[DNSOP] Re: [EXTERNAL] Re: Advice sought: DNS record type for FedCM well-known file delegation
Matthew Pounsett <matt@conundrum.com> Wed, 08 April 2026 18:37 UTC
Return-Path: <matt@conundrum.com>
X-Original-To: dnsop@mail2.ietf.org
Delivered-To: dnsop@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1]) by mail2.ietf.org (Postfix) with ESMTP id 96FDAD83FC6B for <dnsop@mail2.ietf.org>; Wed, 8 Apr 2026 11:37:33 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=ietf.org; s=ietf1; t=1775673453; bh=abD3chkLeawedK0Tl7/lXA3bstdchBHTombCGMCtBiw=; h=References:In-Reply-To:From:Date:Subject:To:Cc; b=ph9exYi4mUO1xl6K4qeY5uekkmdelW+SJbJypY2xv5O5hSF+2quTAQ6bYRo6/WJxQ IJ+yw3k1urB+3m0DjMOrC/48DVTmWujBzNP4HNHxO9MQE79wJEyHz9N2NM97irrgHS nMS10Hp2KVGaNLnfaBYro2isT2dx+FoR10+9UjIw=
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: -1.898
X-Spam-Level:
X-Spam-Status: No, score=-1.898 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_NONE=0.001] autolearn=ham autolearn_force=no
Authentication-Results: mail2.ietf.org (amavisd-new); dkim=pass (2048-bit key) header.d=conundrum-com.20251104.gappssmtp.com
Received: from mail2.ietf.org ([166.84.6.31]) by localhost (mail2.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id eimOT9jSlZwp for <dnsop@mail2.ietf.org>; Wed, 8 Apr 2026 11:37:33 -0700 (PDT)
Received: from mail-qv1-xf2b.google.com (mail-qv1-xf2b.google.com [IPv6:2607:f8b0:4864:20::f2b]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by mail2.ietf.org (Postfix) with ESMTPS id 040DDD83FC63 for <dnsop@ietf.org>; Wed, 8 Apr 2026 11:37:32 -0700 (PDT)
Received: by mail-qv1-xf2b.google.com with SMTP id 6a1803df08f44-8a210c813f8so595226d6.0 for <dnsop@ietf.org>; Wed, 08 Apr 2026 11:37:32 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1775673452; cv=none; d=google.com; s=arc-20240605; b=hIVuMi9VnTfEyU0ubxSDXolmsH/YhqZ+Cgj2Y3L87Nx1JrmJv2Int9e/L3shzLCpUr aOa+VdHc9xFIdwScaAzOLOaD1ieChVRyP4YNp+kDsnCa4A5cffG5ZOXs2+fPXFxwHttF kVA2VgqQ9mH8z6xVUdCbjc3vD6MbgOxHh6BQ+VZ2Oe2zMhp173jwttJBJaXI/DetqVBi XOqOH/gn0sozPryAGb2teIjk4MMahZUmmFmix1IrxtCE9rqC1Uh8D7FeBIB/7oAE+IW0 bsg7jwGuUHkaNiru+yqbA1z1x2AgrtZuNYUJ0t26gETjqtJCDBnRyndl1qScqOpk4VMU iyTw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:dkim-signature; bh=giMHdtUm3jrgjiAWJkr6/bTCENzNy8R3hYqiXD3Es4s=; fh=oOztB1fjfRRt0sCG1fuoZQyclL9UfN4U109VG2/6Za4=; b=K4JGCI9HgRygs38K6Ni3dyAhVdND2tlv9TVOWhCOwWYlXkZSVGuawaZlMLeGpX/m8N OYGZvi3fKilwlaLVZgRWzYA6bWluD4r0h/agFZX78m2Aiw9I4yNCh/VeNLizTbaCOnWm kCYm6zS6+nMqFcgtk2gDZKvtAQqwof1mp3GIVCJTAKL3wi0f6BY7JhJseAeXyUD5LkOf wlm3eRDzK/ci7RhmdbEM7dDnDySFDRMfZ1e7BQHBCkbTazwG0xPqU03t4pEKrFePfsJ0 KSt61DAUkdDC/7CCzBOC9fUc/Y7QzB45O3y+Xf9KpvWRG1CZvINxrgJ8onSb8q3AT4s1 eFGg==; darn=ietf.org
ARC-Authentication-Results: i=1; mx.google.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=conundrum-com.20251104.gappssmtp.com; s=20251104; t=1775673452; x=1776278252; darn=ietf.org; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=giMHdtUm3jrgjiAWJkr6/bTCENzNy8R3hYqiXD3Es4s=; b=Ht/KgJVsSRMPxpLMeGXzObleHUqYSfSGU+2TrACPmO+gBV9W+rqe8kZUs9Bc9cWjjC 4FZX11FqXvAn3o1hmjBXhNCpFYxSO73zc03KRAkTPxeVVH8kFNJAGebPhpDB4ijojVKf 4nmDiHeEuZAYi0KG9dZbAlnAj5s7VRq9xvF7FTa8e0ss9mGh0C6U8XeXdrkjpDZLwM/t 5g9wBaar39KqWM7w84M+FRk78A3VeWnVIquObgwTSIcMKI819adjTNb7ohE/lwN2u315 SIzt631kQhIafJ0bBC52GnD+VYyOj+2pUhM3N+wQc0iH9W0zn/eNwzOqT8xVd8U4q/9y heFA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1775673452; x=1776278252; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=giMHdtUm3jrgjiAWJkr6/bTCENzNy8R3hYqiXD3Es4s=; b=RJxC6O3XK4DjzUtC5tqsU536QgBMTCmlztWswQM60KRCFumVschletW6jl+BP6m4NA JJbiJ9BRVYa2U+1b9CWOQ4mOy5SP4BEh/RhX35ST/nbFuH3jYoXgh3zDOGMubuOmubXr h+hpKa8428Kv/9eka42IxuEneSTi6IJ/kCcausEGdXEG0+scd389Qc0w7UB2mqTo026v vc7cE/qE3Whik0hpsGkvU4sghxLwZRG6K3W83wgZAW3n3cWJGpIQA6tjHe5e2AYyJ1Zy 7aiflMnP+SQ9Yu5PnUnft3SPk0zrY5zq5TCHTTUmAJhDBizPwV2VDvpHQ5Ma+oF9YIKW v1Lw==
X-Forwarded-Encrypted: i=1; AJvYcCWnk6DWordQRfLLv6jYcCJBOERSb7F7DK1Qw5/R2MsWQq4P6emy1hKZrCsX7p92/k3GIA1YMg==@ietf.org
X-Gm-Message-State: AOJu0YyCxTeJZkDk58an6So9DhdXR0TQ/tx45ydBAhsWsQVUt/gKh6of 0WoI33PXHKH1ISvgixb2u4QYrQIP2V3F7Thv+lAZr4M7xJlY2paHqOiy412ebU/3QJGS6rw5V+i SxeVsPTdZU65JysLjbdOvYdv1uK41bCELvEusaw6DKUoeGekRU6EXY/o=
X-Gm-Gg: AeBDies5IUfrPKlgl+5nDb7Sfcxx7M4r1k2rIdDJ+yabx6SvTs4BelJgROMfTjUwvha XlOzjz7WAESuTLHyUCY++0VUx9ib3sr4+Vc+6wTsipQzY6CRPdYTWC7zN+Yg9wMbipIIiQcAruN XD1GKTNikBnoTxMttohQdk9Y3HRV7HND5/nl0wm1DmwR8CjqgDdWoIw3LRlwDnLDyKz5D3VmTAX ROLyUnzHjHMpMVxu9yQdjOnFR74a9iRmxzYii2zgCQzVIPC/XUe/8FbnCD2+fmHZBEuJMfzR2eV SqUsI+kuG1vqarMXf8x7dJL8gzsJs7EMW2V2gNhLmTCAyXBubIpQzSLQtB7dS26w6t/Y
X-Received: by 2002:a05:6214:448b:b0:89f:2fa:a9b6 with SMTP id 6a1803df08f44-8a704abb902mr375823386d6.37.1775673452351; Wed, 08 Apr 2026 11:37:32 -0700 (PDT)
MIME-Version: 1.0
References: <PH0PR00MB287470B5624C4161156CB2E6D35DA@PH0PR00MB2874.namprd00.prod.outlook.com> <20260407190852.B3BF410117B21@ary.qy> <PH0PR00MB2874050956111CB163FC75A2D35B2@PH0PR00MB2874.namprd00.prod.outlook.com> <90a5e8c6-9013-683d-beca-0076a39a9715@ietf.email>
In-Reply-To: <90a5e8c6-9013-683d-beca-0076a39a9715@ietf.email>
From: Matthew Pounsett <matt@conundrum.com>
Date: Wed, 08 Apr 2026 14:37:20 -0400
X-Gm-Features: AQROBzBXrBq_Ag3qsvXQUTNqavCwoWhPbRbWpQY3t16Sgkick25AQRHhAR37Bug
Message-ID: <CAAiTEH8kmjk1Gd8j0XVnH0jFg3MrEyMpHd16RDhnJzKf_1AHdQ@mail.gmail.com>
To: John R Levine <johnl@ietf.email>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Message-ID-Hash: UETZOXZ5JEYJ6WSC46RJEIQPJH2ZIVVP
X-Message-ID-Hash: UETZOXZ5JEYJ6WSC46RJEIQPJH2ZIVVP
X-MailFrom: matt@conundrum.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-dnsop.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: Will Bartlett <wibartle@microsoft.com>, "dnsop@ietf.org" <dnsop@ietf.org>
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [DNSOP] Re: [EXTERNAL] Re: Advice sought: DNS record type for FedCM well-known file delegation
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/2t70n7jLOde0yL5ENqkjK351NZE>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Owner: <mailto:dnsop-owner@ietf.org>
List-Post: <mailto:dnsop@ietf.org>
List-Subscribe: <mailto:dnsop-join@ietf.org>
List-Unsubscribe: <mailto:dnsop-leave@ietf.org>
On Wed, Apr 8, 2026 at 2:18 PM John R Levine <johnl@ietf.email> wrote: > > Ah, OK. So your user goes to another department in the company and says > "we need the web server the company is paying you to run handle this URL > https://foo.example/.well-known/web-identity" and they say some > combination of "what?" and "no." To me it sounds more like: "We need you to get our Auth Provider's relying-party documentation, post it on our web site at this url, and keep it up to date." That could probably still be handled by an HTTP 307 response from <https://foo.example/.well-known/web-identity>, but I can see the interest in having the indirection happen elsewhere.
- [DNSOP] Advice sought: DNS record type for FedCM … Will Bartlett
- [DNSOP] Re: Advice sought: DNS record type for Fe… Jim Reid
- [DNSOP] Re: [EXTERNAL] Re: Advice sought: DNS rec… Will Bartlett
- [DNSOP] Re: Advice sought: DNS record type for Fe… John Levine
- [DNSOP] Re: [EXTERNAL] Re: Advice sought: DNS rec… Matthew Pounsett
- [DNSOP] Re: [EXTERNAL] Re: Advice sought: DNS rec… Will Bartlett
- [DNSOP] Re: [EXTERNAL] Re: Advice sought: DNS rec… John R Levine
- [DNSOP] Re: [EXTERNAL] Re: Advice sought: DNS rec… Will Bartlett
- [DNSOP] Re: Advice sought: DNS record type for Fe… S Moonesamy
- [DNSOP] Re: [EXTERNAL] Re: Advice sought: DNS rec… Will Bartlett
- [DNSOP] Re: [EXTERNAL] Re: Advice sought: DNS rec… S Moonesamy
- [DNSOP] Re: [EXTERNAL] Re: Advice sought: DNS rec… Will Bartlett
- [DNSOP] Re: [EXTERNAL] Re: Advice sought: DNS rec… S Moonesamy
- [DNSOP] Re: Advice sought: DNS record type for Fe… John Levine
- [DNSOP] Re: [EXTERNAL] Re: Advice sought: DNS rec… Will Bartlett
- [DNSOP] Re: Advice sought: DNS record type for Fe… Matthew Pounsett
- [DNSOP] Re: [EXTERNAL] Re: Advice sought: DNS rec… John R. Levine
- [DNSOP] Re: [EXTERNAL] Re: Advice sought: DNS rec… Will Bartlett
- [DNSOP] Re: [EXTERNAL] Re: Advice sought: DNS rec… Will Bartlett
- [DNSOP] Re: Advice sought: DNS record type for Fe… Matthew Pounsett
- [DNSOP] Re: [EXTERNAL] Re: Advice sought: DNS rec… Will Bartlett
- [DNSOP] Re: Advice sought: DNS record type for Fe… Ben Schwartz
- [DNSOP] Re: [EXTERNAL] Re: Advice sought: DNS rec… Will Bartlett
- [DNSOP] Re: [EXTERNAL] Re: Advice sought: DNS rec… Will Bartlett
- [DNSOP] Re: [EXTERNAL] Re: Advice sought: DNS rec… Ben Schwartz
- [DNSOP] Re: [EXTERNAL] Re: Advice sought: DNS rec… Will Bartlett