[DNSOP] SVCB proposals
Ben Schwartz <bemasc@google.com> Thu, 18 February 2021 15:37 UTC
Return-Path: <bemasc@google.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 873463A1383 for <dnsop@ietfa.amsl.com>; Thu, 18 Feb 2021 07:37:09 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -17.599
X-Spam-Level:
X-Spam-Status: No, score=-17.599 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, ENV_AND_HDR_SPF_MATCH=-0.5, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, USER_IN_DEF_DKIM_WL=-7.5, USER_IN_DEF_SPF_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=google.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Jn_XtDXpMDDD for <dnsop@ietfa.amsl.com>; Thu, 18 Feb 2021 07:37:07 -0800 (PST)
Received: from mail-io1-xd31.google.com (mail-io1-xd31.google.com [IPv6:2607:f8b0:4864:20::d31]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B86CC3A136B for <dnsop@ietf.org>; Thu, 18 Feb 2021 07:37:07 -0800 (PST)
Received: by mail-io1-xd31.google.com with SMTP id u20so2388822iot.9 for <dnsop@ietf.org>; Thu, 18 Feb 2021 07:37:07 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:from:date:message-id:subject:to; bh=wvLizVQ9xu4neAgIySd37Fjoxs3Z+4t3eTDDMcki1AA=; b=LQJltjlHWStycG6eujlktlSYeIGzc0fT2Ux7dKMWgyQGYxg86772bYwDSU8Tv3IFMa iFDaOI4OOfkr8oBuL+F1Xt6MwgxsRCe7cFkvMy8j/DaLVBQOysBTUc71x8OauocWvp1+ xgwAi/RwZAFMXfdAuMUPgimhrYR4eo4GdM4JMzLAmkpg4t265um9e7rrIvlLl/hu9F2g USUKBGIc2xlLHmDnChS8B1Kmx/TVq1YTaQir7OEUCh7nMbH/WDof9rvmVQJkBi3oyzwr H0WNE0vfmiQT+oxBaVMTmWCHlRWmgUbgThLNQ7ViF4N6EV3b6YbLEkemw0ig6iw2eGXl Pw6g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=wvLizVQ9xu4neAgIySd37Fjoxs3Z+4t3eTDDMcki1AA=; b=HZ/2HW8d/dFURY+ardnje5dQCSgYFJSamdvtPaFznSROXET8TJUpV0uASRSJe/tilA zWxlYMs/i3rQ1RE71IwlH9xqQPF5gWun7nj//MXbwdTRVa4WY1bv5NFXknekeFm9bIfz qELJXRXP2nTm3vY7R4fnNTNjBMoeKpX7t18XrbthS8idYVz/ADIxoW7Kf0FJtNMouPGE LYA1Z0m5dWVGTPz67jwiZznyIhTmcqvR4MK0BzIAq7SFD9OmF6LeYHhJ/sj1/Fgpr/kN 2EAgTyjbN/Zs1Cefg1esmcOkS1NB4SpTXv628XOcXPwNHMSOHCWJawwVLFTuCfrJcBym zslw==
X-Gm-Message-State: AOAM532roSwY5QpdakxaKQEnFSa/BsOo1P9VELT8X/P/6LRKOYJRRcHs Gn6DKb+8aCXvLTqrTf7lVRLR9VuSKD9z/aWDlw+q6THC/EEd+w==
X-Google-Smtp-Source: ABdhPJxTsIIwjqnZ4Z/TLMN2+Rc/Hj9WEe0c/CRqhBI8rwl0+juqMUUAHKTqSOXLHRKYeC0KkyC5pkDpCUwpMWO62+4=
X-Received: by 2002:a05:6602:2486:: with SMTP id g6mr4018138ioe.134.1613662626452; Thu, 18 Feb 2021 07:37:06 -0800 (PST)
MIME-Version: 1.0
From: Ben Schwartz <bemasc@google.com>
Date: Thu, 18 Feb 2021 10:36:55 -0500
Message-ID: <CAHbrMsCJ1AE2D8TL=q2STq0MpFYFLpuF8CFQKiSzhwi+TqdOyA@mail.gmail.com>
To: dnsop <dnsop@ietf.org>
Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg="sha-256"; boundary="000000000000aa22cc05bb9e1b9d"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/i_U0MtYuQXT2xeiRMGkzK_pmWrU>
Subject: [DNSOP] SVCB proposals
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 18 Feb 2021 15:37:10 -0000
The SVCB/HTTPS RR draft is nearing completion, but there are a few remaining topics on which the authors would appreciate feedback from the working group. Personally, I've written up three proposed changes that would benefit from broader input. Please share your thoughts. 1. Change IANA policy to Specification Required (https://github.com/MikeBishop/dns-alt-svc/pull/262/files) The current proposed IANA policy for SvcParamKeys has allocatable ranges under three different policies ("Standards Action", "Expert Review", and "First Come First Served"). This is very flexible and enables experimentation, but creates compatibility risk: a FCFS SvcParamKey could be allocated without a clear specification of its zone file syntax, leading to zone file portability issues. This proposal would replace all these ranges with a uniform Specification Required policy. The required documentation is minimal: it is only required to describe the zone file format. 2. Skip the default port prefix (https://github.com/MikeBishop/dns-alt-svc/pull/230/files) Using SVCB with a new protocol requires the initial QNAME to end with _(scheme).$HOSTNAME. The current text suggests (non-normatively) to add _$PORT for endpoints that are identified by a port number. This turns out to be inelegant for protocols that almost always use the default port. For example, in the DNS mapping (draft-schwartz-svcb-dns), this would correspond to names like "_53._dns.resolver.example". This proposal would change the guidance to skip the port prefix when starting with the default port (like "_dns.resolver.example"). 3. Add a SHOULD-level chain length limit for zone owners https://github.com/MikeBishop/dns-alt-svc/pull/294/files Constructing huge chains of CNAME and AliasMode records is clearly a bad idea, but how huge is too huge? This change suggests not to use more than 8. This doesn't change the requirements for resolvers (which are free to impose any limit greater than zero) but it might help us to converge on common behavior. --Ben Schwartz
- [DNSOP] SVCB proposals Ben Schwartz
- Re: [DNSOP] SVCB proposals Tommy Pauly
- Re: [DNSOP] SVCB proposals Ben Schwartz