Re: [DNSOP] new ANAME draft: draft-hunt-dnsop-aname-00.txt

Tony Finch <dot@dotat.at> Tue, 11 April 2017 20:15 UTC

Return-Path: <dot@dotat.at>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9810F13145E for <dnsop@ietfa.amsl.com>; Tue, 11 Apr 2017 13:15:31 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.619
X-Spam-Level:
X-Spam-Status: No, score=-2.619 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=messagingengine.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id JXYyE4JjnPtV for <dnsop@ietfa.amsl.com>; Tue, 11 Apr 2017 13:15:29 -0700 (PDT)
Received: from out1-smtp.messagingengine.com (out1-smtp.messagingengine.com [66.111.4.25]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 63BA9131458 for <dnsop@ietf.org>; Tue, 11 Apr 2017 13:15:29 -0700 (PDT)
Received: from compute4.internal (compute4.nyi.internal [10.202.2.44]) by mailout.nyi.internal (Postfix) with ESMTP id C025D20A75; Tue, 11 Apr 2017 16:15:28 -0400 (EDT)
Received: from frontend2 ([10.202.2.161]) by compute4.internal (MEProxy); Tue, 11 Apr 2017 16:15:28 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-transfer-encoding:content-type :date:from:in-reply-to:message-id:mime-version:references :subject:to:x-me-sender:x-me-sender:x-sasl-enc:x-sasl-enc; s= fm1; bh=lNLazPl4gEopSoRu61iPk0b6se2vRujwmx9bs0GKCqI=; b=JSlqaqzz ZO0S0z6mTW+/UrYLkHQeX4dIoOOROo6GtRwqvrsLvDnfuZhJoUCjsd1TYPQWdvWB n9IT9s/uzhLr5tQT/z9uezZb9xbJnkRN4aetcIkdncpqB8HCYCbKPtrenKZsCN7M 3ayINhsnD6LoTILqxtL3OdFgZxxtp/QtXN6Qtle23U/M7Tv7CRlcyqruN0XpXTGw QVUPz0Ud1dZrscrTlYq+BaYoFnjyNbr1eDq7enOsGx3e3EboYhbd7/nuOvK70b+l ARMRA9slJ2AlRAUNpWo64dU5TVcZTw/Oo6gqma59Rq1QZY616vHWkBWFYvd87wDi Jl1+Dlw3/p2+Gw==
X-ME-Sender: <xms:YDntWAhoLs5o2IEfkJV7s5e3be3wZx_7ZXF4LTtAKwujctCLkJNYQQ>
X-Sasl-enc: 74hkCNJPVLbRMnxyXLfY7wRjPYaLvhluiG13MOmCvrpl 1491941728
Received: from [10.46.241.198] (188.29.164.8.threembb.co.uk [188.29.164.8]) by mail.messagingengine.com (Postfix) with ESMTPA id 2D899240AE; Tue, 11 Apr 2017 16:15:28 -0400 (EDT)
Content-Type: text/plain; charset=us-ascii
Mime-Version: 1.0 (1.0)
From: Tony Finch <dot@dotat.at>
X-Mailer: iPhone Mail (14D27)
In-Reply-To: <fac97c1e-325a-e9ef-3681-c01782bb3c4e@redhat.com>
Date: Tue, 11 Apr 2017 21:15:22 +0100
Cc: Paul Wouters <paul@nohats.ca>, dnsop <dnsop@ietf.org>
Content-Transfer-Encoding: quoted-printable
Message-Id: <F5CDCCDF-615A-4A25-B98E-C8D34FE72CD0@dotat.at>
References: <20170407181139.GB66383@isc.org> <cc3bbc7a-3f48-2f7f-a3d9-3f752874fc00@redhat.com> <alpine.DEB.2.11.1704111641290.4393@grey.csi.cam.ac.uk> <alpine.LRH.2.20.999.1704111147390.8670@bofh.nohats.ca> <alpine.DEB.2.11.1704111928520.4393@grey.csi.cam.ac.uk> <763184bf-06ec-8320-07ff-9117b08cc509@redhat.com> <CC41BD92-4151-4A28-9D7D-EFF9978822A2@dotat.at> <fac97c1e-325a-e9ef-3681-c01782bb3c4e@redhat.com>
To: Florian Weimer <fweimer@redhat.com>
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/XMoCzP60eJcD_lVFBkxktp3hR-g>
Subject: Re: [DNSOP] new ANAME draft: draft-hunt-dnsop-aname-00.txt
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 11 Apr 2017 20:15:32 -0000

> On 11 Apr 2017, at 20:39, Florian Weimer <fweimer@redhat.com> wrote:
>> On 04/11/2017 09:15 PM, Tony Finch wrote:
>> 
>> That doesn't work if the web server is at 3rd party provider A but you want provider B's mail service not provider A's.
> 
> I don't understand.
> 
> I think it boils down to who operates the target DNS zone and how flexible they are.  It has nothing to do with who runs the web server.

In many cases the ANAME target will be a mass web hosting provider which doesn't have any flexibility in their DNS setup.

And you still don't want CNAME pointing at MX because of the interop problems.

Having implemented something like this on the provisioning end, it seems simpler and more useful to me to make ANAMEs work anywhere.

Tony.
-- 
f.anthony.n.finch  <dot@dotat.at>  http://dotat.at