IETF Logo Mail Archive

Re: [DNSOP] SRV and HTTP

Mark Andrews <marka@isc.org> Wed, 11 July 2018 22:51 UTC

Return-Path: <marka@isc.org>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6CB30130E5D; Wed, 11 Jul 2018 15:51:50 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.901
X-Spam-Level:
X-Spam-Status: No, score=-6.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ff8MedgjyJ12; Wed, 11 Jul 2018 15:51:48 -0700 (PDT)
Received: from mx.pao1.isc.org (mx.pao1.isc.org [IPv6:2001:4f8:0:2::2b]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 980461274D0; Wed, 11 Jul 2018 15:51:48 -0700 (PDT)
Received: from zmx1.isc.org (zmx1.isc.org [149.20.0.20]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx.pao1.isc.org (Postfix) with ESMTPS id 640033AB044; Wed, 11 Jul 2018 22:51:48 +0000 (UTC)
Received: from zmx1.isc.org (localhost [127.0.0.1]) by zmx1.isc.org (Postfix) with ESMTPS id 4B821160043; Wed, 11 Jul 2018 22:51:48 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1]) by zmx1.isc.org (Postfix) with ESMTP id 32CE4160072; Wed, 11 Jul 2018 22:51:48 +0000 (UTC)
Received: from zmx1.isc.org ([127.0.0.1]) by localhost (zmx1.isc.org [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id GchlsJqYTP_c; Wed, 11 Jul 2018 22:51:48 +0000 (UTC)
Received: from [172.30.42.67] (c27-253-115-14.carlnfd2.nsw.optusnet.com.au [27.253.115.14]) by zmx1.isc.org (Postfix) with ESMTPSA id 522C1160043; Wed, 11 Jul 2018 22:51:46 +0000 (UTC)
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 11.5 \(3445.9.1\))
From: Mark Andrews <marka@isc.org>
In-Reply-To: <20180711212427.GA9723@localhost>
Date: Thu, 12 Jul 2018 08:51:43 +1000
Cc: Mark Nottingham <mnot@mnot.net>, Joe Abley <jabley@hopcount.ca>, dnsop@ietf.org, DoH WG <doh@ietf.org>, Adam Roach <adam@nostrum.com>, driu@ietf.org, HTTP Working Group <ietf-http-wg@w3.org>
Content-Transfer-Encoding: quoted-printable
Message-Id: <0D94DD5C-944F-46EC-BFC0-9D84B5CE4C2E@isc.org>
References: <alpine.LRH.2.21.1807101056140.5219@bofh.nohats.ca> <4a845808-5348-d6e4-dda2-59aaf0e85c14@nostrum.com> <3DF5A66C-CCBF-4116-A1FC-35CF8E05808B@hopcount.ca> <e1675184-f0bc-670d-3db1-b99a9daf1657@nostrum.com> <CAJhMdTOZtOpF_aK-ZzP0DfkDMcAtTKFLdSpKkrSPvP1cOgnOjQ@mail.gmail.com> <e658445a-242b-5f94-f1fc-0bc4c850319d@nostrum.com> <CAJhMdTOPjhbOK=NQijnYZ3kCY_+f-87n7wwwuR38ifHUG5msqA@mail.gmail.com> <F6C1AF50-EB1B-4E09-9A72-229AD4AC7E57@mnot.net> <82099DED-CCB6-4CDC-BFE6-97B1AB3EB0A4@isc.org> <7A9000F5-0772-49FC-BDBB-862C8141BA54@mnot.net> <20180711212427.GA9723@localhost>
To: Nico Williams <nico@cryptonector.com>
X-Mailer: Apple Mail (2.3445.9.1)
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/8sg7EhUivKC1daqZEpwVexltt8Y>
Subject: Re: [DNSOP] SRV and HTTP
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.27
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 11 Jul 2018 22:51:51 -0000


> On 12 Jul 2018, at 7:24 am, Nico Williams <nico@cryptonector.com> wrote:
> 
>>> On 11 Jul 2018, at 11:30 am, Mark Andrews <marka@isc.org> wrote:
>>> 
>>>>> On 11 Jul 2018, at 3:55 am, Joe Abley <jabley@hopcount.ca> wrote:
>>>>> 
>>>>> *cups hand to ear*
>>>>> 
>>>>> Was that the sound of a distant desire to specify use of SRV for
>>>>> HTTP?
>>> 
>>> I think there are three main objections.
>>> 
>>> 1) Wildcards don’t work with prefixes.
>>> 2) Additional data isn’t always returned it may require multiple round trips.
>>> 3) Additional data processing doesn’t support negative responses.
>>> 
>>> All of these issues are trivially easy to fix.  It just require willingness to implement.
>>> 
>>> 1) is addressed by defining a new type(s) rather than using prefixes.
> 
> While that is correct, and truly, it is trivial to implement, it is not
> trivial to deploy: too many DNS hosting providers would have to update
> UIs.

Garbage.  There really isn’t.  People keep saying something can’t be done
because there are too many X.  X get replaced.  X get updated.  As for DNS
hosting providers that support a given type, we create a site and report
what software by version and date and what DNS hosting providers support
the type native or unknown formats.

We also don’t have to achieve 100%.  People can move to DNS hosters that
do support the type or host their own DNS.  Every DNS hoster that provides
slave/secondary services already supports they type as UNKNOWN has been out
there so long.

> Let me add my voice in favor of new RR types by which to replace SRV
> RRs.  URI is one of them, for the sorts of things we do in Kerberos for
> KDC discovery, but no really appropriate for resolving HTTP authorities.
> 
>>> 2) is addressed by getting recursive servers to fill in missing additional data before returning.  Named has code in review for this for SRV as proof of concept.
> 
> That would be very nice indeed.  Unbound will need that too.
> 
>>> 3) is addressed by adding some signalling between the client and recursive server to indicate if the additional section is complete or not.
> 
> Well, OK, but as with (2) that requires recursive resolver critical
> mass.  Not necessarily a big deal, though it will take enough time that
> many apps will need to support falling back to doing multiple queries
> one by one.

They can do the queries in parallel, that 2 RTTs.

> Nico
> -- 

-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742              INTERNET: marka@isc.org

v2.23.0 | Report a Bug | By Email