idnits 2.17.1 draft-huitema-quic-dnsoquic-01.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (April 11, 2017) is 2572 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Outdated reference: A later version (-11) exists of draft-ietf-dprive-dtls-and-tls-profiles-09 == Outdated reference: A later version (-34) exists of draft-ietf-quic-tls-02 == Outdated reference: A later version (-34) exists of draft-ietf-quic-transport-02 == Outdated reference: A later version (-01) exists of draft-hoffman-dns-in-existing-http2-00 == Outdated reference: A later version (-01) exists of draft-hoffman-dns-in-existing-quic-00 == Outdated reference: A later version (-20) exists of draft-ietf-dnsop-session-signal-02 == Outdated reference: A later version (-25) exists of draft-ietf-dnssd-push-10 == Outdated reference: A later version (-06) exists of draft-ietf-dprive-padding-policy-00 == Outdated reference: A later version (-34) exists of draft-ietf-quic-http-02 == Outdated reference: A later version (-34) exists of draft-ietf-quic-recovery-02 == Outdated reference: A later version (-28) exists of draft-ietf-tls-tls13-19 -- Obsolete informational reference (is this intentional?): RFC 7626 (Obsoleted by RFC 9076) Summary: 0 errors (**), 0 flaws (~~), 12 warnings (==), 2 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Network Working Group C. Huitema 3 Internet-Draft Private Octopus Inc. 4 Intended status: Standards Track M. Shore 5 Expires: October 13, 2017 Fastly 6 A. Mankin 7 Salesforce 8 S. Dickinson 9 Sinodun IT 10 J. Iyengar 11 Google 12 April 11, 2017 14 Specification of DNS over Dedicated QUIC Connections 15 draft-huitema-quic-dnsoquic-01 17 Abstract 19 This document describes the use of QUIC to provide transport privacy 20 for DNS. The encryption provided by QUIC has similar properties to 21 that provided by TLS, while QUIC transport eliminates the head-of- 22 line blocking issues inherent with TCP and provides more efficient 23 error corrections than UDP. DNS over QUIC has privacy properties 24 similar to DNS over TLS specified in RFC7858, and performance similar 25 to classic DNS over UDP. 27 Status of This Memo 29 This Internet-Draft is submitted in full conformance with the 30 provisions of BCP 78 and BCP 79. 32 Internet-Drafts are working documents of the Internet Engineering 33 Task Force (IETF). Note that other groups may also distribute 34 working documents as Internet-Drafts. The list of current Internet- 35 Drafts is at http://datatracker.ietf.org/drafts/current/. 37 Internet-Drafts are draft documents valid for a maximum of six months 38 and may be updated, replaced, or obsoleted by other documents at any 39 time. It is inappropriate to use Internet-Drafts as reference 40 material or to cite them other than as "work in progress." 42 This Internet-Draft will expire on October 13, 2017. 44 Copyright Notice 46 Copyright (c) 2017 IETF Trust and the persons identified as the 47 document authors. All rights reserved. 49 This document is subject to BCP 78 and the IETF Trust's Legal 50 Provisions Relating to IETF Documents 51 (http://trustee.ietf.org/license-info) in effect on the date of 52 publication of this document. Please review these documents 53 carefully, as they describe your rights and restrictions with respect 54 to this document. Code Components extracted from this document must 55 include Simplified BSD License text as described in Section 4.e of 56 the Trust Legal Provisions and are provided without warranty as 57 described in the Simplified BSD License. 59 Table of Contents 61 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 62 2. Key Words . . . . . . . . . . . . . . . . . . . . . . . . . . 4 63 3. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 4 64 4. Design Considerations . . . . . . . . . . . . . . . . . . . . 4 65 4.1. Scope is Limited to the Stub to Resolver Scenario . . . . 4 66 4.2. Provide DNS Privacy . . . . . . . . . . . . . . . . . . . 5 67 4.3. Design for Minimum Latency . . . . . . . . . . . . . . . 5 68 4.4. Development of QUIC Protocols and API . . . . . . . . . . 6 69 4.5. No Specific Middlebox Bypass Mechanism . . . . . . . . . 7 70 5. Specifications . . . . . . . . . . . . . . . . . . . . . . . 7 71 5.1. Connection Establishment . . . . . . . . . . . . . . . . 7 72 5.1.1. Draft Version Identification . . . . . . . . . . . . 7 73 5.1.2. Port Selection . . . . . . . . . . . . . . . . . . . 8 74 5.2. Stream Mapping and Usage . . . . . . . . . . . . . . . . 8 75 5.2.1. Server Initiated Transactions . . . . . . . . . . . . 9 76 5.2.2. Stream Reset . . . . . . . . . . . . . . . . . . . . 9 77 5.3. Closing the DNS over QUIC Connection . . . . . . . . . . 9 78 5.4. Connection Resume and 0-RTT . . . . . . . . . . . . . . . 10 79 6. Implementation Requirements . . . . . . . . . . . . . . . . . 10 80 6.1. Authentication . . . . . . . . . . . . . . . . . . . . . 10 81 6.2. Fall Back to Other Protocols on Connection Failure . . . 10 82 6.3. Response Sizes . . . . . . . . . . . . . . . . . . . . . 10 83 6.4. DNS Message IDs . . . . . . . . . . . . . . . . . . . . . 11 84 6.5. Padding . . . . . . . . . . . . . . . . . . . . . . . . . 11 85 6.6. Connection Handling . . . . . . . . . . . . . . . . . . . 11 86 6.6.1. Connection Reuse . . . . . . . . . . . . . . . . . . 11 87 6.6.2. Connection Close . . . . . . . . . . . . . . . . . . 12 88 6.6.3. Idle Timeouts . . . . . . . . . . . . . . . . . . . . 12 89 7. Security Considerations . . . . . . . . . . . . . . . . . . . 13 90 8. Privacy Considerations . . . . . . . . . . . . . . . . . . . 13 91 8.1. Privacy Issues With 0RTT data . . . . . . . . . . . . . . 13 92 8.2. Privacy Issues With Session Resume . . . . . . . . . . . 14 93 9. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 14 94 9.1. Registration of DNS over QUIC Identification String . . . 14 95 9.2. Reservation of Dedicated Port . . . . . . . . . . . . . . 14 96 10. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 15 97 11. References . . . . . . . . . . . . . . . . . . . . . . . . . 15 98 11.1. Normative References . . . . . . . . . . . . . . . . . . 15 99 11.2. Informative References . . . . . . . . . . . . . . . . . 16 100 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 18 102 1. Introduction 104 Domain Name System (DNS) concepts are specified in [RFC1034]. This 105 document presents a mapping of the DNS protocol [RFC1035] over QUIC 106 transport [I-D.ietf-quic-transport]. The goals of this mapping are: 108 1. Provide the same DNS privacy protection as DNS over TLS 109 [RFC7858]. This includes to option for the client to 110 authenticate the server by means of an authentication domain name 111 [I-D.ietf-dprive-dtls-and-tls-profiles]. 113 2. Provide an improved level of source address validation for DNS 114 servers compared to DNS over UDP [RFC1035]. 116 3. Provide a transport that is not constrained by path MTU 117 limitations on the size of DNS responses it can send. 119 4. Explore the potential performance gains of using QUIC as a DNS 120 transport, versus other solutions like DNS over UDP [RFC1035] or 121 DNS over TLS [RFC7858]. 123 5. Participate in the definition of QUIC protocols and API, by 124 outlining a use case for QUIC different from HTTP over QUIC 125 [I-D.ietf-quic-http]. 127 In order to achieve these goals, the focus is limited to the "stub to 128 recursive resolver" scenario also addressed by [RFC7858], that is the 129 protocol described here works for queries and responses between stub 130 clients and recursive servers. The specific non-goals are: 132 1. No attempt is made to support zone transfers [RFC5936], as these 133 are not relevant to the stub to recursive resolver scenario. 135 2. No attempt is made to evade potential blocking of DNS over QUIC 136 traffic by middleboxes. 138 Users interested in zone transfers should continue using TCP based 139 solutions. Users interested in evading middleboxes should consider 140 using solutions like DNS over HTTPS [I-D.hoffman-dns-over-http] 141 [I-D.hoffman-dns-in-existing-http2], or DNS in existing QUIC 142 connections [I-D.hoffman-dns-in-existing-quic]. 144 Specifying the transmission of an application over QUIC requires to 145 specify how the application messages are mapped to QUIC streams, and 146 generally how the application will use QUIC. This is done for HTTP 147 in [I-D.ietf-quic-http]. The purpose of this document is to define 148 the way DNS can be transmitted over QUIC. 150 In this document, Section 4 presents the reasoning that guided the 151 proposed design. Section 5 specifies the actual mapping of DNS over 152 QUIC. Section 6 presents guidelines on the implementation, usage and 153 deployment of DNS over QUIC. 155 2. Key Words 157 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 158 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 159 document are to be interpreted as described in [RFC2119]. 161 3. Terminology 163 The term DNS/QUIC is used interchangeably with 'DNS over QUIC' 164 throughout this document. 166 TODO: Make this usage more consistent. 168 4. Design Considerations 170 This section and its subsection present the design guidelines that 171 were used for the proposed mapping of DNS over QUIC. This section is 172 informative in nature. 174 4.1. Scope is Limited to the Stub to Resolver Scenario 176 Usage scenarios for the DNS protocol can be broadly classified in 177 three groups: stub to recursive resolver, recursive resolver to 178 authoritative server, and server to server. This design focuses only 179 on the "stub to recursive resolver" scenario following the approach 180 taken in [RFC7858] and [I-D.ietf-dprive-dtls-and-tls-profiles]. 182 QUESTION: Should this document specify any aspects of configuration 183 of discoverability differently to DNS over TLS? 185 No attempt is made to address the recursive to authoritative 186 scenarios. Authoritative resolvers are discovered dynamically 187 through NS records. It is noted that at the time of writing work is 188 ongoing in the DPRIVE working group to attempt to address the 189 analogous problem for DNS over TLS [I-D.bortzmeyer-dprive-step-2]. 190 In the absence of an agreed way for authoritative to signal support 191 for QUIC transport, recursive resolvers would have to resort to some 192 trial and error process. At this stage of QUIC deployment, this 193 would be mostly errors, and does not seem attractive. This could 194 change in the future. 196 The DNS protocol is also used for zone transfers. In the zone 197 transfer scenario ([RFC5936]), the client emits a single AXFR query, 198 and the server responds with a series of AXFR responses. This 199 creates a unique profile, in which a query results in several 200 responses. Supporting that profile would complicate the mapping of 201 DNS queries over QUIC streams. Zone transfers are not used in the 202 stub to recursive scenario that is the focus here, and seem to be 203 currently well served by the DNS over TCP. There is no attempt to 204 support them in this proposed mapping of DNS to QUIC. 206 4.2. Provide DNS Privacy 208 DNS privacy considerations are described in [RFC7626]. [RFC7858] 209 defines how to mitigate some of these issues by transmitting DNS 210 messages over TLS and TCP and [I-D.ietf-dprive-dtls-and-tls-profiles] 211 specifies Strict and Opportunistic profiles for DNS over TLS 212 including how stub resolvers can authenticate recursive resolvers. 214 QUIC connection setup includes the negotiation of security parameters 215 using TLS, as specified in [I-D.ietf-quic-tls], enabling encryption 216 of the QUIC transport. Transmitting DNS messages over QUIC will 217 provide essentially the same privacy protections as [RFC7858] and 218 [I-D.ietf-dprive-dtls-and-tls-profiles]. Further discussion on this 219 is provided in Section 8. 221 4.3. Design for Minimum Latency 223 QUIC is specifically designed to reduce the delay between HTTP 224 queries and HTTP responses. This is achieved through three main 225 components: 227 1. Support for 0-RTT data during session resume. 229 2. Support for advanced error recovery procedures as specified in 230 [I-D.ietf-quic-recovery]. 232 3. Mitigation of head-of-line blocking by allowing parallel delivery 233 of data on multiple streams. 235 The mapping of DNS to QUIC will take advantage of these features in 236 three ways: 238 1. Optional support for sending 0-RTT data during session resume 239 (the security and privacy implications of this are discussed in 240 later sections). 242 2. Long-lived QUIC connections over which multiple DNS transactions 243 are performed, generating the sustained traffic required to 244 benefit from advanced recovery features. 246 3. Mapping of each DNS Query/Response transaction to a separate 247 stream, to mitigate head-of-line blocking. 249 These considerations will be reflected in the mapping of DNS traffic 250 to QUIC streams in Section 5.2. 252 4.4. Development of QUIC Protocols and API 254 QUIC is defined as a layered protocol, with application specific 255 mapping layered on top of the generic QUIC transport. The only 256 mapping defined at this stage is HTTP over QUIC [I-D.ietf-quic-http]. 257 Adding a different mapping for a different application contributes to 258 the development of QUIC. 260 HTTP/QUIC uses a dedicated control channel on a long-lived stream to 261 maintain connection state beyond the lifetime of individual requests, 262 such as relative priority of requests, settings, and other metadata. 263 These additional capabilities come at the cost of some complexity, 264 and also some performance since the control stream is exposed to 265 head-of-line blocking. 267 In this document a different design is deliberately explored, in 268 which there is no control stream. Clients and servers can initiate 269 queries as determined by the DNS application logic, opening new 270 streams as necessary. This provides for maximum parallelism between 271 queries, as noted in Section 4.3. It also places constraints on the 272 API. Client and servers will have to be notified of the opening of a 273 new stream by their peer. Instead of orderly closing the control 274 stream, client and server will have to use orderly connection closure 275 mechanisms and manage the potential loss of data if closing on one 276 end conflicts with opening of a stream on the other end. 278 QUESTION: The server originated PUSH requests are expected to be 279 delivered in order. Is it possible to guarantee this order without a 280 control stream? 282 4.5. No Specific Middlebox Bypass Mechanism 284 Being different from HTTP over QUIC is a design choice. The 285 advantage is that the mapping can be defined for minimal overhead and 286 maximum performance. The downside is that the difference can be 287 noted by firewalls and middleboxes. There may be environments in 288 which HTTP over QUIC will be allowed, but DNS over QUIC will be 289 disallowed and blocked by these middle boxes. 291 It is recognized that this might be a problem, but there is currently 292 no indication on how widespread that problem might be. It might be 293 that the problem will be so acute that the only realistic solution 294 would be to communicate with independent recursive resolvers using 295 DNS over HTTPS, or maybe DNS over HTTP over QUIC. Or it might be 296 that the problem is rare enough and the performance gains significant 297 enough that the correct solution is to use DNS over QUIC most of the 298 time, and to fall back on DNS over HTTPS some of the time. 299 Measurements and experimentations will inform that decision. In 300 between, we believe that a clean design is most likely to inform the 301 QUIC development, as explained in Section 4.4. 303 5. Specifications 305 5.1. Connection Establishment 307 DNS/QUIC connections are established as described in 308 [I-D.ietf-quic-transport]. During connection establishment, DNS/QUIC 309 support is indicated by selecting the ALPN token "dq" in the crypto 310 handshake. 312 5.1.1. Draft Version Identification 314 *RFC Editor's Note:* Please remove this section prior to publication 315 of a final version of this document. 317 Only implementations of the final, published RFC can identify 318 themselves as "dq". Until such an RFC exists, implementations MUST 319 NOT identify themselves using this string. 321 Implementations of draft versions of the protocol MUST add the string 322 "-" and the corresponding draft number to the identifier. For 323 example, draft-huitema-quic-dnsoquic-001 is identified using the 324 string "dq-h01". 326 5.1.2. Port Selection 328 By default, a DNS server that supports DNS/QUIC MUST listen for and 329 accept QUIC connections on the dedicated UDP port TBD (number to be 330 defined in Section 9, unless it has mutual agreement with its clients 331 to use a port other than TBD for DNS over QUIC. In order to use a 332 port other than TBD, both clients and servers would need a 333 configuration option in their software. 335 By default, a DNS client desiring to use DNS over QUIC with a 336 particular server MUST establish a QUIC connection to UDP port TBD on 337 the server, unless it has mutual agreement with its server to use a 338 port other than port TBD for DNS over QUIC. Such another port MUST 339 NOT be port 53 or port 853. This recommendation against use of port 340 53 for DNS over QUIC is to avoid confusion between DNS over QUIC and 341 DNS over UDP as specified in [RFC1035]. Similarly, using port 853 342 would cause confusion between DNS over QUIC and DNS over DTLS as 343 specified in [RFC8094]. 345 5.2. Stream Mapping and Usage 347 The mapping of DNS traffic over QUIC streams takes advantage of the 348 QUIC stream features detailed in Section 10 of 349 [I-D.ietf-quic-transport]. 351 The stub to resolver DNS traffic follows a simple pattern in which 352 the client sends a query, and the server provides a response. This 353 design specifies that for each subsequent query on a QUIC connection 354 the client MUST select the next available client stream, in 355 conformance with Section 10.2 of [I-D.ietf-quic-transport]. 357 The client MUST send the DNS query over the selected stream, and MUST 358 indicate through the STREAM FIN mechanism that no further data will 359 be sent on that stream. 361 The server MUST send the response on the same stream, and MUST 362 indicate through the STREAM FIN mechanism that no further data will 363 be sent on that stream. 365 Therefore, a single client initiated DNS transaction consumes a 366 single stream. This means that the client's first query occurs on 367 QUIC stream 3, the second on 5, and so on. 369 DNS query and responses are formatted as specified in [RFC1035]. In 370 contrast with DNS over TCP [RFC7766] and DNS over TLS [RFC7858], 371 these messages are sent without a two bytes length field prepended. 373 5.2.1. Server Initiated Transactions 375 There are planned traffic patterns in which a server sends 376 unsolicited queries to a client, such as for example PUSH messages 377 defined in [I-D.ietf-dnssd-push]. When a server wishes to send such 378 queries it MUST select the next available server stream, in 379 conformance with Section 10.2 of [I-D.ietf-quic-transport]. 381 The server MUST send the DNS query over the selected stream, and MUST 382 indicate through the STREAM FIN mechanism that no further data will 383 be sent on that stream. 385 The client MUST send the response on the same stream, and MUST 386 indicate through the STREAM FIN mechanism that no further data will 387 be sent on that stream. 389 Therefore a single server initiated DNS transaction consumes a single 390 stream. This means that the servers's first query occurs on QUIC 391 stream 2, the second on 4, and so on. 393 5.2.2. Stream Reset 395 Stream transmission may be abandoned by either party, using the 396 stream "reset" facility. A stream reset indicates that one party is 397 unwilling to continue processing the transaction associated with the 398 stream. The corresponding transaction MUST be abandoned. A Server 399 Failure (SERVFAIL, [RFC1035]) SHOULD be notified to the initiator of 400 the transaction. 402 5.3. Closing the DNS over QUIC Connection 404 QUIC connections are closed using the CONNECTION_CLOSE mechanisms 405 specified in [I-D.ietf-quic-transport]. Connections can be closed at 406 the initiative of either the client or the server (also see 407 Section 6.6.2). The party initiating the connection closure SHOULD 408 use the QUIC GOAWAY mechanism to initiate a graceful shutdown of a 409 connection. 411 The transactions corresponding to stream number higher than indicated 412 in the GO AWAY frames MUST be considered failed. Similarly, if 413 streams are still open when the CONNECTION_CLOSE is received, the 414 corresponding transactions MUST be considered failed. In both cases, 415 a Server Failure (SERVFAIL, [RFC1035]) SHOULD be notified to the 416 initiator of the transaction. 418 5.4. Connection Resume and 0-RTT 420 A stub resolver MAY take advantage of the connection resume 421 mechanisms supported by QUIC transport [I-D.ietf-quic-transport] and 422 QUIC TLS [I-D.ietf-quic-tls]. Stub resolvers SHOULD consider 423 potential privacy issues associated with session resume before 424 deciding to use this mechanism. These privacy issues are detailed in 425 Section 8.2. 427 When resuming a session, a stub resolver MAY take advantage of the 428 0-RTT mechanism supported by QUIC. The 0-RTT mechanism MUST NOT be 429 used to send data that is not "replayable" transactions. For 430 example, a stub resolver MAY transmit a Query as 0-RTT, but MUST NOT 431 transmit an Update. 433 6. Implementation Requirements 435 6.1. Authentication 437 For the stub to recursive resolver scenario, the authentication 438 requirements are the same as described in [RFC7858] and 439 [I-D.ietf-dprive-dtls-and-tls-profiles]. There is no need to 440 authenticate the client's identity in either scenario. 442 6.2. Fall Back to Other Protocols on Connection Failure 444 If the establishment of the DNS over QUIC connection fails, clients 445 SHOULD attempt to fall back to DNS over TLS and then potentially 446 clear text, as specified in [RFC7858] and 447 [I-D.ietf-dprive-dtls-and-tls-profiles], depending on their privacy 448 profile. 450 DNS clients SHOULD remember server IP addresses that don't support 451 DNS over QUIC, including timeouts, connection refusals, and QUIC 452 handshake failures, and not request DNS over QUIC from them for a 453 reasonable period (such as one hour per server). DNS clients 454 following an out-of-band key-pinned privacy profile ([RFC7858]) MAY 455 be more aggressive about retrying DNS over QUIC connection failures. 457 6.3. Response Sizes 459 DNS over QUIC does not suffer from the limitation on the size of 460 responses that can be delivered as DNS over UDP [RFC1035] does, since 461 large responses will be sent in separate STREAM frames in separate 462 packets. 464 QUESTION: However, this raises a new issue because the responses sent 465 over QUIC can be significantly larger than those sent over TCP 466 (65,635 bytes). According to [I-D.ietf-quic-transport] "The largest 467 offset delivered on a stream - the sum of the re-constructed offset 468 and data length - MUST be less than 2^64". Should a specific limit 469 be applied for DNS over QUIC responses or not? 471 6.4. DNS Message IDs 473 QUESTION: Should we include the restrictions 'When sending multiple 474 queries over a QUIC connection, clients MUST NOT reuse the DNS 475 Message ID of an in-flight query on that connection in order to avoid 476 Message ID collisions.' 478 And similarly, for 'Clients MUST match outstanding queries using the 479 Message ID and if the response contains a question section, the 480 client MUST match the QNAME, QCLASS, and QTYPE fields.'. In other 481 words should we involve the stream ID in message matching or not? 483 6.5. Padding 485 There are mechanisms specified for both padding individual DNS 486 messages [RFC7830], [I-D.ietf-dprive-padding-policy] and padding 487 within QUIC packets (see Section 8.6 of [I-D.ietf-quic-transport]), 488 which may contain multiple frames. 490 QUESTION: What should the padding guidelines be here? 492 6.6. Connection Handling 494 [RFC7766] provides updated guidance on DNS over TCP much of which is 495 applicable to DNS over QUIC. This section attempts to specify how 496 those considerations apply to DNS over QUIC. 498 6.6.1. Connection Reuse 500 Historic implementations of DNS stub resolvers are known to open and 501 close TCP connections for each DNS query. To avoid excess QUIC 502 connections, each with a single query, clients SHOULD reuse a single 503 QUIC connection to the recursive resolver. 505 In order to achieve performance on par with UDP, DNS clients SHOULD 506 send their queries concurrently over the QUIC streams on a QUIC 507 connection. That is, when a DNS client sends multiple queries to a 508 server over a QUIC connection, it SHOULD NOT wait for an outstanding 509 reply before sending the next query. 511 6.6.2. Connection Close 513 In order to amortize QUIC and TLS connection setup costs, clients and 514 servers SHOULD NOT immediately close a QUIC connection after each 515 response. Instead, clients and servers SHOULD reuse existing QUIC 516 connections for subsequent queries as long as they have sufficient 517 resources. In some cases, this means that clients and servers may 518 need to keep idle connections open for some amount of time. 520 Under normal operation DNS clients typically initiate connection 521 closing on idle connections; however, DNS servers can close the 522 connection if the idle timeout set by local policy is exceeded. 523 Also, connections can be closed by either end under unusual 524 conditions such as defending against an attack or system failure/ 525 reboot. 527 Clients and servers that keep idle connections open MUST be robust to 528 termination of idle connection by either party. As with current DNS 529 over TCP, DNS servers MAY close the connection at any time (perhaps 530 due to resource constraints). As with current DNS over TCP, clients 531 MUST handle abrupt closes and be prepared to reestablish connections 532 and/or retry queries. 534 6.6.3. Idle Timeouts 536 Proper management of established and idle connections is important to 537 the healthy operation of a DNS server. An implementation of DNS over 538 QUIC SHOULD follow best practices for DNS over TCP, as described in 539 [RFC7766]. Failure to do so may lead to resource exhaustion and 540 denial of service. 542 This document does not make specific recommendations for timeout 543 values on idle connections. Clients and servers should reuse and/or 544 close connections depending on the level of available resources. 545 Timeouts may be longer during periods of low activity and shorter 546 during periods of high activity. Current work in this area may also 547 assist DNS over TLS clients and servers in selecting useful timeout 548 values [RFC7828] [I-D.ietf-dnsop-session-signal] [TDNS]. 550 TODO: Clarify what timers (idle timeouts, response timeouts) apply at 551 the stream level and at the connection level. 553 TODO: QUIC provides an efficient mechanism for resuming connections, 554 including the possibility of sending 0-RTT data. Does that change 555 the tradeoff? Is it plausible to use shorter timers than specified 556 for TCP? 558 7. Security Considerations 560 The security considerations of DNS over QUIC should be comparable to 561 those of DNS over TLS [RFC7858]. 563 8. Privacy Considerations 565 DNS over QUIC is specifically designed to protect the DNS traffic 566 between stub and resolver from observations by third parties, and 567 thus protect the privacy of queries from the stub. However, the 568 recursive resolver has full visibility of the stub's traffic, and 569 could be used as an observation point, as discussed in [RFC7626]. 570 These considerations do not differ between DNS over TLS and DNS over 571 QUIC and are not discussed further here. 573 QUIC incorporates the mechanisms of TLS 1.3 [I-D.ietf-tls-tls13] and 574 this enables QUIC transmission of "Zero RTT" data. This can provide 575 interesting latency gains, but it raises two concerns: 577 1. Adversaries could replay the zero-RTT data and infer its content 578 from the behavior of the receiving server. 580 2. The zero-RTT mechanism relies on TLS resume, which can provide 581 linkability between successive client sessions. 583 These issues are developed in Section 8.1 and Section 8.2. 585 8.1. Privacy Issues With 0RTT data 587 The zero-RTT data can be replayed by adversaries. That data may 588 triggers a query by a recursive resolver to an authoritative 589 resolvers. Adversaries may be able to pick a time at which the 590 recursive resolver outgoing traffic is observable, and thus find out 591 what name was queried for in the 0-RTT data. 593 This risk is in fact a subset of the general problem of observing the 594 behavior of the recursive resolver discussed in [RFC7626]. The 595 attack is partially mitigated by reducing the observability of this 596 traffic. However, the risk is amplified for 0-RTT data, because the 597 attacker might replay it at chosen times, several times. 599 The recommendation in [I-D.ietf-tls-tls13] is that the capability to 600 use 0-RTT data should be turned off by default, on only enabled if 601 the user clearly understands the associated risks. 603 QUESTION: Should 0-RTT only be used with Opportunistic profiles (i.e. 604 disabled by default for Strict only)? 606 8.2. Privacy Issues With Session Resume 608 The QUIC session resume mechanism reduces the cost of reestablishing 609 sessions and enables zero-RTT data. There is a linkability issue 610 associated with session resume, if the same resume token is used 611 several times, but this risk is mitigated by the mechanisms 612 incorporated in QUIC and in TLS 1.3. With these mechanisms, clients 613 and servers can cooperate to avoid linkability by third parties. 614 However, the server will always be able to link the resumed session 615 to the initial session. This creates a virtual long duration 616 session. The series of queries in that session can be used by the 617 server to identify the client. 619 Enabling the server to link client sessions through session resume is 620 probably not a large additional risk if the client's connectivity did 621 not change between the sessions, since the two sessions can probably 622 be correlated by comparing the IP addresses. On the other hand, if 623 the addresses did change, the client SHOULD consider whether the 624 linkability risk exceeds the privacy benefits. This evaluation will 625 obviously depend on the level of trust between stub and recursive. 627 9. IANA Considerations 629 9.1. Registration of DNS over QUIC Identification String 631 This document creates a new registration for the identification of 632 DNS over QUIC in the "Application Layer Protocol Negotiation (ALPN) 633 Protocol IDs" registry established in [RFC7301]. 635 The "dq" string identifies DNS over QUIC: 637 Protocol: DNS over QUIC 639 Identification Sequence: 0x64 0x71 ("dq") 641 Specification: This document 643 9.2. Reservation of Dedicated Port 645 IANA is required to add the following value to the "Service Name and 646 Transport Protocol Port Number Registry" in the System Range. The 647 registry for that range requires IETF Review or IESG Approval 648 [RFC6335], and such a review was requested using the early allocation 649 process [RFC7120] for the well-known UDP port in this document. 650 Since port 853 is reserved for 'DNS query-response protocol run over 651 TLS' consideration is requested for reserving port 953 for 'DNS 652 query-response 653 protocol run over QUIC'. 655 Service Name domain-s 656 Transport Protocol(s) TCP/UDP 657 Assignee IESG 658 Contact IETF Chair 659 Description DNS query-response protocol run over QUIC 660 Reference This document 662 10. Acknowledgements 664 This document liberally borrows text from [I-D.ietf-quic-http] edited 665 by Mike Bishop, and from [RFC7858] authored by Zi Hu, Liang Zhu, John 666 Heidemann, Allison Mankin, Duane Wessels, and Paul Hoffman. 668 The privacy issue with 0-RTT data and session resume were analyzed by 669 Daniel Kahn Gillmor (DKG) in a message to the IETF "DPRIV" working 670 group [DNS0RTT]. 672 Thanks to our wide cast of supporters. 674 11. References 676 11.1. Normative References 678 [I-D.ietf-dprive-dtls-and-tls-profiles] 679 Dickinson, S., Gillmor, D., and T. Reddy, "Authentication 680 and (D)TLS Profile for DNS-over-(D)TLS", draft-ietf- 681 dprive-dtls-and-tls-profiles-09 (work in progress), April 682 2017. 684 [I-D.ietf-quic-tls] 685 Thomson, M. and S. Turner, "Using Transport Layer Security 686 (TLS) to Secure QUIC", draft-ietf-quic-tls-02 (work in 687 progress), March 2017. 689 [I-D.ietf-quic-transport] 690 Iyengar, J. and M. Thomson, "QUIC: A UDP-Based Multiplexed 691 and Secure Transport", draft-ietf-quic-transport-02 (work 692 in progress), March 2017. 694 [RFC1034] Mockapetris, P., "Domain names - concepts and facilities", 695 STD 13, RFC 1034, DOI 10.17487/RFC1034, November 1987, 696 . 698 [RFC1035] Mockapetris, P., "Domain names - implementation and 699 specification", STD 13, RFC 1035, DOI 10.17487/RFC1035, 700 November 1987, . 702 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 703 Requirement Levels", BCP 14, RFC 2119, 704 DOI 10.17487/RFC2119, March 1997, 705 . 707 [RFC7301] Friedl, S., Popov, A., Langley, A., and E. Stephan, 708 "Transport Layer Security (TLS) Application-Layer Protocol 709 Negotiation Extension", RFC 7301, DOI 10.17487/RFC7301, 710 July 2014, . 712 11.2. Informative References 714 [DNS0RTT] Kahn Gillmor, D., "DNS + 0-RTT", Message to DNS-Privacy WG 715 mailing list, April 2016, . 718 [I-D.bortzmeyer-dprive-step-2] 719 Bortzmeyer, S., "Next step for DPRIVE: resolver-to-auth 720 link", draft-bortzmeyer-dprive-step-2-05 (work in 721 progress), December 2016. 723 [I-D.hoffman-dns-in-existing-http2] 724 Hoffman, P., "Running DNS in Existing HTTP/2 Connections", 725 draft-hoffman-dns-in-existing-http2-00 (work in progress), 726 April 2017. 728 [I-D.hoffman-dns-in-existing-quic] 729 Hoffman, P., "Running DNS in Existing QUIC Connections", 730 draft-hoffman-dns-in-existing-quic-00 (work in progress), 731 April 2017. 733 [I-D.hoffman-dns-over-http] 734 Hoffman, P. and J. Hildebrand, "DNS Queries over HTTPS", 735 draft-hoffman-dns-over-http-01 (work in progress), October 736 2016. 738 [I-D.ietf-dnsop-session-signal] 739 Bellis, R., Cheshire, S., Dickinson, J., Dickinson, S., 740 Mankin, A., and T. Pusateri, "DNS Session Signaling", 741 draft-ietf-dnsop-session-signal-02 (work in progress), 742 March 2017. 744 [I-D.ietf-dnssd-push] 745 Pusateri, T. and S. Cheshire, "DNS Push Notifications", 746 draft-ietf-dnssd-push-10 (work in progress), March 2017. 748 [I-D.ietf-dprive-padding-policy] 749 Mayrhofer, A., "Padding Policy for EDNS(0)", draft-ietf- 750 dprive-padding-policy-00 (work in progress), December 751 2016. 753 [I-D.ietf-quic-http] 754 Bishop, M., "Hypertext Transfer Protocol (HTTP) over 755 QUIC", draft-ietf-quic-http-02 (work in progress), March 756 2017. 758 [I-D.ietf-quic-recovery] 759 Iyengar, J. and I. Swett, "QUIC Loss Detection and 760 Congestion Control", draft-ietf-quic-recovery-02 (work in 761 progress), March 2017. 763 [I-D.ietf-tls-tls13] 764 Rescorla, E., "The Transport Layer Security (TLS) Protocol 765 Version 1.3", draft-ietf-tls-tls13-19 (work in progress), 766 March 2017. 768 [RFC5936] Lewis, E. and A. Hoenes, Ed., "DNS Zone Transfer Protocol 769 (AXFR)", RFC 5936, DOI 10.17487/RFC5936, June 2010, 770 . 772 [RFC6335] Cotton, M., Eggert, L., Touch, J., Westerlund, M., and S. 773 Cheshire, "Internet Assigned Numbers Authority (IANA) 774 Procedures for the Management of the Service Name and 775 Transport Protocol Port Number Registry", BCP 165, 776 RFC 6335, DOI 10.17487/RFC6335, August 2011, 777 . 779 [RFC7120] Cotton, M., "Early IANA Allocation of Standards Track Code 780 Points", BCP 100, RFC 7120, DOI 10.17487/RFC7120, January 781 2014, . 783 [RFC7626] Bortzmeyer, S., "DNS Privacy Considerations", RFC 7626, 784 DOI 10.17487/RFC7626, August 2015, 785 . 787 [RFC7766] Dickinson, J., Dickinson, S., Bellis, R., Mankin, A., and 788 D. Wessels, "DNS Transport over TCP - Implementation 789 Requirements", RFC 7766, DOI 10.17487/RFC7766, March 2016, 790 . 792 [RFC7828] Wouters, P., Abley, J., Dickinson, S., and R. Bellis, "The 793 edns-tcp-keepalive EDNS0 Option", RFC 7828, 794 DOI 10.17487/RFC7828, April 2016, 795 . 797 [RFC7830] Mayrhofer, A., "The EDNS(0) Padding Option", RFC 7830, 798 DOI 10.17487/RFC7830, May 2016, 799 . 801 [RFC7858] Hu, Z., Zhu, L., Heidemann, J., Mankin, A., Wessels, D., 802 and P. Hoffman, "Specification for DNS over Transport 803 Layer Security (TLS)", RFC 7858, DOI 10.17487/RFC7858, May 804 2016, . 806 [RFC8094] Reddy, T., Wing, D., and P. Patil, "DNS over Datagram 807 Transport Layer Security (DTLS)", RFC 8094, 808 DOI 10.17487/RFC8094, February 2017, 809 . 811 [TDNS] Zhu, L., Hu, Z., Heidemann, J., Wessels, D., Mankin, A., 812 and N. Somaiya, "Connection-Oriented DNS to Improve 813 Privacy and Security", 2015 IEEE Symposium on Security and 814 Privacy (SP), DOI 10.1109/SP.2015.18, 815 . 817 Authors' Addresses 819 Christian Huitema 820 Private Octopus Inc. 821 Friday Harbor WA 98250 822 U.S.A 824 Email: huitema@huitema.net 826 Melinda Shore 827 Fastly 829 Email: mshore@fastly.com 831 Allison Mankin 832 Salesforce 834 Email: amankin@salesforce.com 835 Sara Dickinson 836 Sinodun IT 837 Magdalen Centre 838 Oxford Science Park 839 Oxford OX4 4GA 840 U.K. 842 Email: sara@sinodun.com 844 Jana Iyengar 845 Google 847 Email: jri@google.com