[DNSOP] Comments on draft-ietf-dnsop-svcb-httpssvc-02

Dragana Damjanovic <dragana.damjano@gmail.com> Wed, 06 May 2020 20:17 UTC

Return-Path: <dragana.damjano@gmail.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost []) by ietfa.amsl.com (Postfix) with ESMTP id 28F043A0B05 for <dnsop@ietfa.amsl.com>; Wed, 6 May 2020 13:17:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id WV_3YDkY2akP for <dnsop@ietfa.amsl.com>; Wed, 6 May 2020 13:17:39 -0700 (PDT)
Received: from mail-io1-xd30.google.com (mail-io1-xd30.google.com [IPv6:2607:f8b0:4864:20::d30]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7309A3A0B00 for <dnsop@ietf.org>; Wed, 6 May 2020 13:17:39 -0700 (PDT)
Received: by mail-io1-xd30.google.com with SMTP id j8so3533262iog.13 for <dnsop@ietf.org>; Wed, 06 May 2020 13:17:39 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:date:message-id:subject:to; bh=FiEEj4nKRmDkXLx8v5lYVOFKMxc80YIBMI6vwog6bTI=; b=fc5lI41nfl/wR0nAF2UQVsYIRirTuoPqyvXSLYXmCiwVMrA4nBI2BepRlYVhRenlrd YA1/RdjOhZNFBu/dqD2wfRvffIozLawlVkmfx6Fzh8cAbIuoQV4/i5mYKkAVN+p8lwar qucguYpCdlKqMc57lAloT4+q4mCqDEdu+aV/HrpZTEnJRf88JfTAa0DlPOp0rIkQ3IZR OWkNec+xwT5l7aq80M6EKtY8u4duSVYWSSmZJZE70KbzkvqM3nrz9LLfWp/lH8iXO6DW 7tJLcQgxPdVAxW0xxDG1fHHOZ79gNbrFk3KocMkSRwgz/INJf5C4fjUcr9TKSbYcirLR NIEw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=FiEEj4nKRmDkXLx8v5lYVOFKMxc80YIBMI6vwog6bTI=; b=FSiPcJUf/o2ojbBmMGSOCxWMdHMsDyibJCFjNallRINxmCAfA3XvWczH/9AXt2XaEm /C52AsNemUsBUUt7DBQXBv3g/RaNv/4ayUl88IvdPWEsz60KDTsQmKgEGaGZthYVTaM+ 3QFruYm9EvJImJkCHKPW5l1KFymUyUAWTPLJu8xr0tH2I54vwdq0JnsUdEgG0bMq/4hK w6eHFqrIYvGZlqUramjYagec0CfmdxPUuQCK1kJRlVTHTrsvUI9k6Cb01Uisc3CchDx8 wKvoAtBo7zj3Bw3Q+TTlg+nClSTAcSmQoKhsxAey2JjXNyPvwPrbcO8nUQ145PHeeKp5 4yeQ==
X-Gm-Message-State: AGi0Pub7uvCk0tcdnaaRBrkKfOGp4YKXJJA7LQvFYpooWcHcjydQO6am mTIRcHWQm17FdtVOn3OxAyqx8p6dW1Pz0kVjUgdsdd81
X-Google-Smtp-Source: APiQypLMPfxuWuwq2QJ7tl83CCijjjFn3q7aB3gV5JL8KSvveQH1oBE7cyazIn05ZaISJc9Kf/subdiOY6KAqFdSmCM=
X-Received: by 2002:a5e:8c03:: with SMTP id n3mr10083136ioj.160.1588796258573; Wed, 06 May 2020 13:17:38 -0700 (PDT)
MIME-Version: 1.0
From: Dragana Damjanovic <dragana.damjano@gmail.com>
Date: Wed, 6 May 2020 22:17:27 +0200
Message-ID: <CAG0m4gSKa5K+KD-hHwk3JGj_JTSZh99bxQW49DZ4dKhQg_fvkg@mail.gmail.com>
To: dnsop@ietf.org
Content-Type: multipart/alternative; boundary="0000000000009ce63405a5007472"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/frnv-pugg09VT-3KbfVAwIhzdc8>
Subject: [DNSOP] Comments on draft-ietf-dnsop-svcb-httpssvc-02
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 06 May 2020 20:17:42 -0000

I have some minor comments and clarification questions.

1) in "Example: Protocol enhancements":

> and the key=value pairs indicate that it supports QUIC in addition to
> HTTPS over TLS

Should  "HTTPS over TLS" be "HTTPS over TCP"? HTTP3 is also HTTPS over TLS

2) Clarification question: Can  SvcDomainName point to another AliasForm
record? As I understand it, it cannot. It can point to a CNAME that points
to an AliasForm record.
The descriptions of the server and client behavior sections do not mention
this. Should they mention this again?
I am just wondering if the description in "Client behavior" and "DNS Server
Behavior" should be more precise and mention this constraint and also the
limit for a chains of CNAME and SVCB of 8?

3) Proxies should not use SVCB/HTTPSSVC. section "Clients using a Proxy"
should say that explicitly. (To make useful for a proxy to use
SVCB/HTTPSSVC records, there should be a way to communicate back to the
client about that SVCB/HTTPSSVC parameters. This does not exist at the
moment and will add a delay in some cases, etc.)

4) If no-default-alpn is present the alpn parameter must be present as
well, otherwise the "ALPN set" is empty?

5) A clarification question: In the section "ipv4hint and ipv6hint":

> An empty list of addresses is invalid.

Empty hints will not mean that the record is malformed, i.e. it is not a
fatal error that will make the whole record invalid?

6) Nit:

> As discussed in {{client-behavior}}, clients MUST be able fetch additional
> information that is required to use

s/MUST be able fetch/MUST be able to fetch