I am less sure the UDP/TCP thing reduces to "no" I see no reason any more to assume session cost is too high for a globally deployed DNS.
I suspect what DNSOPS and a hypothetical directorate thinks about DNS is less impactful (sorry, hate that word) than what embeds in Android devices. de-facto, the world runs on session mediated services. BGP has a session. QUIC is a session with IP address agility. DNS over HTTthing is a session. So there is no necessary end to simple UDP dns, but I suspect over time, most "edge" DNS queries by volume and device, will move to another protocol layer. In email, we used to behave like SMTP was all there was (the ironies, given how many sendmail configs drove DECnet or UUCP or ACSnet or BITNET mail..) We now recognise MTA, MUA, MDA and we live with SMTP/TLS IMAP and POP. Oh, and gmail... On Tue, Aug 21, 2018 at 4:08 AM, Paul Vixie <p...@redbarn.org> wrote: > > > Andrew Sullivan wrote: > .... >> >> >> I guess, therefore, I want to ask whether long-standing assumptions >> about the DNS are still true: >> >> • Is the stub::full-service resolver::auth server model just over? > > > no. > >> • Do we think resolution context needs signal? If so, how? > > > yes. DTLS or DOT or DNS Cookies should be the norm, to provide session > context, and make spoofing of responses or of request IP addresses less > trivial. > >> • Is the age of the stub coming to an end? > > > no. > >> • Do we need something like "submission port for DNS", so that >> large concentrated systems can protect themselves and still >> provide service to important resolvers? > > > no. > >> • Does TCP need to become the norm (particularly for the above use >> case)? > > > no. > >> • How can we explain these changes to others working on network >> systems? > > > better documents. it's rare any more to separate concepts and facilities > from the specification itself. that should be common. > >> • Do we have an appropriate venue to discuss these issues, on the >> presumption that they're not really operations issues? > > > no. right now DNS is whatever anybody wants it to be. for example, ECS. > there is no way to say, "this is a bad idea, and won't be standardized." > there cannot be a way to do this, inside the ietf as it is. last time this > was done it was by a "DNS Directorate" put together for that sole purpose, > and it was extremely controversial -- won't scale. > > -- > P Vixie > > > _______________________________________________ > DNSOP mailing list > DNSOP@ietf.org > https://www.ietf.org/mailman/listinfo/dnsop _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
