IETF Logo Mail Archive

[Add] questions about the Examples section of svcb-dns-02

Peter van Dijk <peter.van.dijk@powerdns.com> Wed, 07 April 2021 20:32 UTC

Return-Path: <peter.van.dijk@powerdns.com>
X-Original-To: add@ietfa.amsl.com
Delivered-To: add@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1C3ED3A28A1 for <add@ietfa.amsl.com>; Wed, 7 Apr 2021 13:32:06 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.198
X-Spam-Level:
X-Spam-Status: No, score=-1.198 tagged_above=-999 required=5 tests=[AC_FROM_MANY_DOTS=2.999, BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id c3fOpbZmCOVr for <add@ietfa.amsl.com>; Wed, 7 Apr 2021 13:32:01 -0700 (PDT)
Received: from mx4.open-xchange.com (alcatraz.open-xchange.com [87.191.39.187]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 834853A289D for <add@ietf.org>; Wed, 7 Apr 2021 13:32:01 -0700 (PDT)
Received: from imap.open-xchange.com (imap.open-xchange.com [84.81.54.175]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx4.open-xchange.com (Postfix) with ESMTPSA id CA8EF6A285; Wed, 7 Apr 2021 22:31:57 +0200 (CEST)
Received: from plato ([84.81.54.175]) by imap.open-xchange.com with ESMTPSA id bBGQML0WbmAIUQAA3c6Kzw (envelope-from <peter.van.dijk@powerdns.com>); Wed, 07 Apr 2021 22:31:57 +0200
Message-ID: <4613b8d0773d1ae5f806347bbce909fa74439886.camel@powerdns.com>
From: Peter van Dijk <peter.van.dijk@powerdns.com>
To: add@ietf.org
Date: Wed, 07 Apr 2021 22:31:57 +0200
Organization: PowerDNS.COM B.V.
Content-Type: text/plain; charset="UTF-8"
User-Agent: Evolution 3.30.5-1.1
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/add/lkohz03rWbEDx36hDkaax5PKg34>
Subject: [Add] questions about the Examples section of svcb-dns-02
X-BeenThere: add@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Applications Doing DNS <add.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/add>, <mailto:add-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/add/>
List-Post: <mailto:add@ietf.org>
List-Help: <mailto:add-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/add>, <mailto:add-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 07 Apr 2021 20:32:06 -0000

Hello Ben, and rest of WG,

https://tools.ietf.org/html/draft-schwartz-svcb-dns-02#section-8 has an
example RRset for a resolver, containing 3 SVCB RRs. This example is
very useful!

However, I have a few questions/comments about it:

(1) Can you reorder the bullet list to match the order in the RRset?
(i.e. put the TLS one second)

(2) I see one SVCB record (with priority 2) advertising a DoT server
(by leaving out the ALPN). It has port=8530. Yet, the text above says
there's DoT on 853 and 8530. Where does 853 come into play, if the
prio=2 SVCB record says port=8530?

(3) All three example RRs have an echconfig parameter. While I
understand it makes sense for an operator to be consistent in doing ECH
over all their offerings, it somewhat looks like everybody is expected
to do echconfig - perhaps it would be clearer to not have echconfig on
all three? Then, maybe clarify that it would in fact be better to have
it always, but say that the svcb-dns protocol does not demand it.


For (2) it's entirely possible I'm missing something - please let me
know. Thanks!

Kind regards,
-- 
Peter van Dijk
PowerDNS.COM BV - https://www.powerdns.com/

v2.23.0 | Report a Bug | By Email