differences in Response Drafts

On Tue, Aug 16, 2016 at 10:57 PM, Tim Wicinski wrote: > All of these documents are attempting to solve a larger problem in different > ways. The end result is "Return Associated Answer" to the client. > > The question is starting to coalesce around these two premises: > > -