Re: [DNSOP] [Doh] (dhc discovery) New I-D: draft-reid-doh-operator

"Normen B. Kowalewski" <nbkowalewski@gmx.net> Fri, 22 March 2019 15:37 UTC

Return-Path: <nbkowalewski@gmx.net>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 321A8131063 for <dnsop@ietfa.amsl.com>; Fri, 22 Mar 2019 08:37:34 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.699
X-Spam-Level:
X-Spam-Status: No, score=-2.699 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=gmx.net
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Pd6PV7_CJNWt for <dnsop@ietfa.amsl.com>; Fri, 22 Mar 2019 08:37:32 -0700 (PDT)
Received: from mout.gmx.net (mout.gmx.net [212.227.17.20]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 25A7B131055 for <dnsop@ietf.org>; Fri, 22 Mar 2019 08:37:31 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=gmx.net; s=badeba3b8450; t=1553269040; bh=5p0PQ3wOS1GTh5y5Wjp9CtPnqe0Rl+LUcWoRUDM4VJI=; h=X-UI-Sender-Class:From:To:Cc:References:In-Reply-To:Subject:Date; b=Tp9fdpT0zmY3hM5vEo94x4JAzb68fadcY51evb3gDboJZqJM4SceyJZR/yQswZDKn VKg0nncSWbXUcWajKDZ0S9HLGHMtNYD7SmHQVYHW8hdJ5ZvmU78jSCrjRwcc3+UKpv u4oQjvIhXz0SLsl2Xw425IOdd3g66tNquJIuFGrw=
X-UI-Sender-Class: 01bb95c1-4bf8-414a-932a-4f6e2808ef9c
Received: from T1650 ([79.249.159.89]) by mail.gmx.com (mrgmx103 [212.227.17.168]) with ESMTPSA (Nemesis) id 0MEo4s-1hEZMA0wDi-00G2up; Fri, 22 Mar 2019 16:37:20 +0100
From: "Normen B. Kowalewski" <nbkowalewski@gmx.net>
To: dnsop@ietf.org, Jacques.Latour@cira.ca
Cc: 'John Levine' <johnl@taugh.com>
References: <428d5ff2b5704cdf956a5919e330e4dc@cira.ca> <20190321225024.CC08320105BB28@ary.qy>
In-Reply-To: <20190321225024.CC08320105BB28@ary.qy>
Date: Fri, 22 Mar 2019 16:37:15 +0100
Message-ID: <B8B04E766EAE4A8EB5C8CE2E63C62295@T1650>
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
X-Mailer: Microsoft Office Outlook 11
Thread-Index: AdTgOH/yHVDittWXTYa7XQithFbO6wAhkx4g
X-MimeOLE: Produced By Microsoft MimeOLE V6.1.7601.24158
X-Provags-ID: V03:K1:bkxmVUTIsrH6feYoTb8qYkNMolvl+O5qYrGMFRqvXCYRKGPX+Wo YsKrDL/q5Z7NLt+nxMiNnLauxrNE1Ajijy4dVZ9i0htqukO236zXfzIn9elhW+s2nimXGNz Q099NHiAL7Ancxg1qlEjxjGZ6it22wziBMfJm1SopinlarUkAGU55SGpbKh/kPc3fJWkF65 KKvofi1O3+tA/sfOU3Q2Q==
X-UI-Out-Filterresults: notjunk:1;V03:K0:ciKmNOCx1xE=:FD/rkcRnrZdPZLAmFA/ib5 CUTE2O/ioQxl6q8U7m4h1H+abJgq3I3ZiwhqxVysXqi53xMWPEmYMVP3szDSoEbmpOv8EoH38 StcKW1gBceNWSUpnpR0uNTfO/kh1njTgtVmukHmuR2Mi9B4vmWJRey/4YTfoA8htrv8YU52p2 jGzjzZbgw63nhMydKuGTuJDgfM7bE34koaz7KQN08LGINVjKP9E14xyQSsBZlY/6imi4WQZ9q rn96wcQTAJA9Uu1a8t6tVaYZhZ8cWw8c7dpvr5owPY6NmjYeaVJasJ3MqyjlS5t14XIlBr31S XsO7CALa9XYt++X0r4DQvQXDhyJxdWpEsQjnkyQJsY2dMqhnUqnxx55tOxlNbXMQ30nL6z03a RkMIK5EECgmQkJRAgGtpVY3mys4DB3lo4GDyWP4Kg+rrEG9FmK1pxJvvhsHJUK7WUQpW2jR/G oKYxFZKJIS58Y/R+kjnXxWNMU2FGYtLG1TAkxJJxGJudDqtqOvhxfycfdmj5jhR1lEpBC9Jdu uoR5ASSGrp44poUkBAMKQUMjdiAgvFbm1Sh+CsRn01w6lFam2vxUQZk8cMgmX43H1agf9qxub M9Ru39gUWe2//KGEVUeBplVuECcPJLlT944faTRrIPt7cdkCYCR1BSsf87UFJPV49McVYExWs EEdEQq5+IgnxGQZl8oMDSXSA9esU2Z1EqAdbG0k4kMDDL9ytPEOP03p52mFEiUVOnJYoo0pIS LxX6mlQIRAwPHyowzDcv15+UevepWAnzMbFO1ZcnsbYY+9Qxh8BcK5Ef3SA6jPHtH8UiXnuuN ZE9iWt66X5/PNABau4eWM2DQpumhSvwvr7Z8AZXf4lUyaGq5SOSIWbKKwCdVbBF+dlET8sQpV zqW/P4dH4i6RBaYo1emJtwthqSHSd+cpBnYW30N8osEz0d67x1I17VTgv8o0YECFc1mldSQ1Y dOfapdWUHOg==
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/5cgxrnD2JVuM8jGPZnZv5XTZj8E>
Subject: Re: [DNSOP] [Doh] (dhc discovery) New I-D: draft-reid-doh-operator
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 22 Mar 2019 15:37:34 -0000

Hi Jaques, et al.

Tom Pusateri can probably say something on his now expired
https://www.ietf.org/archive/id/draft-pusateri-dhc-dns-driu-00.txt.  

The git commentary at
https://github.com/pusateri/draft-tpwt-dhc-dns-discovery says:
    Ted Lemon made a good argument that DHCP should only be used for
boostrapping initial network 
    parameters and not for full fledged configuration of all network
parameters.

    There was enough consensus that we feel that moving forward with this
work would go against the 
    wishes of the IETF community.

    There still is a need for configuring the ADN in a campus environment
where all of the servers are 
    controlled by the network administrator but a different proposal will
need to be invented. 

I wonder if ALL (including the original) DNS discovery options) fall into
that area or not, and if that 
possibly changed over time, but likely there was a debate that already
explored the topic in dhc

BR, 

Normen 

-----Ursprüngliche Nachricht-----
Von: DNSOP [mailto:dnsop-bounces@ietf.org] Im Auftrag von John Levine
Gesendet: Donnerstag, 21. März 2019 23:50
An: dnsop@ietf.org
Cc: Jacques.Latour@cira.ca
Betreff: Re: [DNSOP] [Doh] New I-D: draft-reid-doh-operator

In article <428d5ff2b5704cdf956a5919e330e4dc@cira.ca> you write:
>Plus! 
>Is anyone looking at adding DoH and DoT servers as part of DHCP/SLAAC?

I believe that for DoT, the idea is that the client just probes the DNS
server address on port 853 and uses it if it gets an answer.  I suppose you
could try the same thing on port 443 but that seems riskier.

R's,
John

_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop