Re: [Add] My principles for discovery

Michael Richardson <mcr+ietf@sandelman.ca> Thu, 26 March 2020 20:45 UTC

Return-Path: <mcr+ietf@sandelman.ca>
X-Original-To: add@ietfa.amsl.com
Delivered-To: add@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 912DD3A0DED for <add@ietfa.amsl.com>; Thu, 26 Mar 2020 13:45:34 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id XvHN5_u73Gro for <add@ietfa.amsl.com>; Thu, 26 Mar 2020 13:45:31 -0700 (PDT)
Received: from tuna.sandelman.ca (tuna.sandelman.ca [209.87.249.19]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 53CFB3A0E7C for <add@ietf.org>; Thu, 26 Mar 2020 13:45:31 -0700 (PDT)
Received: from sandelman.ca (obiwan.sandelman.ca [IPv6:2607:f0b0:f:2::247]) by tuna.sandelman.ca (Postfix) with ESMTP id F112438981; Thu, 26 Mar 2020 16:44:04 -0400 (EDT)
Received: from localhost (localhost [IPv6:::1]) by sandelman.ca (Postfix) with ESMTP id 3C118D03; Thu, 26 Mar 2020 16:45:30 -0400 (EDT)
From: Michael Richardson <mcr+ietf@sandelman.ca>
To: "Martin Thomson" <mt@lowentropy.net>, add@ietf.org
In-Reply-To: <aec5404a-99eb-4aa7-9020-1e7b4f51b5ca@www.fastmail.com>
References: <aec5404a-99eb-4aa7-9020-1e7b4f51b5ca@www.fastmail.com>
X-Mailer: MH-E 8.6; nmh 1.7+dev; GNU Emacs 25.1.1
X-Face: $\n1pF)h^`}$H>Hk{L"x@)JS7<%Az}5RyS@k9X%29-lHB$Ti.V>2bi.~ehC0; <'$9xN5Ub# z!G,p`nR&p7Fz@^UXIn156S8.~^@MJ*mMsD7=QFeq%AL4m<nPbLgmtKK-5dC@#:k
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha256; protocol="application/pgp-signature"
Date: Thu, 26 Mar 2020 16:45:30 -0400
Message-ID: <13333.1585255530@localhost>
Archived-At: <https://mailarchive.ietf.org/arch/msg/add/p28S-z_1Oz022YBkNhLbhNcop6I>
Subject: Re: [Add] My principles for discovery
X-BeenThere: add@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Applications Doing DNS <add.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/add>, <mailto:add-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/add/>
List-Post: <mailto:add@ietf.org>
List-Help: <mailto:add-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/add>, <mailto:add-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 26 Mar 2020 20:45:40 -0000

Martin Thomson <mt@lowentropy.net> wrote:
    > As I raised this in the meeting, I think that it's only fair that I
    > include what I think the principles should be.

Thank you.

    > In short, I believe that any entity that you interact with should be
    > able to present their views on what resolver you should use.  Client
    > policy will then dictate which - if any - of those is used.
    > Authentication of the source of these opinions is likely a necessary
    > input for the client policy decision.

I find this a surprising suggestion.
Will I get different answers if I ask different entities the same question?
This seems to fall into MIF space, and I don't think that you mean to go there.

    > It is discussing client policy that has caused us to get into
    > unproductive discussions.  To be clear, I regard the question of
    > whether it is users or the software they choose to run that make policy
    > decisions to be firmly part of this discussion.  We might variously
    > lament the ability of software to properly reflect the wishes of users,
    > but this is not the place to debate that.

Agreed.

    > That doesn't mean that you should expect the person serving you
    > sausages at a local deli to offer an opinion on what resolver you
    > should use.  But we should look to provide ways in which entities that

Let me expand upon your scenario.

is it: "if you want mustard, you must ask at the counter"
or:    "if you ask at the counter, I'll give you (free) internet"

    > * The operating system configuration.
    > * Various "owners" or stakeholders for the endpoint, such as an employer or a government (this might not extend all the way to full control of the device MDM-style, but it might still be relevant to the client policy).
    > * Application configuration.

    > I don't personally see a lot of value in having entities other than
    > those from the first set of three stand on soapboxes to broadcast their
    > opinions about resolver choice, but there is nothing fundamentally
    > wrong with having other sources of opinions.  So while the IETF could
    > provide more protocols, it's not a good use of our time and resources
    > unless we expect that the information would be acceptable to genuine
    > client policies.

Agreed.

    > When it comes to setting policy, authentication is important.  When
    > making a decision about whether to use a particular resolver, depending
    > on the policy you have, it might be important that you know whose
    > opinion is guiding the decision.  If you want a server that doesn't
    > store logs of queries for longer than a certain time, then I'm not
    > aware of a technical mechanism for verifying that claim.

So, to be clear, there is running code for verifying the claim, and a
successful business transaction to do this.
RATS will give us open-standard was to execute the entire stack, but it can
be done in proprietary verticals today with third party auditors.

--
]               Never tell me the odds!                 | ipv6 mesh networks [
]   Michael Richardson, Sandelman Software Works        |    IoT architect   [
]     mcr@sandelman.ca  http://www.sandelman.ca/        |   ruby on rails    [


--
Michael Richardson <mcr+IETF@sandelman.ca>ca>, Sandelman Software Works
 -= IPv6 IoT consulting =-