IETF Logo Mail Archive

Re: [Add] My single use case

Martin Thomson <mt@lowentropy.net> Fri, 11 September 2020 02:10 UTC

Return-Path: <mt@lowentropy.net>
X-Original-To: add@ietfa.amsl.com
Delivered-To: add@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 613593A1316 for <add@ietfa.amsl.com>; Thu, 10 Sep 2020 19:10:55 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.101
X-Spam-Level:
X-Spam-Status: No, score=-2.101 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=lowentropy.net header.b=H2vrURCw; dkim=pass (2048-bit key) header.d=messagingengine.com header.b=S4yqcrcI
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id JY0LKivV8mcs for <add@ietfa.amsl.com>; Thu, 10 Sep 2020 19:10:54 -0700 (PDT)
Received: from wout5-smtp.messagingengine.com (wout5-smtp.messagingengine.com [64.147.123.21]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 31E7A3A1314 for <add@ietf.org>; Thu, 10 Sep 2020 19:10:54 -0700 (PDT)
Received: from compute2.internal (compute2.nyi.internal [10.202.2.42]) by mailout.west.internal (Postfix) with ESMTP id 91121849; Thu, 10 Sep 2020 22:10:52 -0400 (EDT)
Received: from imap10 ([10.202.2.60]) by compute2.internal (MEProxy); Thu, 10 Sep 2020 22:10:52 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lowentropy.net; h=mime-version:message-id:in-reply-to:references:date:from:to :cc:subject:content-type; s=fm3; bh=xpFPhBHppFC4unNmThQJNFzSW4R4 cSYBmZd84aq/pTQ=; b=H2vrURCwg+vsgRb4dBwOwK2QNpVR1ZKqnqwyh6ZVCb+N +hHdpPh+xfvSn4WX5GgjHoCwji9AtyPbkpgvzB2JCDVwLdddSsLcnhhO0yrDSnwA WU93gRnBxAP5B1zEomhS51gzIyS05vaPEfYgFqc3SjHHa9NiCWL2+N947MJx7gGV Qib2zFHkEfWKBFv7pv+qQ4VBK3ZVu4KE+4xKlNmxIhuDTpGXHiXL8d2BlvYnLdGf 9SkvSxcwhyNllWm9AZKV4chpHfzAWJ/pLtsjtUBuEf2ZtBzGK/LOFZk5C2kEAkgG FZ6pA9wWzvSlm6NNR1hWuDyQ6pGicBynhhJlKOXCPA==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-type:date:from:in-reply-to :message-id:mime-version:references:subject:to:x-me-proxy :x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=fm3; bh=xpFPhB HppFC4unNmThQJNFzSW4R4cSYBmZd84aq/pTQ=; b=S4yqcrcIpvk1x/vjrTiVWV 8yokW6gp5qTf4sW4yM6qqRz7K2zDqo+wu7dLYs9G/F5YXNqTJigEzGeSakb9Ad+f mRckdTdl9S/GksJJ85+HLFOx2OEy3qQ5GZMAr6VelsMvOTj5jPX5CKsIVumqpQ2s lBLuDTLAyVntsx9umKcO8FyE7OYS5xkU3Va1aMnUa0W2/rlEiGEvRhydSiPcZeje J0sFiy0XpGrFxwMfAWReZX8k2VHaqrXnThigcp6qjyGzL6SJeOXtChdTgi/kPH2S h9bHZ/oeLHRIR2/1DlWOtEAbTb97NnoP6o4wWmFulYRxWvMIqSQJuVE78YFhNucw ==
X-ME-Sender: <xms:q9xaXwG57vdyqecXbnSJSHFCxcY11V37LreUD6vYxBuZYkr4zmVGnQ> <xme:q9xaX5XHvb0cQjYzbjdO9IdOsQJiarQTwa-sNUnij_BU64SHwuWtKS5E98GG1omy8 drTkr6h2J29RYVvkmk>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeduiedrudehkedgheeiucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucenucfjughrpefofgggkfgjfhffhffvufgtsehttd ertderredtnecuhfhrohhmpedfofgrrhhtihhnucfvhhhomhhsohhnfdcuoehmtheslhho figvnhhtrhhophihrdhnvghtqeenucggtffrrghtthgvrhhnpeekteeuieektdekleefke evhfekffevvdevgfekgfeluefgvdejjeegffeigedtjeenucevlhhushhtvghrufhiiigv pedtnecurfgrrhgrmhepmhgrihhlfhhrohhmpehmtheslhhofigvnhhtrhhophihrdhnvg ht
X-ME-Proxy: <xmx:q9xaX6Iw2nVm_1DzK_fvI4BbHPNIcy3tzou2WpA0sop6atkaXS497g> <xmx:q9xaXyGt08vH4tkjV7nwdwVqst2quhhAlw4N_XhsR69ppSeA7AOI6Q> <xmx:q9xaX2UhXGutrXy6u0G60BpUbcHS_FOHPvrABBMmJYiHnIxUXiopGQ> <xmx:rNxaXxB4uSf72QgJOrLTG4z83kilFORPn3vwaJwkd-WTU1PkL2CJcw>
Received: by mailuser.nyi.internal (Postfix, from userid 501) id 9EFEC20121; Thu, 10 Sep 2020 22:10:51 -0400 (EDT)
X-Mailer: MessagingEngine.com Webmail Interface
User-Agent: Cyrus-JMAP/3.3.0-259-g88fbbfa-fm-20200903.003-g88fbbfa3
Mime-Version: 1.0
Message-Id: <09fcf8c1-5048-4128-855c-e020ed8de0e8@www.fastmail.com>
In-Reply-To: <CACJ6M15-aG-=o_J2uVRAmSjLbO0NQ4sEGJYDMegcX7CjWMZpZw@mail.gmail.com>
References: <d4bd287a-d2ce-40cd-b635-4f74efbc77f6@www.fastmail.com> <CACJ6M15-aG-=o_J2uVRAmSjLbO0NQ4sEGJYDMegcX7CjWMZpZw@mail.gmail.com>
Date: Fri, 11 Sep 2020 12:10:33 +1000
From: Martin Thomson <mt@lowentropy.net>
To: "Chris Box (BT)" <chris.box.ietf@gmail.com>
Cc: ADD Mailing list <add@ietf.org>
Content-Type: text/plain
Archived-At: <https://mailarchive.ietf.org/arch/msg/add/3j2xBKSMMUWAoGvT4EDGol1NdXo>
Subject: Re: [Add] My single use case
X-BeenThere: add@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Applications Doing DNS <add.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/add>, <mailto:add-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/add/>
List-Post: <mailto:add@ietf.org>
List-Help: <mailto:add-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/add>, <mailto:add-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 11 Sep 2020 02:10:55 -0000

On Fri, Sep 11, 2020, at 01:31, Chris Box (BT) wrote:
> Hi Martin,
> 
> Appreciate you may not be able to answer this until tomorrow but I'd 
> like to map your statement to sections of the draft.
> 
> I think this case is a simpler version of section 3.1 (both 3.1.1 and 
> 3.1.2). I presume you are excluding VPNs (3.3) here, since they are 
> networks in which you have a prior relationship.

Yes, that excludes VPNs and authenticated configuration channels.  It also excludes the "alternatives" thing the draft currently describes in Section 3.

I should have said that this was the thing I want to do *first*.  I think that we'll learn a few things from doing this that will help with those other cases.  I also don't expect people to forget the secondary use cases that they care about and to use those to exert pressure on the design where we are not already fully constrained (that is, if we have to choose between two options where one might be advantageous to a different use case, that is a good way to break a tie).
 
> Personally I would say part of "the matrix" of this use case should 
> involve section 4.1's learning about the scope of names that are 
> relevant.

I don't want to include that in the first version.  My thinking is that this sort of "scoping" is something that can be layered on.

When you join a network, you need a DNS server.  That's fairly simple.  The scoping you talk about is really only necessary if you are really joining two or more networks.  So this reduces to a problem that the provisioning domains and multiple interfaces work already deals with to some extent.  

Dealing with the idea of scoping at that conceptual level is probably more fruitful as it allows our solutions to be simpler (we don't have to muddy the process of choosing to use DoT/DoH with complex questions about whether a resolver is suitable based on what scopes it serves, etc..).  It also allows the overall system to be more robust because we can build fewer, more specific, and more principled scoping mechanisms, as I believe PvDs are intended to be.

I haven't had enough sleep, so that might not be coherent.

v2.23.0 | Report a Bug | By Email