[dns-operations] DNS Flag Day 2020 will become effective on 2020-10-01

[Fernando Gont]

Hi, Paul,

On 10/9/20 23:22, Paul Vixie wrote:
> 
> 
> Petr Špaček wrote on 2020-09-08 03:04:
>> Dear DNS people.
>>
>> We are happy to announce next step for DNS Flag Day 2020.
>>
>> Latest measurements indicate that practical breakage caused by the proposed change is tiny [1]. In other words we can conclude that the Internet is ready for the change.
> 
> from that study i conclude that the breakage caused by a larger default 
> bufsize than this so-called "flag day" proposes would be equally tiny.
> 
>> The long delayed DNS Flag Day will become effective on 2020-10-01 (October 1st 2020)!
> 
> i strongly recommend that this not be done.

I'm mostly an occasional lurker when it comes to this list, so I've 
never heard your arguments against it.

If you could summarize them or provide a reference to some post/text 
that summarizes them, I'd be grateful. (whether on- or off-list, since 
the point is to understand them, rather than re-hash the discussion).

Unless I'm missing something, fragmentation is pretty broken, 
particularly when it comes to IPv6 -- see e.g. the numbers in RFC7872.
The upcoming RFC8900 (https://www.rfc-editor.org/authors/rfc8900.txt) 
argues in the same direction.

Even over ten years ago there were already talks on how to deal with 
this problem, and the associated implications (e.g. 
https://www.gont.com.ar/talks/IETF76/fgont-ietf76-dnsext-tcp-security.pdf 
). -- Although I don't know where/how/why things got stuck.

Thanks!

Regards,
-- 
Fernando Gont
SI6 Networks
e-mail: fgont at si6networks.com
PGP Fingerprint: 6666 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492