Re: [Add] My principles for discovery
Michael Richardson <mcr+ietf@sandelman.ca> Thu, 26 March 2020 20:45 UTC
Return-Path: <mcr+ietf@sandelman.ca>
X-Original-To: add@ietfa.amsl.com
Delivered-To: add@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 912DD3A0DED for <add@ietfa.amsl.com>; Thu, 26 Mar 2020 13:45:34 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id XvHN5_u73Gro for <add@ietfa.amsl.com>; Thu, 26 Mar 2020 13:45:31 -0700 (PDT)
Received: from tuna.sandelman.ca (tuna.sandelman.ca [209.87.249.19]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 53CFB3A0E7C for <add@ietf.org>; Thu, 26 Mar 2020 13:45:31 -0700 (PDT)
Received: from sandelman.ca (obiwan.sandelman.ca [IPv6:2607:f0b0:f:2::247]) by tuna.sandelman.ca (Postfix) with ESMTP id F112438981; Thu, 26 Mar 2020 16:44:04 -0400 (EDT)
Received: from localhost (localhost [IPv6:::1]) by sandelman.ca (Postfix) with ESMTP id 3C118D03; Thu, 26 Mar 2020 16:45:30 -0400 (EDT)
From: Michael Richardson <mcr+ietf@sandelman.ca>
To: Martin Thomson <mt@lowentropy.net>, add@ietf.org
In-Reply-To: <aec5404a-99eb-4aa7-9020-1e7b4f51b5ca@www.fastmail.com>
References: <aec5404a-99eb-4aa7-9020-1e7b4f51b5ca@www.fastmail.com>
X-Mailer: MH-E 8.6; nmh 1.7+dev; GNU Emacs 25.1.1
X-Face: $\n1pF)h^`}$H>Hk{L"x@)JS7<%Az}5RyS@k9X%29-lHB$Ti.V>2bi.~ehC0; <'$9xN5Ub# z!G,p`nR&p7Fz@^UXIn156S8.~^@MJ*mMsD7=QFeq%AL4m<nPbLgmtKK-5dC@#:k
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-="; micalg="pgp-sha256"; protocol="application/pgp-signature"
Date: Thu, 26 Mar 2020 16:45:30 -0400
Message-ID: <13333.1585255530@localhost>
Archived-At: <https://mailarchive.ietf.org/arch/msg/add/p28S-z_1Oz022YBkNhLbhNcop6I>
Subject: Re: [Add] My principles for discovery
X-BeenThere: add@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Applications Doing DNS <add.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/add>, <mailto:add-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/add/>
List-Post: <mailto:add@ietf.org>
List-Help: <mailto:add-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/add>, <mailto:add-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 26 Mar 2020 20:45:40 -0000
Martin Thomson <mt@lowentropy.net> wrote: > As I raised this in the meeting, I think that it's only fair that I > include what I think the principles should be. Thank you. > In short, I believe that any entity that you interact with should be > able to present their views on what resolver you should use. Client > policy will then dictate which - if any - of those is used. > Authentication of the source of these opinions is likely a necessary > input for the client policy decision. I find this a surprising suggestion. Will I get different answers if I ask different entities the same question? This seems to fall into MIF space, and I don't think that you mean to go there. > It is discussing client policy that has caused us to get into > unproductive discussions. To be clear, I regard the question of > whether it is users or the software they choose to run that make policy > decisions to be firmly part of this discussion. We might variously > lament the ability of software to properly reflect the wishes of users, > but this is not the place to debate that. Agreed. > That doesn't mean that you should expect the person serving you > sausages at a local deli to offer an opinion on what resolver you > should use. But we should look to provide ways in which entities that Let me expand upon your scenario. is it: "if you want mustard, you must ask at the counter" or: "if you ask at the counter, I'll give you (free) internet" > * The operating system configuration. > * Various "owners" or stakeholders for the endpoint, such as an employer or a government (this might not extend all the way to full control of the device MDM-style, but it might still be relevant to the client policy). > * Application configuration. > I don't personally see a lot of value in having entities other than > those from the first set of three stand on soapboxes to broadcast their > opinions about resolver choice, but there is nothing fundamentally > wrong with having other sources of opinions. So while the IETF could > provide more protocols, it's not a good use of our time and resources > unless we expect that the information would be acceptable to genuine > client policies. Agreed. > When it comes to setting policy, authentication is important. When > making a decision about whether to use a particular resolver, depending > on the policy you have, it might be important that you know whose > opinion is guiding the decision. If you want a server that doesn't > store logs of queries for longer than a certain time, then I'm not > aware of a technical mechanism for verifying that claim. So, to be clear, there is running code for verifying the claim, and a successful business transaction to do this. RATS will give us open-standard was to execute the entire stack, but it can be done in proprietary verticals today with third party auditors. -- ] Never tell me the odds! | ipv6 mesh networks [ ] Michael Richardson, Sandelman Software Works | IoT architect [ ] mcr@sandelman.ca http://www.sandelman.ca/ | ruby on rails [ -- Michael Richardson <mcr+IETF@sandelman.ca>, Sandelman Software Works -= IPv6 IoT consulting =-
- [Add] My principles for discovery Martin Thomson
- Re: [Add] My principles for discovery Vittorio Bertola
- Re: [Add] My principles for discovery Ben Schwartz
- Re: [Add] My principles for discovery Patrick McManus
- Re: [Add] My principles for discovery Tommy Pauly
- Re: [Add] My principles for discovery John Levine
- Re: [Add] My principles for discovery Michael Richardson
- Re: [Add] My principles for discovery Michael Richardson
- Re: [Add] My principles for discovery Daniel Migault
- Re: [Add] My principles for discovery Martin Thomson
- Re: [Add] My principles for discovery Martin Thomson
- Re: [Add] My principles for discovery Ralf Weber
- Re: [Add] My principles for discovery Vittorio Bertola