IETF Logo Mail Archive

Re: [dns-privacy] Demultiplexing HTTP and DNS on the same listener [New Version Notification for draft-dkg-dprive-demux-dns-http-02]

Joe Touch <touch@isi.edu> Wed, 03 May 2017 18:36 UTC

Return-Path: <touch@isi.edu>
X-Original-To: dns-privacy@ietfa.amsl.com
Delivered-To: dns-privacy@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B0B7A129B65 for <dns-privacy@ietfa.amsl.com>; Wed, 3 May 2017 11:36:10 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.799
X-Spam-Level:
X-Spam-Status: No, score=0.799 tagged_above=-999 required=5 tests=[BAYES_50=0.8, RP_MATCHES_RCVD=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id nLKC8PdeDVW0 for <dns-privacy@ietfa.amsl.com>; Wed, 3 May 2017 11:36:09 -0700 (PDT)
Received: from nitro.isi.edu (nitro.isi.edu [128.9.208.207]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 28F7412948F for <dns-privacy@ietf.org>; Wed, 3 May 2017 11:33:55 -0700 (PDT)
Received: from [128.9.184.18] ([128.9.184.18]) (authenticated bits=0) by nitro.isi.edu (8.13.8/8.13.8) with ESMTP id v43IXcnr022588 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=NOT); Wed, 3 May 2017 11:33:39 -0700 (PDT)
To: Daniel Kahn Gillmor <dkg@fifthhorseman.net>, HTTP Working Group <ietf-http-wg@w3.org>
Cc: DNS Privacy Working Group <dns-privacy@ietf.org>
References: <87tw51remp.fsf@fifthhorseman.net>
From: Joe Touch <touch@isi.edu>
Message-ID: <0a2e075d-59fc-1e0d-d745-31f5608a525c@isi.edu>
Date: Wed, 03 May 2017 11:33:38 -0700
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101 Thunderbird/52.1.0
MIME-Version: 1.0
In-Reply-To: <87tw51remp.fsf@fifthhorseman.net>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
Content-Language: en-US
X-MailScanner-ID: v43IXcnr022588
X-ISI-4-69-MailScanner: Found to be clean
X-MailScanner-From: touch@isi.edu
Archived-At: <https://mailarchive.ietf.org/arch/msg/dns-privacy/O4SKeVwq_Z1KJzXpu9KSxG7GE8I>
Subject: Re: [dns-privacy] Demultiplexing HTTP and DNS on the same listener [New Version Notification for draft-dkg-dprive-demux-dns-http-02]
X-BeenThere: dns-privacy@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: <dns-privacy.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dns-privacy/>
List-Post: <mailto:dns-privacy@ietf.org>
List-Help: <mailto:dns-privacy-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dns-privacy>, <mailto:dns-privacy-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 03 May 2017 18:36:11 -0000

Hi, all,

FWIW...speaking from the experience I have leading the IANA ports expert
review team and developing BCP165 (RFCs 6335 and RFC7605):

On 5/3/2017 11:15 AM, Daniel Kahn Gillmor wrote:
> And Joe Touch pointed out that the draft should explicitly update the
> HTTP as well as DNS specifications, so i've marked the latest revision
> of the draft that way.  If you think that's OK (or if you think it's
> unnecessary), please let me know!
>
> Assumptions about HTTP
> ----------------------
I would characterize this as redefining ports 80 and 443 to include DNS
as part of the HTTP specification.

That has some very important ramifications, indicated here as
"assumptions", that limit the future development of HTTP (notably
reserving certain prefixes and patterns to differentiate DNS requests
from HTTP). That could constrain all current and future uses of ports 80
and 443, and could potentially affect any other service that uses HTTP
as a framing layer.

Joe

v2.23.0 | Report a Bug | By Email