Skip Menu |

This queue is for tickets about the Net-DNS CPAN distribution.

Report information
The Basics
Id: 33963
Status: resolved
Priority: 0/
Queue: Net-DNS
People
Owner: Nobody in particular
Requestors: blblack [...] gmail.com
Cc:
AdminCc:
Bug Information
Severity: Normal
Broken in: 0.63
Fixed in: (no value)

History Show all quoted text
  Mon Mar 10 13:04:59 2008 blblack [...] gmail.com - Ticket created
Subject: name suffix compression is case-sensitive
In Net::DNS::Packet::dn_comp(), the comparison for finding compression matches is case-sensitive. The result does not violate the RFCs, but it does differ from the behavior of BIND which is regrettably the standard reference implementation. BIND would compare the suffixes insensitively for compression, which results in any odd/mixed case in the question section propagating into the answer/auth/additional sections if compression of those parts is possible. BIND's behavior is uglier to me, but it also shaves a few extra bytes off in these cases. I'm undecided personally on whether the existing behavior or BIND's behavior is "better" in the overall, but I thought I'd at least make you aware in case you wanted to emulate BIND's behavior here, on the off chance it makes some kind of difference inter-operating with case-broken caches or resolvers that expect it.
  Wed Mar 12 11:10:16 2008 rwfranks [...] acm.org - Correspondence added
From: rwfranks [...] acm.org
RFC4343 seems to be the the most recent word on this topic. 4.1 (DNS Output Case Preservation) seems to support your view about case-insensitive matching for name compression, although without stating any reasons for doing so. 4.2 (DNS Input Case Preservation) is even less helpful and leaves implementations free to do their own thing. The present Net::DNS implementation takes a thoroughly pragmatic view by performing case-sensitive name compression. This ensures that any obligation to preserve case can be met in full, and any case folding is entirely the responsibility of the nameservers. The only penalty is a small loss of compression efficiency. Name compression is not mandatory, therefore efficiency can not be the deciding factor. Adopting case-insensitive matching would introduce the possibility that case information can be lost within the resolver itself, which is entirely unnecessary. Sitting on the fence is probably the realistic option right now. --Dick
  Wed Mar 12 11:10:18 2008 The RT System itself - Status changed from 'new' to 'open'
  Thu Aug 28 08:09:32 2008 OLAF [...] cpan.org - Correspondence added
On Wed Mar 12 11:10:16 2008, rwfranks@acm.org wrote: Show quoted text
> > RFC4343 seems to be the the most recent word on this topic. > > 4.1 (DNS Output Case Preservation) seems to support your view about > case-insensitive matching for name compression, although without stating > any reasons for doing so. > > 4.2 (DNS Input Case Preservation) is even less helpful and leaves > implementations free to do their own thing. > > > The present Net::DNS implementation takes a thoroughly pragmatic view by > performing case-sensitive name compression. This ensures that any > obligation to preserve case can be met in full, and any case folding is > entirely the responsibility of the nameservers. > > The only penalty is a small loss of compression efficiency. Name > compression is not mandatory, therefore efficiency can not be the > deciding factor. > > Adopting case-insensitive matching would introduce the possibility that > case information can be lost within the resolver itself, which is > entirely unnecessary. > > Sitting on the fence is probably the realistic option right now. >
To add... preserving case fits into the general approach of being conservative in what you do to the network while being liberal in what you accept from it. Also, in the context of trying to increase entropy in answer-response in order to cope with cache poisoning there is an example that is critically dependent on case preservation in the question section: http://tools.ietf.org/html/draft-vixie-dnsext-dns0x20 For Net::DNS this is not so relevant as dnames would be compressed against the first occurrence of a set of labels (which is in the question section most likely). But there is nothing in the standard that prohibits forward pointing compression pointers. In other words, I'm grateful for the heads up, but I support Dick's assessment. No further action, closing ticket. --Olaf
  Thu Aug 28 08:09:35 2008 OLAF [...] cpan.org - Correspondence added
On Wed Mar 12 11:10:16 2008, rwfranks@acm.org wrote: Show quoted text
> > RFC4343 seems to be the the most recent word on this topic. > > 4.1 (DNS Output Case Preservation) seems to support your view about > case-insensitive matching for name compression, although without stating > any reasons for doing so. > > 4.2 (DNS Input Case Preservation) is even less helpful and leaves > implementations free to do their own thing. > > > The present Net::DNS implementation takes a thoroughly pragmatic view by > performing case-sensitive name compression. This ensures that any > obligation to preserve case can be met in full, and any case folding is > entirely the responsibility of the nameservers. > > The only penalty is a small loss of compression efficiency. Name > compression is not mandatory, therefore efficiency can not be the > deciding factor. > > Adopting case-insensitive matching would introduce the possibility that > case information can be lost within the resolver itself, which is > entirely unnecessary. > > Sitting on the fence is probably the realistic option right now. >
To add... preserving case fits into the general approach of being conservative in what you do to the network while being liberal in what you accept from it. Also, in the context of trying to increase entropy in answer-response in order to cope with cache poisoning there is an example that is critically dependent on case preservation in the question section: http://tools.ietf.org/html/draft-vixie-dnsext-dns0x20 For Net::DNS this is not so relevant as dnames would be compressed against the first occurrence of a set of labels (which is in the question section most likely). But there is nothing in the standard that prohibits forward pointing compression pointers. In other words, I'm grateful for the heads up, but I support Dick's assessment. No further action, closing ticket. --Olaf
  Tue Dec 16 15:38:49 2008 OLAF [...] cpan.org - Status changed from 'open' to 'resolved'