Re: [DNSOP] abandoning ANAME and standardizing CNAME at apex
Joe Abley <jabley@automagic.org> Tue, 19 June 2018 21:09 UTC
Return-Path: <jabley@automagic.org>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6E66B130E09 for <dnsop@ietfa.amsl.com>; Tue, 19 Jun 2018 14:09:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.997
X-Spam-Level:
X-Spam-Status: No, score=-0.997 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, RDNS_NONE=0.793, SPF_PASS=-0.001, T_DKIM_INVALID=0.01, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=fail (1024-bit key) reason="fail (OpenSSL error: data too large for key size)" header.d=automagic.org
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HUKkZy9hW1_p for <dnsop@ietfa.amsl.com>; Tue, 19 Jun 2018 14:09:13 -0700 (PDT)
Received: from mail.hopcount.ca (unknown [IPv6:2001:4900:1:392::156]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 739EE130F19 for <dnsop@ietf.org>; Tue, 19 Jun 2018 14:09:13 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=simple/simple; d=automagic.org ; s=hopcount; h=To:References:Resent-To:Message-Id:Resent-Date:Cc:Date: Resent-From:In-Reply-To:From:Content-Type:Mime-Version:Subject:Sender: Reply-To:Content-Transfer-Encoding:Content-ID:Content-Description: Resent-Sender:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=Whj8yzlZ4BYtg+aCCmLkA9tCoOr0BAK11LFcHGzlD2M=; b=hRBzi4trY9B5/p7V6wOkU51LY2 fyLaxVfn7bu5Pxo/OFLvaaAAsxx90lulXUXWRHMyxJskDj6L2ftZaL/cQW0aPGWtGL7qirW9m8bKF NbFgTCwxSj9WsGwSmkYz4a7nMD6SXB63Y7S7IEASOAtmDi3MtI9iaTuq2w+8sS8vte7Vdv2No4QoR w1ypBt/EY+RTCvwUhj1hlxT4mPkJLelKqs85uMCjF+Jhk2t5B8KQuUmROQ/Z4CodXct0gIDYMSFrO Y8voqyIMDGa7WUuaya1TLJ2oRFDfEnr7GYe/mpeAVHbzDnhs2YYW/FmrYVmBZk7IwH6JuP6Corw6X IKmJR4hw==;
Received: from [23.233.21.69] (helo=[199.212.90.48]) by mail.hopcount.ca with esmtpsa (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.90_1 (FreeBSD)) (envelope-from <jabley@automagic.org>) id 1fVNsG-00070k-HT for dnsop@ietf.org; Tue, 19 Jun 2018 21:09:12 +0000
Mime-Version: 1.0 (Mac OS X Mail 11.4 \(3445.8.2\))
Content-Type: multipart/signed; boundary="Apple-Mail=_2D529F24-D41E-4B18-AD31-86F4BE439F1B"; protocol="application/pgp-signature"; micalg="pgp-sha1"
From: Joe Abley <jabley@automagic.org>
In-Reply-To: <9a0d1bae-dc58-99b5-40d1-caa7737dbfb1@bellis.me.uk>
Resent-From: Joe Abley <jabley@automagic.org>
Date: Tue, 19 Jun 2018 17:08:00 -0400
Cc: Tony Finch <dot@dotat.at>, dnsop@ietf.org
Resent-Date: Tue, 19 Jun 2018 17:09:11 -0400
Message-Id: <1B7B2BB4-F0AE-4188-B89B-DF032BE7A237@automagic.org>
Resent-To: "dnsop@ietf.org WG" <dnsop@ietf.org>
References: <b73f3dc7-b378-d5d8-c7a2-42bc4326fbae@nic.cz> <alpine.DEB.2.11.1806191428250.916@grey.csi.cam.ac.uk> <691FC45D-E5B6-4131-95BF-878520351F3A@gmail.com> <bf0ba568-1a18-f8cf-c1a0-3f547d642a78@bellis.me.uk> <0438207E-A4C2-434D-9507-9D9F54765CFB@puck.nether.net> <alpine.DEB.2.11.1806191649350.916@grey.csi.cam.ac.uk> <9a0d1bae-dc58-99b5-40d1-caa7737dbfb1@bellis.me.uk>
To: Ray Bellis <ray@bellis.me.uk>
X-Mailer: Apple Mail (2.3445.8.2)
X-SA-Exim-Connect-IP: 23.233.21.69
X-SA-Exim-Mail-From: jabley@automagic.org
X-SA-Exim-Scanned: No (on mail.hopcount.ca); SAEximRunCond expanded to false
Resent-Message-Id: <20180619210913.739EE130F19@ietfa.amsl.com>
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/qFjh3RYp3oLSWKwi_BVYIEuTLRY>
X-Mailman-Approved-At: Fri, 22 Jun 2018 05:57:28 -0700
Subject: Re: [DNSOP] abandoning ANAME and standardizing CNAME at apex
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.26
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 19 Jun 2018 21:09:15 -0000
On 19 Jun 2018, at 17:03, Ray Bellis <ray@bellis.me.uk> wrote: > On 19/06/2018 17:44, Tony Finch wrote: > >> SRV should have been part of the fix (and it was invented early >> enough to be!) but it wasn't a complete fix without support from the >> application protocols. > > AIUI, a large part of the supposed issue with SRV was the inertia of the > installed base of browsers that wouldn't know how to access them. > > Ironically the proposed fix seems to require upgrades to the > installed base of one of the most important network infrastructure > services on the planet. > > Meanwhile, a very large portion of the installed base of web browsers > gets automatically and silently upgraded every month or so... I think so long as there's a fallback for clients that don't yet have SRV implemented (e.g. publish A/AAAA RRSets at the same owner name as the SRV RRSet, and specify the behaviour by SRV-compliant servers in the event that both are present) this is not a plausible engineering argument. Processing an SRV might require additional DNS lookups to get name -> SRV -> SRV target -> address, but that's a one-time hit per TTL and I think it's a stretch to paint that as definitely a problem. Modelling is required and worst cases remain to be understood. If there are definitive problems it would be good to hear what they are. It has always sounded to me like the problem is "this is not how we did things before". Perhaps the cost of change is not actually in the client, but in the provisioning/client education/product packaging across all web and hosting services? Joe
- Re: [DNSOP] abandoning ANAME and standardizing CN… Evan Hunt
- Re: [DNSOP] abandoning ANAME and standardizing CN… Joe Abley
- Re: [DNSOP] faux BNAME, was abandoning ANAME and … John Levine
- Re: [DNSOP] abandoning ANAME and standardizing CN… Tony Finch
- Re: [DNSOP] abandoning ANAME and standardizing CN… John Levine
- Re: [DNSOP] abandoning ANAME and standardizing CN… Paul Vixie
- Re: [DNSOP] abandoning ANAME and standardizing CN… Mark Andrews
- Re: [DNSOP] abandoning ANAME and standardizing CN… Ray Bellis
- Re: [DNSOP] abandoning ANAME and standardizing CN… Jan Včelák
- Re: [DNSOP] abandoning ANAME and standardizing CN… Mark Andrews
- Re: [DNSOP] abandoning ANAME and standardizing CN… Paul Ebersman
- Re: [DNSOP] abandoning ANAME and standardizing CN… Mark Andrews
- Re: [DNSOP] abandoning ANAME and standardizing CN… Mark Andrews
- Re: [DNSOP] abandoning ANAME and standardizing CN… Paul Vixie
- Re: [DNSOP] abandoning ANAME and standardizing CN… David Conrad
- Re: [DNSOP] abandoning ANAME and standardizing CN… Paul Vixie
- Re: [DNSOP] abandoning ANAME and standardizing CN… Tony Finch
- Re: [DNSOP] abandoning ANAME and standardizing CN… Tony Finch
- Re: [DNSOP] abandoning ANAME and standardizing CN… Ray Bellis
- Re: [DNSOP] abandoning ANAME and standardizing CN… Ondřej Surý
- Re: [DNSOP] abandoning ANAME and standardizing CN… Paul Wouters
- Re: [DNSOP] abandoning ANAME and standardizing CN… Matthew Pounsett
- Re: [DNSOP] abandoning ANAME and standardizing CN… Joe Abley
- Re: [DNSOP] abandoning ANAME and standardizing CN… John Levine
- Re: [DNSOP] abandoning ANAME and standardizing CN… Tony Finch
- Re: [DNSOP] abandoning ANAME and standardizing CN… Paul Vixie
- Re: [DNSOP] abandoning ANAME and standardizing CN… Colm MacCárthaigh
- Re: [DNSOP] abandoning ANAME and standardizing CN… Tony Finch
- Re: [DNSOP] abandoning ANAME and standardizing CN… Tony Finch
- Re: [DNSOP] abandoning ANAME and standardizing CN… Anthony Eden
- Re: [DNSOP] abandoning ANAME and standardizing CN… Erik Nygren
- Re: [DNSOP] abandoning ANAME and standardizing CN… Ray Bellis
- Re: [DNSOP] abandoning ANAME and standardizing CN… Jared Mauch
- Re: [DNSOP] abandoning ANAME and standardizing CN… Paul Wouters
- Re: [DNSOP] abandoning ANAME and standardizing CN… Ray Bellis
- Re: [DNSOP] abandoning ANAME and standardizing CN… Tony Finch
- Re: [DNSOP] abandoning ANAME and standardizing CN… Joe Abley
- Re: [DNSOP] abandoning ANAME and standardizing CN… Lanlan Pan
- Re: [DNSOP] abandoning ANAME and standardizing CN… tjw ietf
- Re: [DNSOP] abandoning ANAME and standardizing CN… Colm MacCárthaigh
- Re: [DNSOP] abandoning ANAME and standardizing CN… Tony Finch
- [DNSOP] abandoning ANAME and standardizing CNAME … Petr Špaček
- Re: [DNSOP] abandoning ANAME and standardizing CN… Tony Finch
- Re: [DNSOP] abandoning ANAME and standardizing CN… Tony Finch
- Re: [DNSOP] abandoning ANAME and standardizing CN… Ray Bellis
- Re: [DNSOP] abandoning ANAME and standardizing CN… Viktor Dukhovni
- Re: [DNSOP] abandoning ANAME and standardizing CN… Evan Hunt
- Re: [DNSOP] abandoning ANAME and standardizing CN… Joe Abley
- Re: [DNSOP] abandoning ANAME and standardizing CN… Paul Vixie
- Re: [DNSOP] abandoning ANAME and standardizing CN… Shumon Huque
- Re: [DNSOP] abandoning ANAME and standardizing CN… Paul Vixie
- Re: [DNSOP] abandoning ANAME and standardizing CN… Joe Abley
- Re: [DNSOP] abandoning ANAME and standardizing CN… Viktor Dukhovni
- Re: [DNSOP] abandoning ANAME and standardizing CN… Evan Hunt
- Re: [DNSOP] abandoning ANAME and standardizing CN… Paul Vixie
- Re: [DNSOP] abandoning ANAME and standardizing CN… Mark Andrews
- Re: [DNSOP] abandoning ANAME and standardizing CN… 神明達哉
- Re: [DNSOP] abandoning ANAME and standardizing CN… Tony Finch
- Re: [DNSOP] abandoning ANAME and standardizing CN… Paul Vixie
- Re: [DNSOP] abandoning ANAME and standardizing CN… Shumon Huque
- Re: [DNSOP] abandoning ANAME and standardizing CN… Warren Kumari
- Re: [DNSOP] abandoning ANAME and standardizing CN… John R Levine
- Re: [DNSOP] abandoning ANAME and standardizing CN… Evan Hunt
- Re: [DNSOP] abandoning ANAME and standardizing CN… Lanlan Pan
- Re: [DNSOP] abandoning ANAME and standardizing CN… Evan Hunt
- Re: [DNSOP] abandoning ANAME and standardizing CN… John R Levine
- Re: [DNSOP] abandoning ANAME and standardizing CN… Evan Hunt
- Re: [DNSOP] abandoning ANAME and standardizing CN… Warren Kumari
- Re: [DNSOP] abandoning ANAME and standardizing CN… Mukund Sivaraman
- Re: [DNSOP] Creating a query/record for A and AAAA Paul Vixie
- Re: [DNSOP] Creating a query/record for A and AAAA Michael Sheldon
- Re: [DNSOP] Creating a query/record for A and AAAA Paul Vixie
- [DNSOP] Creating a query/record for A and AAAA Michael Sheldon
- Re: [DNSOP] Creating a query/record for A and AAAA Paul Wouters
- Re: [DNSOP] Creating a query/record for A and AAAA Mark Andrews
- Re: [DNSOP] Creating a query/record for A and AAAA Tony Finch
- Re: [DNSOP] Creating a query/record for A and AAAA Ondřej Surý
- Re: [DNSOP] Creating a query/record for A and AAAA Jared Mauch
- Re: [DNSOP] Creating a query/record for A and AAAA Paul Wouters
- Re: [DNSOP] Creating a query/record for A and AAAA Ray Bellis
- Re: [DNSOP] Creating a query/record for A and AAAA Ray Bellis
- Re: [DNSOP] Creating a query/record for A and AAAA Paul Vixie
- Re: [DNSOP] abandoning ANAME and standardizing CN… Tim Wicinski
- Re: [DNSOP] abandoning ANAME and standardizing CN… Brian Dickson
- Re: [DNSOP] abandoning ANAME and standardizing CN… Tony Finch
- Re: [DNSOP] abandoning ANAME and standardizing CN… Paul Hoffman
- Re: [DNSOP] abandoning ANAME and standardizing CN… Paul Vixie
- Re: [DNSOP] abandoning ANAME and standardizing CN… Matthijs Mekking
- Re: [DNSOP] abandoning ANAME and standardizing CN… Mukund Sivaraman
- Re: [DNSOP] abandoning ANAME and standardizing CN… Paul Vixie
- Re: [DNSOP] abandoning ANAME and standardizing CN… Dan York
- Re: [DNSOP] abandoning ANAME and standardizing CN… Evan Hunt
- Re: [DNSOP] abandoning ANAME and standardizing CN… Stephane Bortzmeyer
- Re: [DNSOP] abandoning ANAME and standardizing CN… Stephane Bortzmeyer
- Re: [DNSOP] abandoning ANAME and standardizing CN… Ray Bellis
- Re: [DNSOP] abandoning ANAME and standardizing CN… Mukund Sivaraman
- Re: [DNSOP] abandoning ANAME and standardizing CN… Ray Bellis
- Re: [DNSOP] abandoning ANAME and standardizing CN… Mukund Sivaraman
- Re: [DNSOP] abandoning ANAME and standardizing CN… Petr Špaček
- Re: [DNSOP] abandoning ANAME and standardizing CN… Mukund Sivaraman
- Re: [DNSOP] abandoning ANAME and standardizing CN… Evan Hunt
- Re: [DNSOP] abandoning ANAME and standardizing CN… Mukund Sivaraman
- Re: [DNSOP] abandoning ANAME and standardizing CN… Mark Andrews
- Re: [DNSOP] abandoning ANAME and standardizing CN… JW
- Re: [DNSOP] abandoning ANAME and standardizing CN… Mark Andrews
- Re: [DNSOP] abandoning ANAME and standardizing CN… Petr Špaček
- Re: [DNSOP] abandoning ANAME and standardizing CN… Stephane Bortzmeyer
- Re: [DNSOP] abandoning ANAME and standardizing CN… Mukund Sivaraman
- Re: [DNSOP] abandoning ANAME and standardizing CN… Mark Andrews
- Re: [DNSOP] abandoning ANAME and standardizing CN… Petr Špaček
- Re: [DNSOP] abandoning ANAME and standardizing CN… Mukund Sivaraman