Re: [DNSOP] abandoning ANAME and standardizing CNAME at apex

Ray Bellis <ray@bellis.me.uk> Mon, 17 September 2018 07:30 UTC

Return-Path: <ray@bellis.me.uk>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AB32E130DC3 for <dnsop@ietfa.amsl.com>; Mon, 17 Sep 2018 00:30:00 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id dqUij-nluafD for <dnsop@ietfa.amsl.com>; Mon, 17 Sep 2018 00:29:57 -0700 (PDT)
Received: from hydrogen.portfast.net (hydrogen.portfast.net [188.246.200.2]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6EFD6130DF1 for <dnsop@ietf.org>; Mon, 17 Sep 2018 00:29:57 -0700 (PDT)
Received: from [88.212.170.147] (port=62081 helo=Barbaras-MacBook-Pro.local) by hydrogen.portfast.net ([188.246.200.2]:465) with esmtpsa (fixed_plain:ray@bellis.me.uk) (TLS1.0:DHE_RSA_AES_128_CBC_SHA1:16) id 1g1nyl-0007qb-6f (Exim 4.72) for dnsop@ietf.org (return-path <ray@bellis.me.uk>); Mon, 17 Sep 2018 08:29:55 +0100
To: dnsop@ietf.org
References: <b73f3dc7-b378-d5d8-c7a2-42bc4326fbae@nic.cz> <20180916095655.GA11121@jurassic> <0C475F3C-2220-4CC4-B564-47E7DF83AF6B@isoc.org> <20180917035134.GA34900@isc.org> <20180917071121.lonvblxpzzb624ye@nic.fr>
From: Ray Bellis <ray@bellis.me.uk>
Message-ID: <d266b0ba-8e8e-ccec-8c32-d8ee7bbc842a@bellis.me.uk>
Date: Mon, 17 Sep 2018 08:29:54 +0100
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.13; rv:52.0) Gecko/20100101 Thunderbird/52.9.1
MIME-Version: 1.0
In-Reply-To: <20180917071121.lonvblxpzzb624ye@nic.fr>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Language: en-US
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/QQ24pSzMIvxTus6hX_jHmileJoE>
Subject: Re: [DNSOP] abandoning ANAME and standardizing CNAME at apex
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 17 Sep 2018 07:30:01 -0000


On 17/09/2018 08:11, Stephane Bortzmeyer wrote:

> Since the main use case is "people with a domain name such as
> example.com, who wants https://example.com/ to actually work, and who
> hosts the stuff at a CDN where the IP address is wildly variable so
> they cannot use A or AAAA records", I suggest that this use case is
> better solved by using SRV records for HTTP. True, it seems
> unrealistic that it will be specified and deployed but it is also the
> case for the DNS "CNAME at apex" change.

We heard at the side meeting in Montreal that SRV doesn't meet the 
requirements, in part because it has features that are considered 
incompatible with the web origin model (i.e. the port field).

I do believe we need a new DNS type code that is designed in cooperation 
with the HTTP community and I've suggested as such on the http-srv 
mailing list, but so far there's little engagement.

There was a suggestion that the proposed ALT-SVC RR could be used, but 
IMHO it has significant issues that would need to be resolved first.

Ray