IETF Logo Mail Archive

Re: [DNSOP] Minimum viable ANAME

Dan York <york@isoc.org> Fri, 21 September 2018 13:12 UTC

Return-Path: <york@isoc.org>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B6A38130E7B for <dnsop@ietfa.amsl.com>; Fri, 21 Sep 2018 06:12:20 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=isoc.org
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id p0_FvJ685EqO for <dnsop@ietfa.amsl.com>; Fri, 21 Sep 2018 06:12:18 -0700 (PDT)
Received: from NAM03-BY2-obe.outbound.protection.outlook.com (mail-by2nam03on0044.outbound.protection.outlook.com [104.47.42.44]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6CC45130E76 for <dnsop@ietf.org>; Fri, 21 Sep 2018 06:12:18 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=isoc.org; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=mwgBe8sBY/Ux2vFGGW72gPBcL1Mp54ec+QyAEXN6rIM=; b=JHGn3JeE6eAolJ7V5Pjpd4izlbd8153pejY9B+Bkx0400Atg+kL5swtny8c+f76oFcn+C32Hlu8izTGuX+TkjBVhCIjepq5HeolcBuGC7dKtOa1hY5FsQogvXC9AJipFwvkSIQGlzlVInz7BCLPh+8CcdS0GRy8w0jb9Kcu1ZK0=
Received: from BN3PR0601MB1314.namprd06.prod.outlook.com (10.161.210.139) by BN3PR0601MB1299.namprd06.prod.outlook.com (10.161.209.25) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1143.18; Fri, 21 Sep 2018 13:12:17 +0000
Received: from BN3PR0601MB1314.namprd06.prod.outlook.com ([fe80::48ef:b4c8:7b24:247a]) by BN3PR0601MB1314.namprd06.prod.outlook.com ([fe80::48ef:b4c8:7b24:247a%9]) with mapi id 15.20.1143.017; Fri, 21 Sep 2018 13:12:17 +0000
From: Dan York <york@isoc.org>
To: Mukund Sivaraman <muks@mukund.org>
CC: Tony Finch <dot@dotat.at>, "dnsop@ietf.org WG" <dnsop@ietf.org>, John R Levine <johnl@taugh.com>
Thread-Topic: [DNSOP] Minimum viable ANAME
Thread-Index: AQHUUCCNhr8K/vb1KUWcR5OtIkNAF6T4ClqAgAAPS4CAAJhDgIACB0WA
Date: Fri, 21 Sep 2018 13:12:16 +0000
Message-ID: <E944887D-51ED-41A0-AC5A-3076743620D8@isoc.org>
References: <20180919201401.8E0C220051382A@ary.qy> <08C8A740-D09B-4577-AF2A-79225EDB526B@dotat.at> <20180920061343.GA754@jurassic>
In-Reply-To: <20180920061343.GA754@jurassic>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=york@isoc.org;
x-originating-ip: [73.38.163.131]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; BN3PR0601MB1299; 6:HKoBbRE9c7EZRmbRQD3OjXGFN3dE5D02iaGZ69AFU2z1TPZRolT2YaLiEVhE5JfDzx0sMoPS2Ze9KRgiZTk8T/OfsNUIDKFDZKcGHh+dvInEDCl2Q8H3/TTHZ2g2IE0aJ328fLHJ4GVKJRJ1XOnJFsc2S9IsesRUuRJDJ9z41qmwAhGU0vV8lL/x4AL16clF/JOR++Lw8v0+QbeZxpdKZxPrWZhmIpKbrfH8TO2I7pAagk7PCNLZzGR9kXmxcLCzFANyBbyGDEh/uvZfkg11gZpx6A3OXm3NQObJfT0EDZigvD9yK6KypO08/GswmlkyT5XVJDsW9yLxYN/XJNjTJxAEnTRMFydXk4Ac0zJZJZ2mkGXRU/BOK0GqNc/vyDfkYQgr4VkNduMuZwxyoGpPFhzCHvtL9+mYVurhHeyo7K7xywSYDWYPdDnOSRblfPXT0bNek/3arfDJOMdNk3JVbA==; 5:cjnWz0w41h/JdVYCwbck9W82QMoarNHywqwXZn3QlN+E/kyb3xDMBuK/PltPucdMjWzSSdnuX6do8UmtLgwXj1TDKPYDdY0S3UndFQ+loQ+taFCPQzwtbWKWzkNky4VWPkKZfGHLMSjkXpxY2XljNL/XIXkF/68WVnRUoMfSzGI=; 7:jC//AhhpsWsVdeK1NauCankm9obFuywgq1qrxhhgySBWEeDwUgg92IX46K84Ccx+/AioA6VuDOy+rdrrl7CcXpZ8n5q0nUgFPz8eXIIQ5HxhnTz2TnOqO1fAxFRvgeK14V0YLWl/Hrxmij17PAOtNxEQY4aUGoyMgMiZPD8yUUhl0nakg/j/iwT8HY2cYWzlaMfy4k7Baz6e8jPai3jWo4dBeQHVDCSdXvSyRUSEAdCaYrdOSdch+R2dvnc9pcqE
x-ms-exchange-antispam-srfa-diagnostics: SOS;
x-ms-office365-filtering-correlation-id: 3bf33f9c-3bc8-4f3e-759b-08d61fc3dadb
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(7020095)(4652040)(8989299)(4534165)(4627221)(201703031133081)(201702281549075)(8990200)(5600074)(711020)(2017052603328)(7153060)(7193020); SRVR:BN3PR0601MB1299;
x-ms-traffictypediagnostic: BN3PR0601MB1299:
x-microsoft-antispam-prvs: <BN3PR0601MB129911305A8CD5A7E35A355FB7120@BN3PR0601MB1299.namprd06.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(269456686620040)(31418570063057);
x-ms-exchange-senderadcheck: 1
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(6040522)(2401047)(8121501046)(5005006)(3002001)(10201501046)(93006095)(93001095)(3231355)(944501410)(52105095)(149027)(150027)(6041310)(20161123558120)(20161123562045)(20161123564045)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(20161123560045)(201708071742011)(7699051); SRVR:BN3PR0601MB1299; BCL:0; PCL:0; RULEID:; SRVR:BN3PR0601MB1299;
x-forefront-prvs: 0802ADD973
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(366004)(346002)(136003)(376002)(39840400004)(396003)(199004)(189003)(2906002)(6916009)(966005)(6486002)(53546011)(2616005)(99286004)(53936002)(6506007)(11346002)(446003)(478600001)(83716003)(36756003)(2900100001)(186003)(26005)(54906003)(66066001)(76176011)(256004)(71200400001)(71190400001)(486006)(25786009)(5250100002)(476003)(86362001)(6116002)(236005)(3846002)(81166006)(81156014)(54896002)(6306002)(68736007)(8936002)(4326008)(606006)(229853002)(316002)(33656002)(7736002)(97736004)(102836004)(14454004)(82746002)(6512007)(105586002)(106356001)(8676002)(6246003)(6436002)(5660300001)(53376002); DIR:OUT; SFP:1101; SCL:1; SRVR:BN3PR0601MB1299; H:BN3PR0601MB1314.namprd06.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: isoc.org does not designate permitted sender hosts)
x-microsoft-antispam-message-info: lX8E0ZALM1EuZofWd5a3Nq1ivQXs8H2OrDxLfZwG49PiLjF2rPO6h1L8nia/vSQaTWirSmNPIW38F6xOjpFrYPdZON/bEzGugzG0sRxEyj19s8gZ654DMG58yelbhqY4cvVsuJsJp6/wTD4A/ys8DV0QlumQBfJre4rwgZF7VndftAenED5dnEa+6zfg7bRcF3vlIZYnO4MHYvy68AWjBy6KJyvczek6owYUmSMOcgqolww/xLkAEsRxqzk+I+kK9MzsH+zR7oZs3hHuseXkQ+YKXzZjJsv68uUZj1pf3748hrazXNNs9Ohc2AsnnSirnbg4ZrEgmF4Riv6YZvbVfUzVvRZtjgIp0ancW3LgF3E=
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: multipart/alternative; boundary="_000_E944887D51ED41A0AC5A3076743620D8isocorg_"
MIME-Version: 1.0
X-OriginatorOrg: isoc.org
X-MS-Exchange-CrossTenant-Network-Message-Id: 3bf33f9c-3bc8-4f3e-759b-08d61fc3dadb
X-MS-Exchange-CrossTenant-originalarrivaltime: 21 Sep 2018 13:12:16.9452 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 89f84dfb-7285-4810-bc4d-8b9b5794554f
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN3PR0601MB1299
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/1RA56Ty2STuzlRbNqc8GSdmCYAQ>
Subject: Re: [DNSOP] Minimum viable ANAME
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 21 Sep 2018 13:12:21 -0000


On Sep 20, 2018, at 2:13 AM, Mukund Sivaraman <muks@mukund.org<mailto:muks@mukund.org>> wrote:

SRV is most elegant. IMO we should push the resolver-side CNAME handling
change through so one day in the future it is available widely.

+1

I do think this is a path we need to go.  We need *something* like CNAME at the apex.  Either CNAME itself or something that works in the same way but might have a different name.

Otherwise, those of us out there publishing sites using CDNs but wanting to use an apex domain name are stuck using whatever proprietary options DNS operator X is offering us… which will be different from DNS operators Y and Z.  This locks us in to a specific DNS operator.  (Who may or may not also be the CDN operator.)

Given the long deployment timeline, I do think we need to start on this sooner.  I’m glad to help.

My 2 cents,
Dan


--
Dan York
Director, Content & Web Strategy, Internet Society
york@isoc.org<mailto:york@isoc.org>   +1-802-735-1624
Jabber: york@jabber.isoc.org<mailto:york@jabber.isoc.org>  Skype: danyork   http://twitter.com/danyork

http://www.internetsociety.org/

v2.23.0 | Report a Bug | By Email