Last Call Review of draft-ietf-dprive-unilateral-probing-12
review-ietf-dprive-unilateral-probing-12-artart-lc-gondwana-2023-09-07-00
review-ietf-dprive-unilateral-probing-12-artart-lc-gondwana-2023-09-07-00
I am the ARTART reviewer for this document. Apologies for the delay in sending my review. I found it very well written and easy to follow. It's clear why this guidance is being written, and it's clear to me how to implement it. My only concern is that it does fall back very easily to cleartext, for a long damping period. As a protocol implementer myself, I would generally expect to retry something one or two more times over the course of a few minutes before giving up entirely for 24h, since the server at the other end may have just been restarting and either dropped an existing connection or rejected a SYN packet, but be ready a moment later. I'd be happy with a limit of something like 5 tries over 2 minutes (one every 30 seconds) before giving up. Thanks again for this document, and I look forward to my DNS being slightly safer in future.