Re: [dane] I-D Action: draft-ietf-dane-smime-03.txt

Wed, 05 Feb 2014 21:45:05 -0800 

Mark Andrews writes:
> 
> In message <[email protected]>, Andrew Sullivan writes:
> > On Thu, Feb 06, 2014 at 04:31:38AM +0000, Viktor Dukhovni wrote:
> > > I must plead ignorance of the obstacle, what do you have in mind?
> > 
> > I am repeatedly informed by my man pages, RFC 3493, and every web
> > browser implementer I've ever spoken to that getting the TTL on an RR
> > coming to you from the system resolver is hard.  I'd be more delighted
> > than I can express to be misinformed, so if you know otherwise please
> > say so.
> 
> And I say BS.  If you are using a layer above the resolver
> (gethostbyname, getaddrinfo) yes it may be hard but for TLSA *there
> is no layer above the resolver*.
> 
> libresolv/libbind have provided access to the TTL since the 1980's.
> 
> Even Microsoft Windows programmers don't have a excuse as DnsQuery
> returns the ttl in its results.
> 
> http://msdn.microsoft.com/en-us/library/windows/desktop/ms682016(v=vs.85).asp
> x

And as for getaddrinfo/RFC 3493, the api was designed to be extendable.
We should just extend it to return the ttl.  Something like the following
would do.

e.g.

In <netdb.h>
struct addrinfo {
  int     ai_flags;     /* AI_PASSIVE, AI_CANONNAME,
                           AI_NUMERICHOST, .. */
  int     ai_family;    /* AF_xxx */
  int     ai_socktype;  /* SOCK_xxx */
  int     ai_protocol;  /* 0 or IPPROTO_xxx for IPv4 and IPv6 */
  socklen_t  ai_addrlen;   /* length of ai_addr */
  char   *ai_canonname; /* canonical name for nodename */
  struct sockaddr  *ai_addr; /* binary address */
  struct addrinfo  *ai_next; /* next structure in linked list */

  /* RFC XXXX */
#define AI_TTL 1
#define AI_NOTTL 0xffffffffu            /* No TTL available */
  unsigned int  ai_ttl; /* DNS TTL */
};

In the application

        unsigned int ttl;

#ifdef AI_TTL
        if (addrinfo->ai_ttl == AI_NOTTL)
                ttl = addrinfo->ai_ttl;  
        else
#else
                ttl = 0;
#endif

Mark
-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: [email protected]
_______________________________________________
dane mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dane

Reply via email to