IETF Logo Mail Archive

Re: [DNSOP] [Ext] Questions / concerns with draft-ietf-dnsop-svcb-https (in RFC Editor queue)

Martin Thomson <mt@lowentropy.net> Thu, 08 September 2022 04:08 UTC

Return-Path: <mt@lowentropy.net>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6D678C14CF1C for <dnsop@ietfa.amsl.com>; Wed, 7 Sep 2022 21:08:51 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.108
X-Spam-Level:
X-Spam-Status: No, score=-7.108 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=lowentropy.net header.b=WBf2/Mt/; dkim=pass (2048-bit key) header.d=messagingengine.com header.b=X3Vm4X6i
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pwfeD4MtV-_C for <dnsop@ietfa.amsl.com>; Wed, 7 Sep 2022 21:08:46 -0700 (PDT)
Received: from out3-smtp.messagingengine.com (out3-smtp.messagingengine.com [66.111.4.27]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C68C0C14F748 for <dnsop@ietf.org>; Wed, 7 Sep 2022 21:08:46 -0700 (PDT)
Received: from compute3.internal (compute3.nyi.internal [10.202.2.43]) by mailout.nyi.internal (Postfix) with ESMTP id 016BA5C0160 for <dnsop@ietf.org>; Thu, 8 Sep 2022 00:08:46 -0400 (EDT)
Received: from imap41 ([10.202.2.91]) by compute3.internal (MEProxy); Thu, 08 Sep 2022 00:08:46 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lowentropy.net; h=cc:content-type:date:date:from:from:in-reply-to:in-reply-to :message-id:mime-version:references:reply-to:sender:subject :subject:to:to; s=fm3; t=1662610125; x=1662696525; bh=OG6CnGZrE7 33lPPsg/R64UJihe2GfbVeFTVrXctO2Gw=; b=WBf2/Mt/6cLKD/VV6eAq3RUTaw jpLPdrURjeQPDCahVXLImR9srmM12ym62gp8fqO+ET+/YXQswFC+WFdgYMpVUOZI FTJprbjp77haVneAUUU9FgzrIQPerxJO/nDXtkmMPKYFZD5daxLWSUqA41LxPYqn W/VKrBn1e3mua7xKAgfIzUIMe1RG8RbwmyxzhxwSEhSJwTYRPeg7l0o161SYy15z 8dUWPs5m9VcDxTKao8KhUx/u+ZX0JInRI2lgFTfmezR0Gbi6Dem2xOpGuesD9T8q OMSdHAL5f5iHvU1CtD5SQ+DxquFBPLiTH4X/3+8O9Z/0sb8uhOJ0naoYOnMg==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-type:date:date:feedback-id :feedback-id:from:from:in-reply-to:in-reply-to:message-id :mime-version:references:reply-to:sender:subject:subject:to:to :x-me-proxy:x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s= fm2; t=1662610125; x=1662696525; bh=OG6CnGZrE733lPPsg/R64UJihe2G fbVeFTVrXctO2Gw=; b=X3Vm4X6i/T0RABi1O9jweknR6BRhKa0AQq242yn9vJgz XN58n4FufsxXaC5/TOww/K9/lBEGVaTqNSZIqaFx2KPDpGteLY6eNXdavt0w/Xzj oVcJkNOtIhOtvopH6sWCI2D6BHGmVGKH7fR0PA/Ea8peueAEk+1H0HbYP2Cb27uo 4AWiPALbYgW/PLftGuxJMltjUap+NORMUzNO1qlu7uuju/CNooNfodiDWJQ5Qf6Y qUwRA6LubuUQ2fvNvYPN7GUPypihwklmkIAHiwqlBPTPjfif+Nqn6Oi+Aj1hccZ5 kjiAioHMxpyFNj2bVxmWrZ9G6rftXrX8Ztq58dAsBw==
X-ME-Sender: <xms:zWoZYzCaZQzz_PqapnEzDxKQxWtuyYiqbPUauKr_AoqFuVYGgT17cQ> <xme:zWoZY5ji_5t00jAxw6eJMHCNLID-YfTPeXlL3RRMbJSUkQQmBgRfmYmnDHaR0XdNf m7WpW2_1xioZS3Uo5c>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvfedrfedtuddgkedvucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucenucfjughrpefofgggkfgjfhffhffvufgtsehttd ertderredtnecuhfhrohhmpedfofgrrhhtihhnucfvhhhomhhsohhnfdcuoehmtheslhho figvnhhtrhhophihrdhnvghtqeenucggtffrrghtthgvrhhnpeekteeuieektdekleefke evhfekffevvdevgfekgfeluefgvdejjeegffeigedtjeenucevlhhushhtvghrufhiiigv pedtnecurfgrrhgrmhepmhgrihhlfhhrohhmpehmtheslhhofigvnhhtrhhophihrdhnvg ht
X-ME-Proxy: <xmx:zWoZY-liCP3ks0056vTaWXypWjfOxM-cagMmUpH7uEReaAL8JuT3zg> <xmx:zWoZY1zfHseywcqfnbNv_U83OE21zjJpJmR-kP9g8nb9s_HsJ94A6g> <xmx:zWoZY4SG5XHugceadsavZTxPCZaZh6l1fwVEuB3AImRwpk258mkSyQ> <xmx:zWoZY_caHVlOtijUEi5KrUaMqFTuAr0tCeLmlgS2EefqwrXdjx1aYA>
Feedback-ID: ic129442d:Fastmail
Received: by mailuser.nyi.internal (Postfix, from userid 501) id B4888234007E; Thu, 8 Sep 2022 00:08:45 -0400 (EDT)
X-Mailer: MessagingEngine.com Webmail Interface
User-Agent: Cyrus-JMAP/3.7.0-alpha0-927-gf4c98c8499-fm-20220826.002-gf4c98c84
Mime-Version: 1.0
Message-Id: <c37d3c81-9eaa-44f3-a0a4-8b65859298d2@betaapp.fastmail.com>
In-Reply-To: <CAH1iCiriUcqprYj+LJGoo40o-dRsYyGmOFU_6VWbTXBt8+xnJw@mail.gmail.com>
References: <CAH1iCiqzeZORDmbE+XMs1wt6YZKYFZWnsnrvN8fbLHpFXEfDfw@mail.gmail.com> <CAHbrMsDSbDapPFFfhU1iyi5BpEjb8NA7WXz+1pu78dGnuVkNzg@mail.gmail.com> <CAH1iCiojyT47nvNqeCkz8X4ueY0y_fp11BNEoV6WMuWx639_Dg@mail.gmail.com> <CAH1iCipRjnvs71iiK1aaMKj98P65-NqKSL4+XfmMA_MsU9_JNg@mail.gmail.com> <CAHw9_iJg7yTECPbPvSNxac21My4SqPjMjhYS4tFRWBzFmjkLjg@mail.gmail.com> <CAH1iCipoo2u2h8XtJp8iwrg-bonMC785RehC3bVzbMKaLv+Kpg@mail.gmail.com> <0203FD85-487D-4B64-88BF-818B5BE0BC70@apple.com> <CAHbrMsCZSkakKvnxTsqQ0JmywNAHwVC1DyN0aVJ72sH7fgy6pA@mail.gmail.com> <CAHw9_iLNSnwUyZomkQ49Czhk-evy1Z4LjL7CfVhP7EFvZpBh5A@mail.gmail.com> <Yxk1Iikv8XazQa7o@straasha.imrryr.org> <Yxk7ycs0274UMSSh@straasha.imrryr.org> <0A4F52A8-378F-4222-9E5A-041A82E97C79@icann.org> <CAH1iCiriUcqprYj+LJGoo40o-dRsYyGmOFU_6VWbTXBt8+xnJw@mail.gmail.com>
Date: Thu, 08 Sep 2022 14:08:27 +1000
From: Martin Thomson <mt@lowentropy.net>
To: dnsop@ietf.org
Content-Type: text/plain
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/BnXhCzX9s3kn4oAkQyRkbDeEIM0>
Subject: Re: [DNSOP] [Ext] Questions / concerns with draft-ietf-dnsop-svcb-https (in RFC Editor queue)
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 08 Sep 2022 04:08:51 -0000


On Thu, Sep 8, 2022, at 13:29, Brian Dickson wrote:
> If no AliasMode record was processed, then $QNAME would be the origin 
> name PLUS the prefix(es) of type attrleaf ( underscore thingies). Those 
> won't be legitimate A/AAAA owner names (and shouldn't exist), and if a 
> client did that it would be harmful (to the client), at least a little 
> bit harmful (trying something that won't work.)

(FWIW, I had trouble parsing this last bit.)

Can the AliasMode record reference a name that includes attrleaf labels, such that this could be as non-functional as using the attrleaf-laden original $QNAME?

v2.23.0 | Report a Bug | By Email