[DNSOP] SVCB/HTTPS weasel words are dangerous.
Mark Andrews <marka@isc.org> Sun, 31 October 2021 00:03 UTC
Return-Path: <marka@isc.org>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B74413A150C for <dnsop@ietfa.amsl.com>; Sat, 30 Oct 2021 17:03:59 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.099
X-Spam-Level:
X-Spam-Status: No, score=-2.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=isc.org header.b=RVwhcJXq; dkim=pass (1024-bit key) header.d=isc.org header.b=avkpSF4B
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tmZZNefKnGQD for <dnsop@ietfa.amsl.com>; Sat, 30 Oct 2021 17:03:54 -0700 (PDT)
Received: from mx.pao1.isc.org (mx.pao1.isc.org [IPv6:2001:4f8:0:2::2b]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 64D493A150D for <dnsop@ietf.org>; Sat, 30 Oct 2021 17:03:54 -0700 (PDT)
Received: from zimbrang.isc.org (zimbrang.isc.org [149.20.1.12]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx.pao1.isc.org (Postfix) with ESMTPS id 3A8B4435365 for <dnsop@ietf.org>; Sun, 31 Oct 2021 00:03:53 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=isc.org; s=ostpay; t=1635638633; bh=hP9wpcZeiMl3o3JjTvIIMJYpWelRVRAs6kqXWzkqAYY=; h=From:Subject:Date:To; b=RVwhcJXqFV5buIgruDuZboM8WOQhhWB71hsSuWWpOQHNqeee4h0LI0rz3yxptboVz cPUXvmWDcApBFFy1Ui7n/aBjQVALpeWoGAyU0HJ4c3KGp1uuxRa90DCVJXeDk+FU4H jiT65wt6a4/3WcVnspO/NlnAjkrUNUYrhqNdI3Oo=
Received: from zimbrang.isc.org (localhost.localdomain [127.0.0.1]) by zimbrang.isc.org (Postfix) with ESMTPS id 2CC98F04735 for <dnsop@ietf.org>; Sun, 31 Oct 2021 00:03:53 +0000 (UTC)
Received: from localhost (localhost.localdomain [127.0.0.1]) by zimbrang.isc.org (Postfix) with ESMTP id 0214BF04737 for <dnsop@ietf.org>; Sun, 31 Oct 2021 00:03:53 +0000 (UTC)
DKIM-Filter: OpenDKIM Filter v2.10.3 zimbrang.isc.org 0214BF04737
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=isc.org; s=05DFB016-56A2-11EB-AEC0-15368D323330; t=1635638633; bh=Au/+qSz6M7PSr5zerJtGd/S7uTY0ZQQ2K3mmg33miNY=; h=From:Mime-Version:Message-Id:Date:To; b=avkpSF4B+Mi8uUZMMsZSc/f1Q5pTaIGCXuAr+VLMuQFBAa5QeeJ4jwHkK5fEg3SJ2 h/UQUEpiB5ZF7f/YKXq+t5K8b0lb1aGtBSv1JWmB/sBGJRizvoTA1oRkgJd6DMZ3bc FAeDAKxzgmv4nK7zAeT1XBYZBWW6WcIVtPb5MoMk=
Received: from zimbrang.isc.org ([127.0.0.1]) by localhost (zimbrang.isc.org [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id tDTVaHKAY2F3 for <dnsop@ietf.org>; Sun, 31 Oct 2021 00:03:52 +0000 (UTC)
Received: from smtpclient.apple (n114-74-30-70.bla4.nsw.optusnet.com.au [114.74.30.70]) by zimbrang.isc.org (Postfix) with ESMTPSA id 887A1F04735 for <dnsop@ietf.org>; Sun, 31 Oct 2021 00:03:52 +0000 (UTC)
From: Mark Andrews <marka@isc.org>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Mime-Version: 1.0 (Mac OS X Mail 14.0 \(3654.120.0.1.13\))
Message-Id: <01A04E40-DAA8-4C62-B7EE-AC4D80F3B3AC@isc.org>
Date: Sun, 31 Oct 2021 11:03:49 +1100
To: dnsop WG <dnsop@ietf.org>
X-Mailer: Apple Mail (2.3654.120.0.1.13)
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/EhP4nvJV1WEa4wiEIPPZIdLvIhc>
Subject: [DNSOP] SVCB/HTTPS weasel words are dangerous.
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 31 Oct 2021 00:04:00 -0000
In AliasMode, records SHOULD NOT include any SvcParams, and recipients MUST ignore any SvcParams that are present. Today we had the following record like this example.com IN HTTPS 0 . alpn=h2 ipv4hint=192.0.2.1 ipv6hint=2001:DB8: interpreting this as described leads to “0 .” which indicates NO SERVICE OFFERED. Rejecting this at load time would be much safer but the weasel wording of "SHOULD NOT” makes this difficult. Please make this MUST NOT. Mark -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: marka@isc.org
- [DNSOP] SVCB/HTTPS weasel words are dangerous. Mark Andrews
- Re: [DNSOP] SVCB/HTTPS weasel words are dangerous. libor.peltan
- Re: [DNSOP] SVCB/HTTPS weasel words are dangerous. Mark Andrews
- Re: [DNSOP] SVCB/HTTPS weasel words are dangerous. Ben Schwartz
- Re: [DNSOP] SVCB/HTTPS weasel words are dangerous. Eric Orth
- Re: [DNSOP] SVCB/HTTPS weasel words are dangerous. Michael StJohns
- Re: [DNSOP] SVCB/HTTPS weasel words are dangerous. Michael StJohns
- Re: [DNSOP] SVCB/HTTPS weasel words are dangerous. Vladimír Čunát