Re: [Add] [Ext] new draft: draft-grover-add-policy-detection-00
Paul Hoffman <paul.hoffman@icann.org> Wed, 17 July 2019 23:44 UTC
Return-Path: <paul.hoffman@icann.org>
X-Original-To: add@ietfa.amsl.com
Delivered-To: add@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 72888120170 for <add@ietfa.amsl.com>; Wed, 17 Jul 2019 16:44:08 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.199
X-Spam-Level:
X-Spam-Status: No, score=-4.199 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZO9S4gDExqkV for <add@ietfa.amsl.com>; Wed, 17 Jul 2019 16:44:06 -0700 (PDT)
Received: from mail.icann.org (out.west.pexch112.icann.org [64.78.40.10]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id F1DEE120173 for <add@ietf.org>; Wed, 17 Jul 2019 16:44:05 -0700 (PDT)
Received: from PMBX112-W1-CA-1.pexch112.icann.org (64.78.40.21) by PMBX112-W1-CA-2.pexch112.icann.org (64.78.40.23) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Wed, 17 Jul 2019 16:44:03 -0700
Received: from PMBX112-W1-CA-1.pexch112.icann.org ([64.78.40.21]) by PMBX112-W1-CA-1.PEXCH112.ICANN.ORG ([64.78.40.21]) with mapi id 15.00.1473.005; Wed, 17 Jul 2019 16:44:03 -0700
From: Paul Hoffman <paul.hoffman@icann.org>
To: Tommy Jensen <Jensen.Thomas=40microsoft.com@dmarc.ietf.org>
CC: "add@ietf.org" <add@ietf.org>
Thread-Topic: [Ext] [Add] new draft: draft-grover-add-policy-detection-00
Thread-Index: AQHVPPgEi4IopOVQKUu24mlK3prgQ6bP7m+A
Date: Wed, 17 Jul 2019 23:44:03 +0000
Message-ID: <C772DFC6-0DED-44C6-862E-FC8591341AD6@icann.org>
References: <156260800560.777.13636536980052967232.idtracker@ietfa.amsl.com> <65f155e9-81c7-daac-8e77-e366d0f924fb@pmtu.dev> <D7C1C0E7-584D-45CC-8B40-FFA9A8AB810D@fl1ger.de> <MN2PR21MB1213C09DAD5D71E7B0722481FAC90@MN2PR21MB1213.namprd21.prod.outlook.com>
In-Reply-To: <MN2PR21MB1213C09DAD5D71E7B0722481FAC90@MN2PR21MB1213.namprd21.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-exchange-messagesentrepresentingtype: 1
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [192.0.32.234]
Content-Type: text/plain; charset="us-ascii"
Content-ID: <E869F840B4FD3A4DBD99D108E8B749F3@pexch112.icann.org>
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/add/PEllW_PNcWxlIrqcC-l0S3sV8p4>
Subject: Re: [Add] [Ext] new draft: draft-grover-add-policy-detection-00
X-BeenThere: add@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Applications Doing DNS <add.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/add>, <mailto:add-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/add/>
List-Post: <mailto:add@ietf.org>
List-Help: <mailto:add-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/add>, <mailto:add-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 17 Jul 2019 23:44:09 -0000
On Jul 17, 2019, at 4:33 PM, Tommy Jensen <Jensen.Thomas=40microsoft.com@dmarc.ietf.org> wrote: > > I appreciate the intent behind this draft to allow DNS-capable apps to detect if configured DNS resolvers need to be deferred to. However, I agree with Ralf that NXDOMAIN is the wrong way to signal that. > > What about defining a new TXT record format to signal the presence of policies? This has the benefits of 1) not overloading the interpretation of whether the domain exists or not as well as 2) giving room for future flexibility beyond the binary "resolver (does|does not) have DNS policies in place you shouldn't bypass" signal. Please see <https://datatracker.ietf.org/doc/draft-sah-resolver-information/> for a proposal that is being discussed in the DNSOP WG. It proposes a message format (JSON) and two transports (DNS and HTTPS) that can be used by a resolver for lots of things, including the policy ideas in the draft that this thread is about. Discussion of draft-sah-resolver-information should be on the DNSOP list. There will be a slot in the meeting next week to discuss it. --Paul Hoffman
- [Add] new draft: draft-grover-add-policy-detectio… Andy Grover
- Re: [Add] new draft: draft-grover-add-policy-dete… Peter Saint-Andre
- Re: [Add] new draft: draft-grover-add-policy-dete… Ralf Weber
- Re: [Add] new draft: draft-grover-add-policy-dete… Vittorio Bertola
- Re: [Add] new draft: draft-grover-add-policy-dete… Martin Thomson
- Re: [Add] new draft: draft-grover-add-policy-dete… andrew.fidler
- Re: [Add] new draft: draft-grover-add-policy-dete… Andy Grover
- Re: [Add] new draft: draft-grover-add-policy-dete… Tommy Jensen
- Re: [Add] [Ext] new draft: draft-grover-add-polic… Paul Hoffman
- Re: [Add] [Ext] new draft: draft-grover-add-polic… Rob Sayre
- Re: [Add] [DNSOP] [Ext] new draft: draft-grover-a… Paul Hoffman
- Re: [Add] [DNSOP] [Ext] new draft: draft-grover-a… Rob Sayre