Specification of DNS over Dedicated QUIC ConnectionsPrivate Octopus Inc.427 Golfcourse RdFriday HarborWA 98250U.S.Ahuitema@huitema.netSalesforceamankin@salesforce.comSinodun ITOxford Science ParkOxfordOX4 4GAU.K.sara@sinodun.com
Transport
Internet-DraftThis document describes the use of QUIC to provide transport privacy for DNS.
The encryption provided by QUIC has similar properties to that provided by TLS,
while QUIC transport eliminates the head-of-line blocking issues inherent with
TCP and provides more efficient error corrections than UDP. DNS over QUIC
(DoQ) has privacy properties similar to DNS over TLS (DoT) specified in RFC7858,
and latency characteristics similar to classic DNS over UDP.Domain Name System (DNS) concepts are specified in "Domain names - concepts
and facilities" . The transmission of DNS queries and responses
over UDP and TCP is specified in "Domain names - implementation and
specification" . This
document presents a mapping of the DNS protocol over the QUIC
transport .
DNS over QUIC is referred here as DoQ, in line with the "Terminology for DNS
Transports and Location" . The
goals of the DoQ mapping are:Provide the same DNS privacy protection as DNS over TLS (DoT)
. This includes an option for the client to
authenticate the server by means of an authentication domain
name as specified in "Usage Profiles for DNS over TLS and DNS
over DTLS" .Provide an improved level of source address validation for DNS
servers compared to classic DNS over UDP.Provide a transport that is not constrained by path MTU limitations on the
size of DNS responses it can send.Explore the characteristics of using QUIC as a DNS
transport, versus other solutions like DNS over UDP ,
DoT , or DNS over HTTPS (DoH) .In order to achieve these goals, the focus of this document is limited
to the "stub to recursive resolver" scenario also addressed by DoT .
That is, the protocol described here works for queries and responses between
stub clients and recursive servers. The specific non-goals of this document are:No attempt is made to support AXFR "DNS Zone Transfer Protocol (AXFR)"
or IXFR "Incremental Zone Transfer in DNS" , as these mechanisms
are not relevant to the stub to recursive resolver scenario. (This may change in
future versions of this draft. See for a discussion of changes required
for AXFR support.)No attempt is made to evade potential blocking of DNS over QUIC
traffic by middleboxes.No attempt to support server initiated transactions, are these are not
relevant for the "stub to recursive resolver" scenario, see .Users interested in zone transfers should continue using TCP based
solutions and will also want to take note of work in progress to
support "DNS Zone Transfer-over-TLS" .Specifying the transmission of an application over QUIC requires
specifying how the application's messages are mapped to QUIC streams, and
generally how the application will use QUIC. This is done for HTTP
in "Hypertext Transfer Protocol Version 3 (HTTP/3)".
The purpose of this document is to define
the way DNS messages can be transmitted over QUIC.In this document, presents the reasoning that guided
the proposed design. specifies the actual mapping of DoQ.
presents guidelines on the implementation, usage
and deployment of DoQ.The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in BCP 14 .(THIS SECTION TO BE REMOVED BEFORE PUBLICATION) The Github repository for this
document is at https://github.com/huitema/dnsoquic.
Proposed text and editorial changes are very much welcomed there, but any
functional changes should always first be discussed on the IETF DPRIVE WG (dns-privacy) mailing list.This section and its subsection present the design guidelines that
were used for DoQ. This section is
informative in nature.Usage scenarios for the DNS protocol can be broadly classified in three
groups: stub to recursive resolver, recursive resolver to
authoritative server, and server to server. This design focuses only on the
"stub to recursive resolver" scenario following the approach taken in
DoT and "Usage Profiles for DNS over TLS and DNS over DTLS" .QUESTION: Should this document specify any aspects of configuration of
discoverability differently to DoT?No attempt is made to address the recursive to authoritative scenarios.
Authoritative resolvers are discovered dynamically through NS records. It is
noted that at the time of writing work is ongoing in the DPRIVE working group to
attempt to address the analogous problem for DoT
. In the absence of an agreed way for
authoritative to signal support for QUIC transport, recursive resolvers would
have to resort to some trial and error process. At this stage of QUIC
deployment, this would be mostly errors, and does not seem attractive. This
could change in the future.The DNS protocol is also used for zone transfers. In the AXFR zone transfer scenario
, the client emits a single AXFR query, and the server responds
with a series of AXFR responses. This creates a unique profile, in which a query
results in several responses. Supporting that profile would complicate the
mapping of DNS queries over QUIC streams. Zone transfers are not used in the
stub to recursive scenario that is the focus here, and seem to be currently well
served by using DNS over TCP. There is no attempt to support either AXFR or IXFR in
this proposed mapping of DNS to QUIC.DoT defines how
to mitigate some of the issues described in "DNS Privacy Considerations" by specifying how to transmit
DNS messages over TLS.
The "Usage Profiles for DNS over TLS and DNS over DTLS" specify
Strict and Opportunistic Usage Profiles for DoT
including how stub resolvers can authenticate recursive resolvers.QUIC connection setup includes the negotiation of security parameters using TLS,
as specified in "Using TLS to Secure QUIC" , enabling encryption of the QUIC
transport. Transmitting DNS messages over QUIC will provide essentially the same
privacy protections as DoT including Strict and Opportunistic Usage Profiles
. Further discussion on this
is provided in .QUIC is specifically designed to reduce the delay between HTTP
queries and HTTP responses. This is achieved through three main
components:Support for 0-RTT data during session resumption.Support for advanced error recovery procedures as specified in
"QUIC Loss Detection and Congestion Control" .Mitigation of head-of-line blocking by allowing parallel
delivery of data on multiple streams.This mapping of DNS to QUIC will take advantage of these features in
three ways:Optional support for sending 0-RTT data during session resumption
(the security and privacy implications of this are discussed
in later sections).Long-lived QUIC connections over which multiple DNS transactions
are performed,
generating the sustained traffic required to benefit from
advanced recovery features.Fast resumption of QUIC connections to manage the disconnect-on-idle
feature of QUIC without incurring retransmission time-outs.Mapping of each DNS Query/Response transaction to a separate stream,
to mitigate head-of-line blocking. This enables servers to respond
to queries "out of order". It also enables clients to process
responses as soon as they arrive, without having to wait for in
order delivery of responses previously posted by the server.These considerations will be reflected in the mapping of DNS traffic
to QUIC streams in .The mapping of DNS over QUIC is defined for minimal overhead and
maximum performance. This means a different traffic profile than HTTP3 over
QUIC. This difference can be
noted by firewalls and middleboxes. There may be environments in
which HTTP3 over QUIC will be able to pass through, but DoQ will be
blocked by these middle boxes.As stated in , this document does not specify support for
server initiated transactions because these are not relevant for the "stub to
recursive resolver" scenario. Note that "DNS Stateful Operations" (DSO)
are only applicable for DNS over TCP and DNS over TLS. DSO is not
applicable to DNS over HTTP since HTTP has its own mechanism for managing
sessions, and this is incompatible with the DSO; the same is true for DNS over
QUIC.DoQ connections are established as described in the QUIC transport specification
. During connection establishment, DoQ
support is indicated by selecting the ALPN token "doq" in the crypto
handshake.RFC Editor's Note: Please remove this section prior to
publication of a final version of this document.Only implementations of the final, published RFC can identify
themselves as "doq". Until such an RFC exists, implementations MUST
NOT identify themselves using this string.Implementations of draft versions of the protocol MUST add the string
"-" and the corresponding draft number to the identifier. For
example, draft-ietf-dprive-dnsoquic-00 is identified using the
string "doq-i00".By default, a DNS server that supports DoQ MUST listen for and
accept QUIC connections on the dedicated UDP port TBD (number to be
defined in ), unless it has mutual
agreement with its clients to use a port other than TBD for DoQ.
In order to use a port other than TBD, both clients and
servers would need a configuration option in their software.By default, a DNS client desiring to use DoQ with a
particular server MUST establish a QUIC connection to UDP port TBD on
the server, unless it has mutual agreement with its server to use a
port other than port TBD for DoQ. Such another port MUST
NOT be port 53 or port 853. This recommendation against use of port
53 for DoQ is to avoid confusion between DoQ and the use of
DNS over UDP . Similarly, using port 853
would cause confusion between DoQ and DNS over DTLS .The mapping of DNS traffic over QUIC streams takes advantage of the
QUIC stream features detailed in Section 2 of the QUIC transport specification
.The stub to resolver DNS traffic follows a simple pattern in which
the client sends a query, and the server provides a response. This design
specifies that for each subsequent query on a QUIC connection the client MUST
select the next available client-initiated bidirectional stream, in
conformance with the QUIC transport specification .The client MUST send the DNS query over the selected stream, and MUST
indicate through the STREAM FIN mechanism that no further data will
be sent on that stream.The server MUST send the response on the same stream, and MUST
indicate through the STREAM FIN mechanism that no further
data will be sent on that stream.Therefore, a single client initiated DNS transaction consumes a single stream.
This means that the client's first query occurs on QUIC stream 0, the second on 4,
and so on.Peers normally complete transactions by sending a DNS response on the
transaction's stream, including cases where the DNS response indicates a
DNS error. For example, a Server
Failure (SERVFAIL, ) SHOULD be notified to the initiator of
the transaction by sending back a response with the Response Code set
to SERVFAIL.If a peer is incapable of sending a DNS response due to an internal
error, it may issue a QUIC Stream Reset with error code DOQ_INTERNAL_ERROR.
The corresponding transaction MUST be abandoned.The following error codes are defined for use when abruptly terminating streams,
aborting reading of streams, or immediately closing connections:
No error. This is used when the connection or stream needs to be closed, but
there is no error to signal.
The DoQ implementation encountered an internal error and is incapable of
pursuing the transaction or the connectionSection 10 of the QUIC transport specification
specifies that connections can be closed in three ways:idle timeoutimmediate closestateless resetClients and servers implementing DNS over QUIC SHOULD negotiate use of
the idle timeout. Closing on idle timeout is done without any packet exchange,
which minimizes protocol overhead. Per section 10.2 of the QUIC transport
specification, the effective value of the idle timeout is computed as the
minimum of the values advertised by the two endpoints. Practical
considerations on setting the idle timeout are discussed in
.Clients SHOULD monitor the idle time incurred on their connection to
the server, defined by the time spent since the last packet from
the server has been received. When a client prepares to send a new DNS
query to the server, it will check whether the idle time is sufficient
lower than the idle timer. If it is, the client will send the DNS
query over the existing connection. If not, the client will establish
a new connection and send the query over that connection.Clients MAY discard their connection to the server before the idle
timeout expires. If they do that, they SHOULD close the connection
explicitly, using QUIC's CONNECTION_CLOSE mechanisms, and indicating
the Application reason "No Error".Clients and servers MAY close the connection for a variety of other
reasons, indicated using QUIC's CONNECTION_CLOSE. Client and servers
that send packets over a connection discarded by their peer MAY
receive a stateless reset indication. If a connection fails,
all queries in progress over the connection MUST be considered failed,
and a Server Failure (SERVFAIL, ) SHOULD be notified
to the initiator of the transaction.A stub resolver MAY take advantage of the connection resume
mechanisms supported by QUIC transport and
QUIC TLS . Stub resolvers SHOULD consider
potential privacy issues associated with session resume before
deciding to use this mechanism. These privacy issues are detailed in
.When resuming a session, a stub resolver MAY take advantage of the
0-RTT mechanism supported by QUIC. The 0-RTT mechanism MUST NOT be
used to send data that is not "replayable" transactions. For
example, a stub resolver MAY transmit a Query as 0-RTT, but MUST NOT
transmit an Update.DoQ Queries and Responses are sent
on QUIC streams, which in theory can carry up to 2^62 bytes. However, DNS
messages are restricted in practice to a maximum size of 65535 bytes.
This maximum size is enforced by the use of a two-octet message length
field in DNS over TCP and DNS over TLS , and
by the definition of the "application/dns-message" for DNS over HTTP
. DoQ enforces the same restriction.The flow control mechanism of QUIC control how much data can be sent
by QUIC nodes at a given time. The initial values of per stream
flow control parameters is defined by two transport parameters:initial_max_stream_data_bidi_local: when set by the client, specifies
the amount of data that servers can send on a "response" stream without
waiting for a MAX_STREAM_DATA frame.initial_max_stream_data_bidi_remote: when set by the server, specifies
the amount of data that clients can send on a "query" stream without
waiting for a MAX_STREAM_DATA frame.For better performance, it is RECOMMENDED that clients and servers set
each of these two parameters to a value of 65535 or greater.The Extension Mechanisms for DNS (EDNS) allow peers to specify
the UDP message size. This parameter is ignored by DoQ. DoQ implementations
always assume that the maximum message size is 65535 bytes.For the stub to recursive resolver scenario, the authentication
requirements are the same as described in DoT and
"Usage Profiles for DNS over TLS and DNS over DTLS"
. There is no need to
authenticate the client's identity in either scenario.If the establishment of the DoQ connection fails, clients
SHOULD attempt to fall back to DoT and then potentially clear
text, as specified in DoT and
"Usage Profiles for DNS over TLS and DNS over DTLS"
, depending on their privacy
profile.DNS clients SHOULD remember server IP addresses that don't support
DoQ, including timeouts, connection refusals, and QUIC
handshake failures, and not request DoQ from them for a
reasonable period (such as one hour per server). DNS clients
following an out-of-band key-pinned privacy profile () MAY
be more aggressive about retrying DoQ connection failures.Section 8 of the QUIC transport specification defines Address Validation procedures
to avoid servers being used in address amplification attacks. DoQ implementations
MUST conform to this specification, which limits the worst case
amplification to a factor 3.DoQ implementations SHOULD consider configuring servers to use
the Address Validation using Retry Packets procedure defined in
section 8.1.2 of the QUIC transport specification ). This procedure
imposes a 1-RTT delay for verifying the return routability of the
source address of a client, similar to the DNS Cookies mechanism
.DoQ implementations that configure Address Validation using Retry
Packets SHOULD implement the Address Validation for Future Connections
procedure defined in section 8.1.3 of the QUIC transport specification ).
This defines how servers can send NEW TOKEN frames to clients after the
client address is validated, in order to avoid the 1-RTT penalty during
subsequent connections by the client from the same address.When sending queries over a QUIC connection, the DNS Message ID MUST be set to
zero.There are mechanisms specified for padding individual DNS messages
in "The EDNS(0) Padding Option" and for padding within QUIC
packets (see Section 8.6 of the QUIC transport specification ).Implementations SHOULD NOT use DNS options for
padding individual DNS messages, because QUIC transport
MAY transmit multiple STREAM frames containing separate DNS messages in
a single QUIC packet. Instead, implementations SHOULD use QUIC PADDING frames
to align the packet length to a small set of fixed sizes, aligned with
the recommendations of the "Padding Policies
for Extension Mechanisms for DNS (EDNS(0))" ."DNS Transport over TCP - Implementation
Requirements" provides updated
guidance on DNS over TCP, some of which is applicable to DoQ. This
section attempts to specify which and how those considerations apply to DoQ.Historic implementations of DNS stub resolvers are known to open and
close TCP connections for each DNS query. To avoid excess QUIC
connections, each with a single query, clients SHOULD reuse a single
QUIC connection to the recursive resolver.In order to achieve performance on par with UDP, DNS clients SHOULD
send their queries concurrently over the QUIC streams on a QUIC connection.
That is, when a DNS client
sends multiple queries to a server over a QUIC connection, it SHOULD NOT wait
for an outstanding reply before sending the next query.Proper management of established and idle connections is important to
the healthy operation of a DNS server. An implementation of DoQ
SHOULD follow best practices similar to those specified for DNS over TCP
, in particular with regard to:Concurrent Connections (Section 6.2.2)Security Considerations (Section 10)Failure to do so may lead to resource exhaustion and denial of service.Clients that want to maintain long duration DoQ connections SHOULD use the idle
timeout mechanisms defined in Section 10.2 of the QUIC transport specification
. Clients and servers MUST NOT send the
edns-tcp-keepalive EDNS(0) Option in any messages sent on a DoQ
connection (because it is specific to the use of TCP/TLS as a transport). If any
message sent on a DoQ connection contains an edns-tcp-keepalive EDNS(0) Option,
this is a fatal error and the recipient of the defective message MUST forcibly
abort the connection immediately.This document does not make specific recommendations for timeout
values on idle connections. Clients and servers should reuse and/or
close connections depending on the level of available resources.
Timeouts may be longer during periods of low activity and shorter
during periods of high activity.Clients that are willing to use QUIC's 0-RTT mechanism can reestablish
connections and send transactions on the new connection with minimal
delay overhead. These clients MAY chose low values of the idle timer.As specified in Section 7 of "DNS Transport over TCP - Implementation
Requirements" , resolvers are RECOMMENDED to
support the preparing of responses in parallel and sending them out
of order. In DoQ, they do that by sending responses on their specific
stream as soon as possible, without waiting for availability of responses
for previously opened streams.Servers and Clients manage flow control as specified in QUIC.Servers MAY use the "maximum stream ID" option of the QUIC
transport to limit the number of streams opened by the
client. This mechanism will effectively limit the number of
DNS queries that a client can send on a single DoQ connection.(THIS SECTION TO BE REMOVED BEFORE PUBLICATION) This section records the status
of known implementations of the protocol defined by this specification at the
time of posting of this Internet-Draft, and is based on a proposal described in
.AdGuard launched a DoQ recursive resolver service in December 2020. They have
released a suite of open source tools that support DoQ:
AdGuard C++ DNS libraries A DNS proxy
library that supports all existing DNS protocols including DNS-over-TLS, DNS-over-HTTPS,
DNSCrypt and DNS-over-QUIC (experimental).DNS Proxy A simple DNS proxy server that supports
all existing DNS protocols including DNS-over-TLS, DNS-over-HTTPS, DNSCrypt, and DNS-over-QUIC.
Moreover, it can work as a DNS-over-HTTPS, DNS-over-TLS or DNS-over-QUIC server.CoreDNS fork for AdGuard DNS Includes DNS-over-QUIC
server-side support.dnslookup Simple command line utility to make DNS lookups.
Supports all known DNS protocols: plain DNS, DoH, DoT, DoQ, DNSCrypt.Quicdoq Quicdoq is a simple open
source implementation of DNS over Quic. It is written in C, based on
Picoquic.Flamethrower is an open source
DNS performance and functional testing utility written in C++ that has an experimental implementation of DoQ.aioquic is an implementation of QUIC in Python. It includes
example client and server for DNS over QUIC.To our knowledge, no benchmarking studies comparing DoT, DoH and DoQ are published yet. However anecdotal
evidence from the AdGuard DoQ recursive resolver deployment
indicates that it performs well compared to the other encrypted protocols, particularly in mobile environments.
Reasons given for this include that DoQUses less bandwidth due to a more efficient handshake (and due to less per message overhead when compared to DoH).Performs better in mobile environments due to the increased resilience to packet lossCan maintain connections as users move between mobile networks via its connection managementThe security considerations of DoQ should be comparable to
those of DoT .DoQ is specifically designed to protect the DNS traffic
between stub and resolver from observations by third parties, and
thus protect the privacy of queries sent by the stub. However, the recursive
resolver has full visibility of the stub's traffic, and could be used
as an observation point, as discussed in the revision of "DNS Privacy
Considerations" . These considerations
do not differ between DoT and DoQ and are not discussed
further here.QUIC incorporates the mechanisms of TLS 1.3 and
this enables QUIC transmission of "0-RTT" data. This can
provide interesting latency gains, but it raises two concerns:Adversaries could replay the 0-RTT data and infer its content
from the behavior of the receiving server.The 0-RTT mechanism relies on TLS resume, which can provide
linkability between successive client sessions.These issues are developed in and
.The 0-RTT data can be replayed by adversaries. That data may
trigger queries by a recursive resolver to authoritative
resolvers. Adversaries may be able to pick a time at which the
recursive resolver outgoing traffic is observable, and thus find out
what name was queried for in the 0-RTT data.This risk is in fact a subset of the general problem of observing the
behavior of the recursive resolver discussed in "DNS Privacy Considerations" . The
attack is partially mitigated by reducing the observability of this
traffic. However, the risk is amplified for 0-RTT data, because the
attacker might replay it at chosen times, several times.The recommendation for TLS 1.3 is that the capability to
use 0-RTT data should be turned off by default, and only enabled if
the user clearly understands the associated risks.QUESTION: Should 0-RTT only be used with Opportunistic profiles (i.e.
disabled by default for Strict only)?The QUIC session resume mechanism reduces the cost of re-establishing
sessions and enables 0-RTT data. There is a linkability issue
associated with session resume, if the same resume token is used
several times, but this risk is mitigated by the mechanisms
incorporated in QUIC and in TLS 1.3. With these mechanisms, clients
and servers can cooperate to avoid linkability by third parties.
However, the server will always be able to link the resumed session
to the initial session. This creates a virtual long duration
session. The series of queries in that session can be used by the
server to identify the client.Enabling the server to link client sessions through session resume is
probably not a large additional risk if the client's connectivity did
not change between the sessions, since the two sessions can probably
be correlated by comparing the IP addresses. On the other hand, if
the addresses did change, the client SHOULD consider whether the
linkability risk exceeds the performance benefits. This evaluation will
obviously depend on the level of trust between stub and recursive.Even though QUIC packets are encrypted, adversaries can gain information from
observing packet lengths, in both queries and responses, as well as packet
timing. Many DNS requests are emitted by web browsers. Loading a specific
web page may require resolving dozen of DNS names. If an application
adopts a simple mapping of one query or response per packet, or "one
QUIC STREAM frame per packet", then the succession of packet lengths may
provide enough information to identify the requested site.Implementations SHOULD use the mechanisms defined in to
mitigate this attack.This document creates a new registration for the identification of
DoQ in the "Application Layer Protocol Negotiation (ALPN)
Protocol IDs" registry .The "doq" string identifies DoQ:Protocol: DoQIdentification Sequence: 0x64 0x6F 0x71 ("doq")Specification: This documentIANA is required to add the following value to the "Service Name and
Transport Protocol Port Number Registry" in the System Range. The
registry for that range requires IETF Review or IESG Approval
, and such a review was requested using the early allocation
process for the well-known UDP port in this document. Since
port 853 is reserved for 'DNS query-response protocol run over TLS'
consideration is requested for reserving port 8853 for 'DNS query-response
protocol run over QUIC'.RFC Editor's Note: Please remove this section prior to
publication of a final version of this document.Early experiments MAY use port 8853. This port is marked in the IANA
registry as unassigned.(Note that prior to version -02 of this draft, experiments were directed to use port 784.)This document liberally borrows text from the HTTP-3 specification
edited by Mike Bishop, and from the DoT specification authored by Zi Hu, Liang
Zhu, John Heidemann, Allison Mankin, Duane Wessels, and Paul Hoffman.The privacy issue with 0-RTT data and session resume were analyzed by
Daniel Kahn Gillmor (DKG) in a message to the IETF "DPRIVE" working
group .Thanks to Tony Finch for an extensive review of the initial version of this draft.
Reviews by Paul Hoffman and interoperability tests conducted by Stephane Bortzmeyer
helped improve the definition of the protocol.Domain names - concepts and facilitiesThis RFC is the revised basic definition of The Domain Name System. It obsoletes RFC-882. This memo describes the domain style names and their used for host address look up and electronic mail forwarding. It discusses the clients and servers in the domain name system and the protocol used between them.Domain names - implementation and specificationThis RFC is the revised specification of the protocol and format used in the implementation of the Domain Name System. It obsoletes RFC-883. This memo documents the details of the domain name client - server communication.QUIC: A UDP-Based Multiplexed and Secure TransportThis document defines the core of the QUIC transport protocol. QUIC provides applications with flow-controlled streams for structured communication, low-latency connection establishment, and network path migration. QUIC includes security measures that ensure confidentiality, integrity, and availability in a range of deployment circumstances. Accompanying documents describe the integration of TLS for key negotiation, loss detection, and an exemplary congestion control algorithm. DO NOT DEPLOY THIS VERSION OF QUIC DO NOT DEPLOY THIS VERSION OF QUIC UNTIL IT IS IN AN RFC. This version is still a work in progress. For trial deployments, please use earlier versions. Note to Readers Discussion of this draft takes place on the QUIC working group mailing list (quic@ietf.org (mailto:quic@ietf.org)), which is archived at https://mailarchive.ietf.org/arch/search/?email_list=quic Working Group information can be found at https://github.com/quicwg; source code and issues list for this draft can be found at https://github.com/quicwg/base-drafts/labels/-transport.Using TLS to Secure QUICThis document describes how Transport Layer Security (TLS) is used to secure QUIC. Note to Readers Discussion of this draft takes place on the QUIC working group mailing list (quic@ietf.org), which is archived at https://mailarchive.ietf.org/arch/search/?email_list=quic. Working Group information can be found at https://github.com/quicwg; source code and issues list for this draft can be found at https://github.com/quicwg/base-drafts/labels/-tls.Terminology for DNS Transports and LocationThis document adds terms and abbreviations to "DNS Terminology" (RFC 8499) that relate to DNS running over various transports, as well as terms and abbreviations for DNS resolution at traditional and non- traditional locations.Specification for DNS over Transport Layer Security (TLS)This document describes the use of Transport Layer Security (TLS) to provide privacy for DNS. Encryption provided by TLS eliminates opportunities for eavesdropping and on-path tampering with DNS queries in the network, such as discussed in RFC 7626. In addition, this document specifies two usage profiles for DNS over TLS and provides advice on performance considerations to minimize overhead from using TCP and TLS with DNS.This document focuses on securing stub-to-recursive traffic, as per the charter of the DPRIVE Working Group. It does not prevent future applications of the protocol to recursive-to-authoritative traffic.Usage Profiles for DNS over TLS and DNS over DTLSThis document discusses usage profiles, based on one or more authentication mechanisms, which can be used for DNS over Transport Layer Security (TLS) or Datagram TLS (DTLS). These profiles can increase the privacy of DNS transactions compared to using only cleartext DNS. This document also specifies new authentication mechanisms -- it describes several ways that a DNS client can use an authentication domain name to authenticate a (D)TLS connection to a DNS server. Additionally, it defines (D)TLS protocol profiles for DNS clients and servers implementing DNS over (D)TLS. This document updates RFC 7858.DNS Queries over HTTPS (DoH)This document defines a protocol for sending DNS queries and getting DNS responses over HTTPS. Each DNS query-response pair is mapped into an HTTP exchange.Ambiguity of Uppercase vs Lowercase in RFC 2119 Key WordsRFC 2119 specifies common key words that may be used in protocol specifications. This document aims to reduce the ambiguity by clarifying that only UPPERCASE usage of the key words have the defined special meanings.Extension Mechanisms for DNS (EDNS(0))The Domain Name System's wire protocol includes a number of fixed fields whose range has been or soon will be exhausted and does not allow requestors to advertise their capabilities to responders. This document describes backward-compatible mechanisms for allowing the protocol to grow.This document updates the Extension Mechanisms for DNS (EDNS(0)) specification (and obsoletes RFC 2671) based on feedback from deployment experience in several implementations. It also obsoletes RFC 2673 ("Binary Labels in the Domain Name System") and adds considerations on the use of extended labels in the DNS.Domain Name System (DNS) CookiesDNS Cookies are a lightweight DNS transaction security mechanism that provides limited protection to DNS servers and clients against a variety of increasingly common denial-of-service and amplification/ forgery or cache poisoning attacks by off-path attackers. DNS Cookies are tolerant of NAT, NAT-PT (Network Address Translation - Protocol Translation), and anycast and can be incrementally deployed. (Since DNS Cookies are only returned to the IP address from which they were originally received, they cannot be used to generally track Internet users.)DNS Transport over TCP - Implementation RequirementsThis document specifies the requirement for support of TCP as a transport protocol for DNS implementations and provides guidelines towards DNS-over-TCP performance on par with that of DNS-over-UDP. This document obsoletes RFC 5966 and therefore updates RFC 1035 and RFC 1123.Transport Layer Security (TLS) Application-Layer Protocol Negotiation ExtensionThis document describes a Transport Layer Security (TLS) extension for application-layer protocol negotiation within the TLS handshake. For instances in which multiple application protocols are supported on the same TCP or UDP port, this extension allows the application layer to negotiate which protocol will be used within the TLS connection.DNS + 0-RTTDNS Zone Transfer Protocol (AXFR)The standard means within the Domain Name System protocol for maintaining coherence among a zone's authoritative name servers consists of three mechanisms. Authoritative Transfer (AXFR) is one of the mechanisms and is defined in RFC 1034 and RFC 1035.The definition of AXFR has proven insufficient in detail, thereby forcing implementations intended to be compliant to make assumptions, impeding interoperability. Yet today we have a satisfactory set of implementations that do interoperate. This document is a new definition of AXFR -- new in the sense that it records an accurate definition of an interoperable AXFR mechanism. [STANDARDS-TRACK]Internet Control Message Protocol (ICMPv6) for the Internet Protocol Version 6 (IPv6)This document specifies a set of Internet Control Message Protocol (ICMP) messages for use with version 6 of the Internet Protocol (IPv6). [STANDARDS-TRACK]DNS Zone Transfer-over-TLSDNS zone transfers are transmitted in clear text, which gives attackers the opportunity to collect the content of a zone by eavesdropping on network connections. The DNS Transaction Signature (TSIG) mechanism is specified to restrict direct zone transfer to authorized clients only, but it does not add confidentiality. This document specifies use of TLS, rather then clear text, to prevent zone content collection via passive monitoring of zone transfers: XFR-over-TLS (XoT). Additionally, this specification updates RFC1995, RFC5936 and RFC7766.Hypertext Transfer Protocol Version 3 (HTTP/3)The QUIC transport protocol has several features that are desirable in a transport for HTTP, such as stream multiplexing, per-stream flow control, and low-latency connection establishment. This document describes a mapping of HTTP semantics over QUIC. This document also identifies HTTP/2 features that are subsumed by QUIC, and describes how HTTP/2 extensions can be ported to HTTP/3. DO NOT DEPLOY THIS VERSION OF HTTP DO NOT DEPLOY THIS VERSION OF HTTP/3 UNTIL IT IS IN AN RFC. This version is still a work in progress. For trial deployments, please use earlier versions. Note to Readers Discussion of this draft takes place on the QUIC working group mailing list (quic@ietf.org), which is archived at https://mailarchive.ietf.org/arch/search/?email_list=quic. Working Group information can be found at https://github.com/quicwg; source code and issues list for this draft can be found at https://github.com/quicwg/base-drafts/labels/-http.DNS Privacy Requirements for Exchanges between Recursive Resolvers and Authoritative ServersThis document describes requirements and considerations for adding confidentiality to DNS exchanges between recursive resolvers and authoritative servers. The intent of this document is to guide Internet Drafts in the DNS Private Exchange (DPRIVE) Working Group pertaining to recursive to authorized name servers, with the stated requirements and considerations.DNS Privacy ConsiderationsThis document describes the privacy issues associated with the use of the DNS by Internet users. It is intended to be an analysis of the present situation and does not prescribe solutions.QUIC Loss Detection and Congestion ControlThis document describes loss detection and congestion control mechanisms for QUIC. Note to Readers Discussion of this draft takes place on the QUIC working group mailing list (quic@ietf.org (mailto:quic@ietf.org)), which is archived at https://mailarchive.ietf.org/arch/ search/?email_list=quic. Working Group information can be found at https://github.com/quicwg; source code and issues list for this draft can be found at https://github.com/quicwg/base-drafts/labels/-recovery.DNS Stateful OperationsThis document defines a new DNS OPCODE for DNS Stateful Operations (DSO). DSO messages communicate operations within persistent stateful sessions using Type Length Value (TLV) syntax. Three TLVs are defined that manage session timeouts, termination, and encryption padding, and a framework is defined for extensions to enable new stateful operations. This document updates RFC 1035 by adding a new DNS header OPCODE that has both different message semantics and a new result code. This document updates RFC 7766 by redefining a session, providing new guidance on connection reuse, and providing a new mechanism for handling session idle timeouts.DNS over Datagram Transport Layer Security (DTLS)DNS queries and responses are visible to network elements on the path between the DNS client and its server. These queries and responses can contain privacy-sensitive information, which is valuable to protect.This document proposes the use of Datagram Transport Layer Security (DTLS) for DNS, to protect against passive listeners and certain active attacks. As latency is critical for DNS, this proposal also discusses mechanisms to reduce DTLS round trips and reduce the DTLS handshake size. The proposed mechanism runs over port 853.The EDNS(0) Padding OptionThis document specifies the EDNS(0) "Padding" option, which allows DNS clients and servers to pad request and response messages by a variable number of octets.Padding Policies for Extension Mechanisms for DNS (EDNS(0))RFC 7830 specifies the "Padding" option for Extension Mechanisms for DNS (EDNS(0)) but does not specify the actual padding length for specific applications. This memo lists the possible options ("padding policies"), discusses the implications of each option, and provides a recommended (experimental) option.The edns-tcp-keepalive EDNS0 OptionDNS messages between clients and servers may be received over either UDP or TCP. UDP transport involves keeping less state on a busy server, but can cause truncation and retries over TCP. Additionally, UDP can be exploited for reflection attacks. Using TCP would reduce retransmits and amplification. However, clients commonly use TCP only for retries and servers typically use idle timeouts on the order of seconds.This document defines an EDNS0 option ("edns-tcp-keepalive") that allows DNS servers to signal a variable idle timeout. This signalling encourages the use of long-lived TCP connections by allowing the state associated with TCP transport to be managed effectively with minimal impact on the DNS transaction time.Improving Awareness of Running Code: The Implementation Status SectionThis document describes a simple process that allows authors of Internet-Drafts to record the status of known implementations by including an Implementation Status section. This will allow reviewers and working groups to assign due consideration to documents that have the benefit of running code, which may serve as evidence of valuable experimentation and feedback that have made the implemented protocols more mature.This process is not mandatory. Authors of Internet-Drafts are encouraged to consider using the process for their documents, and working groups are invited to think about applying the process to all of their protocol specifications. This document obsoletes RFC 6982, advancing it to a Best Current Practice.DNS Privacy ConsiderationsThis document describes the privacy issues associated with the use of the DNS by Internet users. It is intended to be an analysis of the present situation and does not prescribe solutions. This document obsoletes RFC 7626.The Transport Layer Security (TLS) Protocol Version 1.3This document specifies version 1.3 of the Transport Layer Security (TLS) protocol. TLS allows client/server applications to communicate over the Internet in a way that is designed to prevent eavesdropping, tampering, and message forgery.This document updates RFCs 5705 and 6066, and obsoletes RFCs 5077, 5246, and 6961. This document also specifies new requirements for TLS 1.2 implementations.Internet Assigned Numbers Authority (IANA) Procedures for the Management of the Service Name and Transport Protocol Port Number RegistryThis document defines the procedures that the Internet Assigned Numbers Authority (IANA) uses when handling assignment and other requests related to the Service Name and Transport Protocol Port Number registry. It also discusses the rationale and principles behind these procedures and how they facilitate the long-term sustainability of the registry.This document updates IANA's procedures by obsoleting the previous UDP and TCP port assignment procedures defined in Sections 8 and 9.1 of the IANA Allocation Guidelines, and it updates the IANA service name and port assignment procedures for UDP-Lite, the Datagram Congestion Control Protocol (DCCP), and the Stream Control Transmission Protocol (SCTP). It also updates the DNS SRV specification to clarify what a service name is and how it is registered. This memo documents an Internet Best Current Practice.Early IANA Allocation of Standards Track Code PointsThis memo describes the process for early allocation of code points by IANA from registries for which "Specification Required", "RFC Required", "IETF Review", or "Standards Action" policies apply. This process can be used to alleviate the problem where code point allocation is needed to facilitate desired or required implementation and deployment experience prior to publication of an RFC, which would normally trigger code point allocation. The procedures in this document are intended to apply only to IETF Stream documents.This draft version makes no attempt to support AXFR or IXFR queries. As defined in ,
the server responds to AXFR queries with a series of DNS response messages where"... the first message MUST begin with the SOA resource record of the zone, and
the last message MUST conclude with the same SOA resource record."and the QDCOUNT:MUST be 1 in the first message;MUST be 0 or 1 in all following messages;MUST be 1 if RCODE indicates an errorWhen the DNS protocol is carried over TCP or TLS, these messages are carried
over a single byte stream and each of them is preceded by a 16 bit length
field. The encapsulation currently defined in this draft does not include a
length field and assumes exactly one response message for each query.Note that since IXFR can fall back to an AXFR-like response if the server is not able to send an incremental change, this discussion also applies to those AXFR-like responses returned to an IXFR request in that scenario.There are two plausible ways to carry the series of AXFR responses in QUIC:
keep the current format and use a separate QUIC stream for each response; or,
relax the restriction of having just one response per QUIC stream. This second
option is much simpler to engineer. It will not require complex methods to
correlate different streams, and it will ensure that the responses in the
series are delivered in the intended order. However, it requires parsing the
response stream to extract separate responses. The practical requirement would
be that the content of the QUIC stream be exactly the same as the content of a
TCP connection that would manage exactly one query. The main difference with
the current proposal would be to insert a length field before each response. So
we would get:For a query: open a bidirectional stream, send the query encoded as { 16 bit
length, DNS query }, mark this stream direction as finished.For most responses: send the single response message encoded as { 16 bit
length, DNS response }, mark this stream direction as finished.For a response to an AXFR query: send a series of response messages encoded
as { 16 bit length, DNS response }, using the QDCOUNT convention as specified
in , mark this stream direction as finished when the entire
series is sent.This adds a length field that is not in the current draft, which breaks compatibility with the previous versions.
Draft versions are identified by draft version specific ALPN, which makes this change manageable. However,
the authors would like to get feedback from developers before making this change.The change will also add new error conditions: if the stream FIN happens before the bytes specified
in the message length field are sent; if the client expects a single response message and several are sent;
and, if the client expects AXFR responses but does not receive the expected pattern of QDCOUNT flagged messages.