Re: [DNSOP] Minimum viable ANAME

Ray Bellis <ray@bellis.me.uk> Tue, 06 November 2018 11:39 UTC

Return-Path: <ray@bellis.me.uk>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 70BAC130DC6 for <dnsop@ietfa.amsl.com>; Tue, 6 Nov 2018 03:39:11 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7FE51e4OUW0o for <dnsop@ietfa.amsl.com>; Tue, 6 Nov 2018 03:39:10 -0800 (PST)
Received: from hydrogen.portfast.net (hydrogen.portfast.net [188.246.200.2]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DE7C7130DC3 for <dnsop@ietf.org>; Tue, 6 Nov 2018 03:39:09 -0800 (PST)
Received: from dhcp-9701.meeting.ietf.org ([31.133.151.1]:64507) by hydrogen.portfast.net ([188.246.200.2]:465) with esmtpsa (fixed_plain:ray@bellis.me.uk) (TLS1.0:RSA_AES_128_CBC_SHA1:16) id 1gJzhL-0003gr-1q (Exim 4.72) for dnsop@ietf.org (return-path <ray@bellis.me.uk>); Tue, 06 Nov 2018 11:39:07 +0000
To: dnsop@ietf.org
References: <20180919201401.8E0C220051382A@ary.qy> <08C8A740-D09B-4577-AF2A-79225EDB526B@dotat.at> <20180920061343.GA754@jurassic> <E944887D-51ED-41A0-AC5A-3076743620D8@isoc.org> <acef1f69-8e4f-52cc-dca5-3ada9446e0ee@bellis.me.uk> <683ea769-094a-4f06-5a43-d5cb557f285a@pletterpet.nl> <75d28a7a-826c-6ae4-8df0-7813035d04a0@bellis.me.uk> <85b54d67-5f58-2cdc-9080-e7bcf86c2995@pletterpet.nl>
From: Ray Bellis <ray@bellis.me.uk>
Message-ID: <a3869874-e16e-12cb-a385-f8b11bee4f69@bellis.me.uk>
Date: Tue, 6 Nov 2018 18:39:06 +0700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.14; rv:60.0) Gecko/20100101 Thunderbird/60.3.0
MIME-Version: 1.0
In-Reply-To: <85b54d67-5f58-2cdc-9080-e7bcf86c2995@pletterpet.nl>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Language: en-GB
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/85zmZh83T6q6PvlYZB27i2lY7eY>
Subject: Re: [DNSOP] Minimum viable ANAME
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 06 Nov 2018 11:39:12 -0000


On 06/11/2018 17:58, Matthijs Mekking wrote:

> That's the crux: A solution that depends on upgrading the resolvers is 
> considered not a (fast enough) deployable solution.

The HTTP record does not depend on resolvers being upgraded.   If the 
browser vendors implement the client side, it's not required.

Once they do fully implement it by serving the A and AAAA records from 
cache, then it'll be fast, too.

> That's why I like ANAME: It allows you to do CNAME-at-the-APEX 
> processing without requiring resolvers to be updated, however resolvers 
> can implement ANAME to optimize the behavior.
> 
> Also the ANAME in its current form does not require (but also does not 
> prevent) the resolution to take place inside the name server, it can be 
> a simple script that is part of your zone provisioning.

I think Tony Finch was suggesting that you could also do that with "HTTP".

Ray