Re: [DNSOP] Minimum viable ANAME
Tony Finch <dot@dotat.at> Fri, 21 September 2018 11:03 UTC
Return-Path: <dot@dotat.at>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EF7D3130E89 for <dnsop@ietfa.amsl.com>; Fri, 21 Sep 2018 04:03:18 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.199
X-Spam-Level:
X-Spam-Status: No, score=-4.199 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id my2pp46mzWck for <dnsop@ietfa.amsl.com>; Fri, 21 Sep 2018 04:03:16 -0700 (PDT)
Received: from ppsw-32.csi.cam.ac.uk (ppsw-32.csi.cam.ac.uk [131.111.8.132]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AF5CD130EEE for <dnsop@ietf.org>; Fri, 21 Sep 2018 04:03:16 -0700 (PDT)
X-Cam-AntiVirus: no malware found
X-Cam-ScannerInfo: http://help.uis.cam.ac.uk/email-scanner-virus
Received: from grey.csi.cam.ac.uk ([131.111.57.57]:48896) by ppsw-32.csi.cam.ac.uk (ppsw.cam.ac.uk [131.111.8.138]:25) with esmtps (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) id 1g3JDN-0011Y6-19 (Exim 4.91) (return-path <dot@dotat.at>); Fri, 21 Sep 2018 12:03:13 +0100
Date: Fri, 21 Sep 2018 12:03:13 +0100
From: Tony Finch <dot@dotat.at>
To: 神明達哉 <jinmei@wide.ad.jp>
cc: dnsop <dnsop@ietf.org>
In-Reply-To: <CAJE_bqc_ZK1k-G1aZoS_aRtKfYX-=7nt8QHy7Gq-8BJdq_=QFw@mail.gmail.com>
Message-ID: <alpine.DEB.2.20.1809211147440.3596@grey.csi.cam.ac.uk>
References: <alpine.DEB.2.20.1809191455190.3596@grey.csi.cam.ac.uk> <CAJE_bqc_ZK1k-G1aZoS_aRtKfYX-=7nt8QHy7Gq-8BJdq_=QFw@mail.gmail.com>
User-Agent: Alpine 2.20 (DEB 67 2015-01-07)
MIME-Version: 1.0
Content-Type: multipart/mixed; BOUNDARY="1870870841-558780850-1537527793=:3596"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/quuMQOcjmS9j_bGLUecpEgOgte0>
Subject: Re: [DNSOP] Minimum viable ANAME
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 21 Sep 2018 11:03:25 -0000
神明達哉 <jinmei@wide.ad.jp> wrote: > > I'm not sure how we can expect this model to deploy in practice. With > this model, the zone admin will need to develop an additional script > or something integrated into whatever the provisioning framework they > are using. Is that the assumption? I would like it to be integrated into the DNS server, like automatic DNSSEC signing. But you can implement it as a bag on the side and lots of places have already done that. (I have a half-arsed implementation which I desperately want to replace with something better.) > Perhaps primary server implementations may eventually have some level > of support that makes this provisioning much less painful (in a way > other than performing on-demand resolution). If and when many popular > implementations do it in a convenient way (at least as convenient as > the proprietary alternatives), we may hope the new model with ANAME > optimization will start to deploy, eventually with wider deployment of > the optimization part as more resolvers support it. It doesn't have to be sequential like that: the additional section processing on auth and rec servers, and resolver ANAME optimization won't cause any interop problems, so they can be deployed whenever the code is ready and they'll have a useful effect when they encounter an ANAME record. Tony. -- f.anthony.n.finch <dot@dotat.at> http://dotat.at/ Rockall, Malin, Hebrides, Bailey: Northwest 5 to 7, occasionally gale 8 except in Rockall, decreasing 4 later. Rough or very rough, becoming moderate or rough except in Bailey. Showers. Moderate or good.
- [DNSOP] Minimum viable ANAME Tony Finch
- Re: [DNSOP] Minimum viable ANAME Anthony Eden
- Re: [DNSOP] Minimum viable ANAME Tony Finch
- Re: [DNSOP] Minimum viable ANAME Paul Vixie
- Re: [DNSOP] Minimum viable ANAME Paul Wouters
- Re: [DNSOP] Minimum viable ANAME Tony Finch
- Re: [DNSOP] Minimum viable ANAME John Levine
- Re: [DNSOP] Minimum viable ANAME Tony Finch
- Re: [DNSOP] Minimum viable ANAME Paul Wouters
- Re: [DNSOP] Minimum viable ANAME Mukund Sivaraman
- Re: [DNSOP] Minimum viable ANAME Tony Finch
- Re: [DNSOP] Minimum viable ANAME Tony Finch
- Re: [DNSOP] Minimum viable ANAME 神明達哉
- Re: [DNSOP] Minimum viable ANAME Tony Finch
- Re: [DNSOP] Minimum viable ANAME Dan York
- Re: [DNSOP] Minimum viable ANAME Matthew Pounsett
- Re: [DNSOP] Minimum viable ANAME 神明達哉
- Re: [DNSOP] Minimum viable ANAME JW
- Re: [DNSOP] Minimum viable ANAME Ray Bellis
- Re: [DNSOP] Minimum viable ANAME Havard Eidnes
- Re: [DNSOP] Minimum viable ANAME Tony Finch
- Re: [DNSOP] Minimum viable ANAME Havard Eidnes
- Re: [DNSOP] Minimum viable ANAME Tim Wicinski
- Re: [DNSOP] Minimum viable ANAME Tony Finch
- Re: [DNSOP] Minimum viable ANAME Havard Eidnes
- Re: [DNSOP] Minimum viable ANAME Ray Bellis
- Re: [DNSOP] Minimum viable ANAME Erik Nygren
- Re: [DNSOP] Minimum viable ANAME Paul Vixie
- Re: [DNSOP] Minimum viable ANAME Ray Bellis
- Re: [DNSOP] Minimum viable ANAME Ray Bellis
- Re: [DNSOP] Minimum viable ANAME Paul Vixie
- Re: [DNSOP] Minimum viable ANAME Mark Andrews
- Re: [DNSOP] Minimum viable ANAME Paul Vixie
- Re: [DNSOP] Minimum viable ANAME Mark Andrews
- Re: [DNSOP] Minimum viable ANAME Brian Dickson
- Re: [DNSOP] Minimum viable ANAME Ray Bellis
- Re: [DNSOP] Minimum viable ANAME Tim Wicinski
- Re: [DNSOP] Minimum viable ANAME Paul Vixie
- Re: [DNSOP] Minimum viable ANAME Ben Schwartz
- Re: [DNSOP] Minimum viable ANAME Matthijs Mekking
- Re: [DNSOP] Minimum viable ANAME Ray Bellis
- Re: [DNSOP] Minimum viable ANAME Tim Wicinski
- Re: [DNSOP] Minimum viable ANAME Ray Bellis
- Re: [DNSOP] Minimum viable ANAME Matthijs Mekking
- Re: [DNSOP] Minimum viable ANAME Ray Bellis
- Re: [DNSOP] Minimum viable ANAME Matthijs Mekking
- Re: [DNSOP] Minimum viable ANAME Mark Andrews
- Re: [DNSOP] Minimum viable ANAME Mark Andrews
- Re: [DNSOP] Minimum viable ANAME Ben Schwartz
- Re: [DNSOP] Minimum viable ANAME Mark Andrews
- [DNSOP] ALTSRV Masataka Ohta
- Re: [DNSOP] Minimum viable ANAME Ben Schwartz
- Re: [DNSOP] Minimum viable ANAME Mark Andrews
- Re: [DNSOP] Minimum viable ANAME Olli Vanhoja
- Re: [DNSOP] Minimum viable ANAME tjw ietf
- Re: [DNSOP] Minimum viable ANAME Dan York
- Re: [DNSOP] Minimum viable ANAME Tony Finch
- Re: [DNSOP] Minimum viable ANAME Matthijs Mekking
- Re: [DNSOP] Minimum viable ANAME Matthijs Mekking
- Re: [DNSOP] Minimum viable ANAME Matthijs Mekking
- Re: [DNSOP] Minimum viable ANAME Tony Finch
- Re: [DNSOP] Minimum viable ANAME Tony Finch
- Re: [DNSOP] Minimum viable ANAME Brian Dickson
- Re: [DNSOP] Minimum viable ANAME Matthijs Mekking
- Re: [DNSOP] Minimum viable ANAME Vladimír Čunát
- Re: [DNSOP] Minimum viable ANAME Olli Vanhoja
- Re: [DNSOP] Minimum viable ANAME Vladimír Čunát
- Re: [DNSOP] Minimum viable ANAME Brian Dickson
- Re: [DNSOP] Minimum viable ANAME Olli Vanhoja
- Re: [DNSOP] Minimum viable ANAME Brian Dickson
- Re: [DNSOP] Minimum viable ANAME Olli Vanhoja
- Re: [DNSOP] Minimum viable ANAME Tony Finch
- Re: [DNSOP] Minimum viable ANAME Dan York
- Re: [DNSOP] Minimum viable ANAME Benno Overeinder