Re: [DNSOP] HTTPS and SVBC key names.
Brian Dickson <brian.peter.dickson@gmail.com> Wed, 15 July 2020 19:02 UTC
Return-Path: <brian.peter.dickson@gmail.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6720C3A0EC4 for <dnsop@ietfa.amsl.com>; Wed, 15 Jul 2020 12:02:33 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id asKaE53dEyyN for <dnsop@ietfa.amsl.com>; Wed, 15 Jul 2020 12:02:30 -0700 (PDT)
Received: from mail-vs1-xe33.google.com (mail-vs1-xe33.google.com [IPv6:2607:f8b0:4864:20::e33]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E05173A0EC1 for <dnsop@ietf.org>; Wed, 15 Jul 2020 12:02:16 -0700 (PDT)
Received: by mail-vs1-xe33.google.com with SMTP id k7so1687163vso.2 for <dnsop@ietf.org>; Wed, 15 Jul 2020 12:02:16 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=TsO0hEnqPEWmqnQHreFkdzfo4xdyWAc9oixSPa8xbB0=; b=H25zh0I8DJIMOV1L+nqSjbZebcFXSYWn9FmhWA6htMpvH/xjdQPJYLdQDE3gIuJzmq 7QjxaNIwXu2GS6zn6EHjQfZjNKe1tNx75zDuRslpLaMjwlXG8RU101t+ER7mViTp3j8x guhJ4ofzfkgAbrYM6CETul7HvDNG9Vx480PxKBRj1VlyLqL6IeiAh3t5EUdvhvKKP+cA cZJyKWolOiHRqQbdoCED5P/tr+KDWB10lBbfXzAuh5OaeCTYrj8E/7CU6HyRpisxVLsI Vp5U9P335L8ia5qSoh2GfpI9EFJGjaVDtaWB4KOVXbzRuKNqRc3QUYGq3SOPIc3Z4wm6 aQqQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=TsO0hEnqPEWmqnQHreFkdzfo4xdyWAc9oixSPa8xbB0=; b=LHpEiwuIyyxoo7uIINUhAkh2kRuOGMKizC78lHxH+SDaft2K5jK0IgG/CluQ3lblxa Nh0OVFrB/03oMFbJsvHSgngDo5Lsz0UIW+3BqEKbRWIH2TsvX7s/Z8Je2QM8txpV/8ga 3l9aYDM2qGsKqWngYCOuek4CIepDJY5W/2TcSo/hpg0EvbVc5vuzpHvjn6+Qb0sar/Aw OKfPfBZfEwZzG52IbFr7aypQusO6F0sS8Gtl0a6Siih71NTC999q/zND3Li+hwgRvX6v TafWG1W5yiP5sQR/U7rGxNoILp4AAalSn/T6u/a2S3uuojHuzhx9hyLzAqIvDEc5gZxU /g/Q==
X-Gm-Message-State: AOAM533o/xWDS3hiVJrH73bKoLpgmVQOuw2KeoZHfF/WgEcwM4Ugha7q PRaAb3pz7Av3DScJqPWnEf5bwL7zv26n3gL5e1Rlew==
X-Google-Smtp-Source: ABdhPJzkdkYcDn2V9S5CeHUGjleXwDZYncmvq+sEexa256XMHZ/zFbMMbJxYKjVbCkoE9uGNKaHoGnT0SZAKaIfYx8U=
X-Received: by 2002:a67:e81:: with SMTP id 123mr534103vso.75.1594839735986; Wed, 15 Jul 2020 12:02:15 -0700 (PDT)
MIME-Version: 1.0
References: <23FA2BA0-43B9-49A3-B288-3ADFCE1D1DB1@isc.org> <CAHbrMsDOyTXyJydro8enSePy9COOfK7AVL6Pqv94YGAGhg41Hg@mail.gmail.com> <CAKC-DJiBw7vDr_KA1sb+ephuagRCT84f1B0PGXJptPiZTh2CSg@mail.gmail.com> <CAN6NTqxGLF0tZ17TX8jy2YWPf=qHhW93=fKETJ4kScJbQUUgxw@mail.gmail.com> <CAKC-DJiMngJonCp2EPrHTWMHwV0VAGquf733YcTZ9JSTFtwAhA@mail.gmail.com>
In-Reply-To: <CAKC-DJiMngJonCp2EPrHTWMHwV0VAGquf733YcTZ9JSTFtwAhA@mail.gmail.com>
From: Brian Dickson <brian.peter.dickson@gmail.com>
Date: Wed, 15 Jul 2020 12:02:03 -0700
Message-ID: <CAH1iCipbR9D_Tqc4dW5zARpEgjZ=-b3d6ZywPzo0=jfBedppYw@mail.gmail.com>
To: Erik Nygren <erik+ietf@nygren.org>
Cc: Ólafur Guðmundsson <olafur@cloudflare.com>, Ben Schwartz <bemasc=40google.com@dmarc.ietf.org>, dnsop WG <dnsop@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000efeea905aa7f8f12"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/Vb9H6gmRqgStCdZeEHaCOaLp6E8>
Subject: Re: [DNSOP] HTTPS and SVBC key names.
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 15 Jul 2020 19:02:33 -0000
On Wed, Jul 15, 2020 at 10:16 AM Erik Nygren <erik+ietf@nygren.org> wrote: > We landed on 63 in the draft version we just published (to align with max > label lengths). > There's no reason they *need* to be short as they are just in presentation > form, so their length > comes down to usability and finding the right words. The longest > currently is 15 and it would > be better to avoid future ones needing to be artificially constrained. Is > there a reason we'd > want to decrease this (eg, to 31)? > These key names are table entries in an IANA table, and never go over the wire. So, while it might be a reasonable design choice to limit the character set to match DNS labels, i.e. US ASCII, that's not technically a requirement. I'm not suggesting doing otherwise, but, it should at least be called out as a conscious decision. Maybe an alternative solution would be "any valid A-label", which would potentially support UTF table entries encoded with puny-code? As for length, as long as it is long enough to encode "bikeshed-colour", I don't really care. :-) Brian > > On Wed, Jul 15, 2020 at 1:07 PM Ólafur Guðmundsson <olafur@cloudflare.com> > wrote: > >> How about 2 or 10 ? >> why do the names to need to be long ? >> >> Olafur >> >> >> On Thu, Jul 9, 2020 at 10:18 PM Erik Nygren <erik+ietf@nygren.org> wrote: >> >>> Or 64? >>> >>> >>> >>> - Erik >>> >>> [Sent from my IPv6 connected T-Mobile 4G LTE mobile device] >>> >>> On Thu, Jul 9, 2020, 9:40 PM Ben Schwartz <bemasc= >>> 40google.com@dmarc.ietf.org> wrote: >>> >>>> How about 255 characters? >>>> >>>> On Thu, Jul 9, 2020 at 9:25 PM Mark Andrews <marka@isc.org> wrote: >>>> >>>>> Can we please have a length limit on key names? At the moment they >>>>> could be a billion characters long as they don’t go over the wire. >>>>> -- >>>>> Mark Andrews, ISC >>>>> 1 Seymour St., Dundas Valley, NSW 2117, Australia >>>>> PHONE: +61 2 9871 4742 <+61%202%209871%204742> INTERNET: >>>>> marka@isc.org >>>>> >>>>> _______________________________________________ >>>>> DNSOP mailing list >>>>> DNSOP@ietf.org >>>>> https://www.ietf.org/mailman/listinfo/dnsop >>>>> >>>> _______________________________________________ >>>> DNSOP mailing list >>>> DNSOP@ietf.org >>>> https://www.ietf.org/mailman/listinfo/dnsop >>>> >>> _______________________________________________ >>> DNSOP mailing list >>> DNSOP@ietf.org >>> https://www.ietf.org/mailman/listinfo/dnsop >>> >> >> >> -- >> Ólafur Gudmundsson | Engineering Director >> www.cloudflare.com blog.cloudflare.com >> > _______________________________________________ > DNSOP mailing list > DNSOP@ietf.org > https://www.ietf.org/mailman/listinfo/dnsop >
- [DNSOP] HTTPS and SVBC key names. Mark Andrews
- Re: [DNSOP] HTTPS and SVBC key names. Ben Schwartz
- Re: [DNSOP] HTTPS and SVBC key names. Erik Nygren
- Re: [DNSOP] HTTPS and SVBC key names. Ólafur Guðmundsson
- Re: [DNSOP] HTTPS and SVBC key names. Erik Nygren
- Re: [DNSOP] HTTPS and SVBC key names. Ólafur Guðmundsson
- Re: [DNSOP] HTTPS and SVBC key names. Tommy Pauly
- Re: [DNSOP] HTTPS and SVBC key names. Brian Dickson
- Re: [DNSOP] HTTPS and SVBC key names. Dick Franks
- Re: [DNSOP] HTTPS and SVBC key names. Ben Schwartz
- Re: [DNSOP] HTTPS and SVBC key names. Dick Franks
- Re: [DNSOP] HTTPS and SVBC key names. Ben Schwartz
- Re: [DNSOP] HTTPS and SVBC key names. Dick Franks
- Re: [DNSOP] HTTPS and SVBC key names. Ben Schwartz
- Re: [DNSOP] HTTPS and SVBC key names. Mark Andrews
- Re: [DNSOP] HTTPS and SVBC key names. Mark Andrews
- Re: [DNSOP] HTTPS and SVBC key names. Dick Franks
- Re: [DNSOP] HTTPS and SVBC key names. Dick Franks
- Re: [DNSOP] HTTPS and SVBC key names. Ben Schwartz
- Re: [DNSOP] HTTPS and SVBC key names. Mark Andrews
- Re: [DNSOP] HTTPS and SVBC key names. Dick Franks