[Add] Draft Posting: CNAME Discovery of Local DoH Resolvers
Eric Rescorla <ekr@rtfm.com> Thu, 25 June 2020 14:06 UTC
Return-Path: <ekr@rtfm.com>
X-Original-To: add@ietfa.amsl.com
Delivered-To: add@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3ADF53A0B81 for <add@ietfa.amsl.com>; Thu, 25 Jun 2020 07:06:02 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.896
X-Spam-Level:
X-Spam-Status: No, score=-1.896 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=rtfm-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 445tfmZztvG9 for <add@ietfa.amsl.com>; Thu, 25 Jun 2020 07:06:00 -0700 (PDT)
Received: from mail-lf1-x131.google.com (mail-lf1-x131.google.com [IPv6:2a00:1450:4864:20::131]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C8A4E3A0B83 for <add@ietf.org>; Thu, 25 Jun 2020 07:05:59 -0700 (PDT)
Received: by mail-lf1-x131.google.com with SMTP id o4so3288100lfi.7 for <add@ietf.org>; Thu, 25 Jun 2020 07:05:59 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rtfm-com.20150623.gappssmtp.com; s=20150623; h=mime-version:from:date:message-id:subject:to; bh=+1TIk6kB8TKW8zwdGBdSLPtzl4Oy8XQjFPPr2WvrJZw=; b=ujgB2QkcGHr9ayQD3l61Yf0nzu3fZ+r9Knqkqi79SFPl+sxVaCTOEjkZuVmU3qE+Gl vhZPkMOeqjlwiaDDHVWYLYjC4etK6Ilwrfn1N9J1kTTol409Gr6yXu9lYB12bihSsCZf FR/uQy2P/Ciu0Q1lKwD0B9lO1BehXKtV+gJZUoqd+QOGhd/F+Zsr7Llt8P2srBkChyZA gsQ8fttWzpaNjYa79UwrydyDVkKH54fVwy4wkoVtvv5KvEp6KGnt0Nwc8e3t+6JKq9EX FU/RKkfBl5LX0Jxvh00F7milgIOw0JgEXt1/zzhvSiCujEFaW1awRR4WL8MNnC0/3U+i inrA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=+1TIk6kB8TKW8zwdGBdSLPtzl4Oy8XQjFPPr2WvrJZw=; b=UdP81DyuYalSEjR4J9ajh1UUyNq0sSjBjIB9hxy9Kmdy6534aOBcu92TWyYgpkTdmA cajLSRZyLdxMtm9awLhsR86wq8dxDlVb9TawyFNgbKgHGh5Z2JxFB5/n6Uv6UGiQLxLH +jbBP2m/mjs3Um65cIQlqwijSUmOOoEcLKxLoYO0MezVxOegHxzjap/hS4SYSteT20bn 5yh08/K8S7dOb/r0n6RAAxI3aHaULXYmOjJ5+bG9sovRzr5uYuGDETPuEbjAu0EZ1a7C QI3XBK4+uctrtI3LlsqNyrveg7qLF/TWo3U5REuPAJPPsinyE1BczTvj3iBCCqxt+qVa h/TQ==
X-Gm-Message-State: AOAM5330H0OVs++sOjRKmnkd28zHKVYubEEIwelhJIfCasBkn2UhQEH6 FxHAce/DlFyzr/DZ8MuIkrgPvgMtq+SiZXm7oM6L2rQvq90yiw==
X-Google-Smtp-Source: ABdhPJwSUlSvoItbqW4gTYboF5mEYYNzuzo5nznhlvPKL4+V8itN0UCClnEJ+lxgfOP0poID2pK1+tbecXG6EtIT2Bk=
X-Received: by 2002:ac2:4c2a:: with SMTP id u10mr18228970lfq.168.1593093957479; Thu, 25 Jun 2020 07:05:57 -0700 (PDT)
MIME-Version: 1.0
From: Eric Rescorla <ekr@rtfm.com>
Date: Thu, 25 Jun 2020 07:05:21 -0700
Message-ID: <CABcZeBPTkWeB40wpTowKvEJ-gXA3AL2e-BE+C_FC7Js7-D0DZQ@mail.gmail.com>
To: ADD Mailing list <add@ietf.org>
Content-Type: multipart/alternative; boundary="0000000000006e0b9605a8e91759"
Archived-At: <https://mailarchive.ietf.org/arch/msg/add/Oe_ilCHMJyIpGjyA-UqZaIqm2AA>
Subject: [Add] Draft Posting: CNAME Discovery of Local DoH Resolvers
X-BeenThere: add@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Applications Doing DNS <add.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/add>, <mailto:add-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/add/>
List-Post: <mailto:add@ietf.org>
List-Help: <mailto:add-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/add>, <mailto:add-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 25 Jun 2020 14:06:02 -0000
Hi folks, As has been noted previously, the current Firefox DoH/TRR design bypasses the ISP resolver even if the ISP resolver supports DoH. I have just posted draft-rescorla-doh-cdisco-00, which describes a CNAME-based mechanism for discovering when a local resolver supports DoH/TRR. Firefox can then determine whether that resolver is on the TRR list and if so can use it in preference to generic resolver. The use of CNAME was chosen for pragmatic reasons (laid out in the draft). We're studying other designs but thought it would be a good idea to document this one. See: https://www.ietf.org/internet-drafts/draft-rescorla-doh-cdisco-00.txt -Ekr
- [Add] Draft Posting: CNAME Discovery of Local DoH… Eric Rescorla
- Re: [Add] Draft Posting: CNAME Discovery of Local… John Levine
- Re: [Add] Draft Posting: CNAME Discovery of Local… tirumal reddy
- Re: [Add] Draft Posting: CNAME Discovery of Local… Tommy Pauly
- Re: [Add] Draft Posting: CNAME Discovery of Local… Eric Rescorla
- Re: [Add] [Ext] Draft Posting: CNAME Discovery of… Paul Hoffman
- Re: [Add] Draft Posting: CNAME Discovery of Local… Paul Vixie
- Re: [Add] [Ext] Draft Posting: CNAME Discovery of… Eric Rescorla
- Re: [Add] Draft Posting: CNAME Discovery of Local… Eric Rescorla
- Re: [Add] Draft Posting: CNAME Discovery of Local… Patrik Fältström
- Re: [Add] [Ext] Draft Posting: CNAME Discovery of… Paul Hoffman
- Re: [Add] [Ext] Draft Posting: CNAME Discovery of… Eric Rescorla
- Re: [Add] [Ext] Draft Posting: CNAME Discovery of… John Levine
- Re: [Add] [Ext] Draft Posting: CNAME Discovery of… Eric Rescorla
- Re: [Add] [Ext] Draft Posting: CNAME Discovery of… Michael Richardson
- Re: [Add] [Ext] Draft Posting: CNAME Discovery of… John R Levine
- Re: [Add] [Ext] Draft Posting: CNAME Discovery of… Paul Vixie
- Re: [Add] [Ext] Draft Posting: CNAME Discovery of… Daniel Migault
- Re: [Add] [Ext] Draft Posting: CNAME Discovery of… Eric Rescorla
- Re: [Add] [Ext] Draft Posting: CNAME Discovery of… Daniel Migault
- Re: [Add] [Ext] Draft Posting: CNAME Discovery of… Eric Rescorla
- Re: [Add] [Ext] Draft Posting: CNAME Discovery of… Daniel Migault
- Re: [Add] [Ext] Draft Posting: CNAME Discovery of… Eric Rescorla
- Re: [Add] [Ext] Draft Posting: CNAME Discovery of… Paul Vixie
- Re: [Add] [Ext] Draft Posting: CNAME Discovery of… Martin Thomson
- Re: [Add] [Ext] Draft Posting: CNAME Discovery of… Paul Vixie
- Re: [Add] [Ext] Draft Posting: CNAME Discovery of… Daniel Migault
- Re: [Add] [Ext] Draft Posting: CNAME Discovery of… Eric Rescorla
- Re: [Add] [Ext] Draft Posting: CNAME Discovery of… Ted Lemon
- Re: [Add] [Ext] Draft Posting: CNAME Discovery of… tirumal reddy
- Re: [Add] [Ext] Draft Posting: CNAME Discovery of… Eric Rescorla
- Re: [Add] [Ext] Draft Posting: CNAME Discovery of… Paul Hoffman
- Re: [Add] [Ext] Draft Posting: CNAME Discovery of… Eric Rescorla
- [Add] Threat models Paul Hoffman
- Re: [Add] [Ext] Draft Posting: CNAME Discovery of… Vittorio Bertola
- Re: [Add] [Ext] Draft Posting: CNAME Discovery of… Rob Sayre
- Re: [Add] [Ext] Draft Posting: CNAME Discovery of… Eric Rescorla
- Re: [Add] [Ext] Draft Posting: CNAME Discovery of… Deen, Glenn (NBCUniversal)
- Re: [Add] [Ext] Draft Posting: CNAME Discovery of… Eric Rescorla
- Re: [Add] [Ext] Draft Posting: CNAME Discovery of… Rob Sayre
- Re: [Add] [Ext] Draft Posting: CNAME Discovery of… Deen, Glenn (NBCUniversal)
- Re: [Add] [Ext] Draft Posting: CNAME Discovery of… Rob Sayre
- Re: [Add] [Ext] Draft Posting: CNAME Discovery of… Paul Vixie
- Re: [Add] [Ext] Draft Posting: CNAME Discovery of… Ted Lemon
- Re: [Add] [Ext] Draft Posting: CNAME Discovery of… tirumal reddy
- Re: [Add] [Ext] Draft Posting: CNAME Discovery of… tirumal reddy
- Re: [Add] [Ext] Draft Posting: CNAME Discovery of… Paul Vixie
- Re: [Add] [Ext] Draft Posting: CNAME Discovery of… tirumal reddy
- Re: [Add] [Ext] Draft Posting: CNAME Discovery of… Ted Lemon
- Re: [Add] [Ext] Draft Posting: CNAME Discovery of… Michael Richardson
- Re: [Add] [Ext] Draft Posting: CNAME Discovery of… Ted Lemon
- Re: [Add] [Ext] Draft Posting: CNAME Discovery of… Eric Rescorla
- Re: [Add] [Ext] Draft Posting: CNAME Discovery of… Ted Lemon
- Re: [Add] [Ext] Draft Posting: CNAME Discovery of… Paul Vixie
- Re: [Add] [Ext] Draft Posting: CNAME Discovery of… Michael Richardson
- Re: [Add] [Ext] Draft Posting: CNAME Discovery of… Michael Richardson
- Re: [Add] [Ext] Draft Posting: CNAME Discovery of… Paul Vixie
- Re: [Add] [Ext] Draft Posting: CNAME Discovery of… Ted Lemon
- Re: [Add] [Ext] Draft Posting: CNAME Discovery of… Tony Rutkowski
- Re: [Add] [Ext] Draft Posting: CNAME Discovery of… Paul Vixie
- Re: [Add] [Ext] Draft Posting: CNAME Discovery of… Paul Vixie
- Re: [Add] [Ext] Draft Posting: CNAME Discovery of… Ted Lemon
- Re: [Add] [Ext] Draft Posting: CNAME Discovery of… Rob Sayre
- Re: [Add] [Ext] Draft Posting: CNAME Discovery of… Tony Rutkowski
- Re: [Add] [Ext] Draft Posting: CNAME Discovery of… Rob Sayre
- Re: [Add] Draft Posting: CNAME Discovery of Local… Puneet Sood
- Re: [Add] Draft Posting: CNAME Discovery of Local… Eric Rescorla
- Re: [Add] Draft Posting: CNAME Discovery of Local… tirumal reddy