Re: [DNSOP] Call for Adoption: draft-sah-resolver-information
"Martin Thomson" <mt@lowentropy.net> Sat, 03 August 2019 03:35 UTC
Return-Path: <mt@lowentropy.net>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EE0DC12006D for <dnsop@ietfa.amsl.com>; Fri, 2 Aug 2019 20:35:43 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.7
X-Spam-Level:
X-Spam-Status: No, score=-2.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=lowentropy.net header.b=VCTtQN4D; dkim=pass (2048-bit key) header.d=messagingengine.com header.b=UjTs5cmD
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5YnWDyR3tVnT for <dnsop@ietfa.amsl.com>; Fri, 2 Aug 2019 20:35:42 -0700 (PDT)
Received: from out4-smtp.messagingengine.com (out4-smtp.messagingengine.com [66.111.4.28]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 462E2120046 for <dnsop@ietf.org>; Fri, 2 Aug 2019 20:35:42 -0700 (PDT)
Received: from compute1.internal (compute1.nyi.internal [10.202.2.41]) by mailout.nyi.internal (Postfix) with ESMTP id 5F60F21B5A for <dnsop@ietf.org>; Fri, 2 Aug 2019 23:35:41 -0400 (EDT)
Received: from imap2 ([10.202.2.52]) by compute1.internal (MEProxy); Fri, 02 Aug 2019 23:35:41 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lowentropy.net; h=mime-version:message-id:in-reply-to:references:date:from:to :subject:content-type; s=fm2; bh=krruxFThmKKjCmmXMWqoXFeDbXMh0i4 M51QUYlEMEvE=; b=VCTtQN4DzLT1ViN6xe7uY2dF5o/VlVhxSQLIdYFXiblbHoR tARFWIoYBIfzEkHL7447xvOkZ4lRT7cz7eSJUJZn+JCMkr4dHt752dorYYGy9xf/ T7l8M/60DbgMAOyXtz+maiiQUh1C2KPRhwAEe4t5H30cYgh25E77P8iBzr7OwgP/ 7wbhUAbeh2k1cG9AKPQSB6g63mVzbyB5qaqTQT3klmwH37lV6Q9krXNOEvuaOD4C 2+901zBjMsub9ItGUgnnCUTp3T+GKh3a/UbBA7jJpUwuXVLoZQ6QQdpOcATipPMS BoiSooc2PwVHUOKDfW6WNKAu4TQJh18XCnNr6FA==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=content-type:date:from:in-reply-to :message-id:mime-version:references:subject:to:x-me-proxy :x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=fm3; bh=krruxF ThmKKjCmmXMWqoXFeDbXMh0i4M51QUYlEMEvE=; b=UjTs5cmDleUDReBMiSKTo1 l8jH6Han+OaqlsBOn9taziiA0SEb4wW/hJni66OHUjbyTwtTw/2neY/0ZMDz7WtQ i1ja95reIvnhJ1ucMgpY4+rbOwr8s4AHzbz82EnPmUfM+AgMwy4GU5pk7wZxS0cs 3KZ2gsKijqJetVMMpi8YJGjR7n0NiCLTaA/FhgE/XkTicZiHseyvAGq5yUE4Zf6O 5GAyEOtC2SDLj1eI69OnkxiH9b+f+P6s9HfBTwbZstECDkcrwIIyIK1u987lkUe0 d3j0sY6v+wRbzGf+5BDWPbNxQyO7qf1h0y0RtA+B6MB1GmewZmAmIzajiyAAAltA ==
X-ME-Sender: <xms:DAFFXYkJGAzXPj1nqxGE8OUQZTbeXw4Y_GbjUrF8hNKanFUixA0ZfA>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeduvddruddttddgjeegucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucenucfjughrpefofgggkfgjfhffhffvufgtsehttd ertderredtnecuhfhrohhmpedfofgrrhhtihhnucfvhhhomhhsohhnfdcuoehmtheslhho figvnhhtrhhophihrdhnvghtqeenucfrrghrrghmpehmrghilhhfrhhomhepmhhtsehloh ifvghnthhrohhphidrnhgvthenucevlhhushhtvghrufhiiigvpedt
X-ME-Proxy: <xmx:DAFFXSuNfoMNqlSTB41Is-LlQOGNs75A5H3ilN-60wzblEt1InGqvA> <xmx:DAFFXXmdYosiQjgjxLIkHq_PGZDleXADZAskgJkr8__N8IvWdtALZA> <xmx:DAFFXbkg2gagPt6fsrrG6UcDpERRrHkqqhQp4mK_2fErif4EhSazXg> <xmx:DQFFXYTcCHF1c6BZDkk9-UwfE8U4ZH_W6-tSu8HmXhDzSaiSaA06Hw>
Received: by mailuser.nyi.internal (Postfix, from userid 501) id 8657CE00A2; Fri, 2 Aug 2019 23:35:40 -0400 (EDT)
X-Mailer: MessagingEngine.com Webmail Interface
User-Agent: Cyrus-JMAP/3.1.6-799-g925e343-fmstable-20190729v1
Mime-Version: 1.0
Message-Id: <93191ae0-39e9-4a0f-9750-b553292266bd@www.fastmail.com>
In-Reply-To: <CADyWQ+EUk_Qmnk=x3-om1OMjSMFrhd9qFUKTEBk6qWjh6fgRXQ@mail.gmail.com>
References: <CADyWQ+EUk_Qmnk=x3-om1OMjSMFrhd9qFUKTEBk6qWjh6fgRXQ@mail.gmail.com>
Date: Sat, 03 Aug 2019 13:35:41 +1000
From: Martin Thomson <mt@lowentropy.net>
To: dnsop@ietf.org
Content-Type: text/plain
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/Io0muX455Dl5sjENt--3TJtoXWU>
Subject: Re: [DNSOP] Call for Adoption: draft-sah-resolver-information
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 03 Aug 2019 03:35:44 -0000
On Sat, Aug 3, 2019, at 01:04, Tim Wicinski wrote: > This starts a Call for Adoption for draft-sah-resolver-information I think that I might have said this before, but I don't think that asking an HTTP server about a DNS server is the right solution. If this is information about the operation of a participant in the DNS protocol, then I think that this needs to use the DNS protocol. For connection-oriented interactions, having the information associated with a connection (and not a server identity) would be even better. This also bakes in the notion that a DNS resolver is identified by IP address. The domain name part is probably OK, but I don't know which trust anchors to use. I think that the document is assuming that we'll use the Web PKI, but it doesn't say that (nor does RFC 8310, as far as I can tell). If you can answer the question "why not DANE?" then you might start to understand my concerns here. The RESINFO RRtype seems OK, but I have less confidence in my ability to assess that aspect of this. The only thing that bothers me is the potential for 1.0.0.10.in-addr.arpa and friends to leak and ruin the protocol for everyone. I realize that there are no good solutions here, but it would be good if there were a little more clarity on the constraints this group thought applied to the design. The inventory thing is fairly irregular. The names of fields are right there already, why insist on repeating them in an array? With all that, I think that it would be premature to assume that this is the right direction.
- [DNSOP] Call for Adoption: draft-sah-resolver-inf… Tim Wicinski
- Re: [DNSOP] Call for Adoption: draft-sah-resolver… Martin Thomson
- Re: [DNSOP] [Ext] Call for Adoption: draft-sah-re… Paul Hoffman
- Re: [DNSOP] Call for Adoption: draft-sah-resolver… Rob Sayre
- Re: [DNSOP] Call for Adoption: draft-sah-resolver… Paul Wouters
- Re: [DNSOP] [Ext] Call for Adoption: draft-sah-re… Martin Thomson
- Re: [DNSOP] Call for Adoption: draft-sah-resolver… Ralf Weber
- Re: [DNSOP] Call for Adoption: draft-sah-resolver… tirumal reddy
- Re: [DNSOP] Call for Adoption: draft-sah-resolver… tirumal reddy
- Re: [DNSOP] [Ext] Call for Adoption: draft-sah-re… Joe Abley
- Re: [DNSOP] [Ext] Call for Adoption: draft-sah-re… Paul Hoffman
- Re: [DNSOP] [Ext] Call for Adoption: draft-sah-re… Paul Hoffman
- Re: [DNSOP] [Ext] Call for Adoption: draft-sah-re… Paul Ebersman
- Re: [DNSOP] [Ext] Call for Adoption: draft-sah-re… Ben Schwartz
- Re: [DNSOP] [Ext] Call for Adoption: draft-sah-re… Ralf Weber
- Re: [DNSOP] [Ext] Call for Adoption: draft-sah-re… Brian Dickson
- Re: [DNSOP] [Ext] Call for Adoption: draft-sah-re… John Levine
- Re: [DNSOP] [Ext] Call for Adoption: draft-sah-re… tirumal reddy
- Re: [DNSOP] [Ext] Call for Adoption: draft-sah-re… Tim Wicinski