[NCAP-Discuss] FINAL REVIEW: NCAP Public Comment responses

rubensk at nic.br rubensk at nic.br
Mon May 9 20:01:37 UTC 2022 

The answer as currently written mistakes collisions for collision analysis. QNM makes no change whatsoever to the collisions phenomena, which starts at the originator environment.

To the contrary, the more centralized recursive servers people use, the less collisions they face. And since there is a positive correlation between usage of centralized recursive and QNM adoption, it's possible and likely that QNM is correlated to less collisions (although not being any causal relation).

Also, even for analysis, QNM is an issue for passive analysis only. Ads-based or server-based active analysis have access to effective hostname being queried or being accessed.


Rubens



> On 9 May 2022, at 16:18, Thomas, Matthew via NCAP-Discuss <ncap-discuss at icann.org> wrote:
> 
> Jeff,
> 
> With item #1 below, I’m going to say we discussed those impacts within the context of name collisions several times. Let me just talk to the first technology change w/r/t Qname Minimization (QNM).  We have referenced other bodies of work [1] [2] [3] that have measured longitudinally the deployment of QNM; furthermore, we have examined those impacts to the various case study strings presented and ultimately arrived at the inclusion of labels beyond the TLD to be part of the CDMs.  Understanding the labels, their diversity, their context, etc provides valuable insights into current usage of the non-existent TLD and helps inform potential remediation/outreach efforts. The Root Cause report reiterates that sentiment. Furthermore, I’ll note that deployment of various types of QNM techniques by resolvers also impacts name collision analysis at the second label – not all resolvers “chop off” the extra labels, some add random labels, which will impact any risk assessment.
> 
> As for other changes within the DNS, there are several resources that clearly show additional impacts [4] [5].
> 
> Matt
> 
> [1] https://blog.verisign.com/security/maximizing-qname-minimization-a-new-chapter-in-dns-protocol-evolution/ <https://blog.verisign.com/security/maximizing-qname-minimization-a-new-chapter-in-dns-protocol-evolution/>
> [2] https://dnsthought.nlnetlabs.nl/#qnamemin <https://dnsthought.nlnetlabs.nl/#qnamemin>
> [3] https://research.utwente.nl/en/publications/a-first-look-at-qname-minimization-in-the-domain-name-system <https://research.utwente.nl/en/publications/a-first-look-at-qname-minimization-in-the-domain-name-system>
> [4] https://dash.harvard.edu/bitstream/handle/1/35979525/DNS_NBER_Working_Paper.pdf <https://dash.harvard.edu/bitstream/handle/1/35979525/DNS_NBER_Working_Paper.pdf>
> [5] https://rssac002.root-servers.org/volume_udp_v_tcp_queries.html <https://rssac002.root-servers.org/volume_udp_v_tcp_queries.html>
> 
> From: NCAP-Discuss <ncap-discuss-bounces at icann.org <mailto:ncap-discuss-bounces at icann.org>> on behalf of Jeff Schmidt via NCAP-Discuss <ncap-discuss at icann.org <mailto:ncap-discuss at icann.org>>
> Reply-To: Jeff Schmidt <jschmidt at jasadvisors.com <mailto:jschmidt at jasadvisors.com>>
> Date: Monday, May 9, 2022 at 2:21 PM
> To: Jennifer Bryce <jennifer.bryce at icann.org <mailto:jennifer.bryce at icann.org>>, "ncap-discuss at icann.org <mailto:ncap-discuss at icann.org>" <ncap-discuss at icann.org <mailto:ncap-discuss at icann.org>>
> Subject: [EXTERNAL] Re: [NCAP-Discuss] FINAL REVIEW: NCAP Public Comment responses
> 
> Caution: This email originated from outside the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.
> I have concerns about our responses to the RySG comments:
> 
> (1) Regarding “changes to the DNS traffic” we have bantered about how qname minimization, doh, local roots, and a handful of other technical changes may impact collisions but I don’t recall anything more rigorous than banter. The “we believe there are changes to DNS traffic…” seems hollow, unsupported, and unactionable. Have we discussed this? Case Study 4.0 presents the issue at a high level but there are no conclusions vis-à-vis collisions.
> 
> (2) The larger RySG comment (row 21 in the Excel) deserves more than the dismissal currently in our response. The RySG comment is fundamental to what this group is tasked to accomplish: do the Case Study and/or Perspective Study indicate there is opportunity to make material improvements to existing procedures? Case Study 5.6 states that the conclusions the community came to a decade ago are “still sound.” We have generated lots of words, pretty graphs, statistics of all types, but I don’t think we’ve made any clear statements about how to materially improve existing procedures.
> 
> I think the RySG comment (and for that matter the OCTO comment) are canaries in the coalmine here that we should not merely dismiss or address defensively. These are sophisticated folks that made substantive comments. And these are the folks that need our help to address this issue.
> 
> Jeff
> 
> 
> From: NCAP-Discuss <ncap-discuss-bounces at icann.org> On Behalf Of Jennifer Bryce
> Sent: Monday, May 9, 2022 8:08 AM
> To: ncap-discuss at icann.org
> Subject: [NCAP-Discuss] FINAL REVIEW: NCAP Public Comment responses
> 
> Dear NCAP DG members,
> 
> Heather has updated the public comment responses (linked below and Excel version attached) as per the feedback collected from the NCAP Discussion Group call on 27 April. The only lines that changed (beyond adding a “thank you for your feedback”) were lines 14, 20, 21, and 22, as highlighted in the document.
> 
> FINAL CALL ON THE PUBLIC COMMENT RESPONSE DOCUMENT: Please review the highlighted changes. If you have any concerns, please raise them on this list before the 11 May Discussion Group call. The finalized document will be included as an appendix in the NCAP Study 2 draft report.
> 
> Link to Google doc: https://docs.google.com/spreadsheets/d/1zOp-ClPdGqkmwE2xf0HhLg7SKvL3AFmz4ArSRuUF3BI/edit#gid=0 <https://docs.google.com/spreadsheets/d/1zOp-ClPdGqkmwE2xf0HhLg7SKvL3AFmz4ArSRuUF3BI/edit#gid=0>.
> 
> Thanks,
> Jennifer
> --
> Jennifer Bryce
> Project Manager, Office of the Chief Technology Officer (OCTO)
> Internet Corporation for Assigned Names and Numbers (ICANN)
> 
> Skype: jennifer.bryce.icann
> Email: jennifer.bryce at icann.org <mailto:jennifer.bryce at icann.org>_______________________________________________
> NCAP-Discuss mailing list
> NCAP-Discuss at icann.org
> https://mm.icann.org/mailman/listinfo/ncap-discuss
> 
> _______________________________________________
> By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and the website Terms of Service (https://www.icann.org/privacy/tos). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mm.icann.org/pipermail/ncap-discuss/attachments/20220509/f6fd524c/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 529 bytes
Desc: Message signed with OpenPGP
URL: <https://mm.icann.org/pipermail/ncap-discuss/attachments/20220509/f6fd524c/signature-0001.asc>

More information about the NCAP-Discuss mailing list