Re: [DNSOP] [Driu] [Doh] SRV and HTTP - 18:30 Tuesday (room change)

Tony Finch <dot@dotat.at> Wed, 18 July 2018 13:20 UTC

Return-Path: <dot@dotat.at>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0EE9C1311AE for <dnsop@ietfa.amsl.com>; Wed, 18 Jul 2018 06:20:45 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.199
X-Spam-Level:
X-Spam-Status: No, score=-4.199 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id JXlYCALUhWEt for <dnsop@ietfa.amsl.com>; Wed, 18 Jul 2018 06:20:38 -0700 (PDT)
Received: from ppsw-31.csi.cam.ac.uk (ppsw-31.csi.cam.ac.uk [131.111.8.131]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 76BC61311C3 for <dnsop@ietf.org>; Wed, 18 Jul 2018 06:20:38 -0700 (PDT)
X-Cam-AntiVirus: no malware found
X-Cam-ScannerInfo: http://help.uis.cam.ac.uk/email-scanner-virus
Received: from grey.csi.cam.ac.uk ([131.111.57.57]:59298) by ppsw-31.csi.cam.ac.uk (ppsw.cam.ac.uk [131.111.8.137]:25) with esmtps (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) id 1ffmNf-0003wR-Lf (Exim 4.91) (return-path <dot@dotat.at>); Wed, 18 Jul 2018 14:20:35 +0100
Date: Wed, 18 Jul 2018 14:20:35 +0100
From: Tony Finch <dot@dotat.at>
To: Ray Bellis <ray@bellis.me.uk>
cc: Shane Kerr <shane@time-travellers.org>, dnsop@ietf.org
In-Reply-To: <b0505195-0500-2110-de53-c961f13d8f4f@bellis.me.uk>
Message-ID: <alpine.DEB.2.20.1807181412550.3596@grey.csi.cam.ac.uk>
References: <m1fcoe5-0000GuC@stereo.hq.phicoh.net> <alpine.LRH.2.21.1807101056140.5219@bofh.nohats.ca> <4a845808-5348-d6e4-dda2-59aaf0e85c14@nostrum.com> <3DF5A66C-CCBF-4116-A1FC-35CF8E05808B@hopcount.ca> <e1675184-f0bc-670d-3db1-b99a9daf1657@nostrum.com> <CAJhMdTOZtOpF_aK-ZzP0DfkDMcAtTKFLdSpKkrSPvP1cOgnOjQ@mail.gmail.com> <e658445a-242b-5f94-f1fc-0bc4c850319d@nostrum.com> <CAJhMdTOPjhbOK=NQijnYZ3kCY_+f-87n7wwwuR38ifHUG5msqA@mail.gmail.com> <F6C1AF50-EB1B-4E09-9A72-229AD4AC7E57@mnot.net> <82099DED-CCB6-4CDC-BFE6-97B1AB3EB0A4@isc.org> <7A9000F5-0772-49FC-BDBB-862C8141BA54@mnot.net> <23365.25230.573067.921128@gro.dd.org> <23365.25333.904112.575031@gro.dd.org> <1F3A6A86-3520-4AC9-BA2C-0A462F42BB60@mnot.net> <8840E959-EB84-4D60-BB4B-B8D944BF13AF@mnot.net> <10038742-b65c-7d38-0628-315c34555619@time-travellers.org> <b0505195-0500-2110-de53-c961f13d8f4f@bellis.me.uk>
User-Agent: Alpine 2.20 (DEB 67 2015-01-07)
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/rCK7e8KoBfBE4T4RHzbNJA0Admg>
Subject: Re: [DNSOP] [Driu] [Doh] SRV and HTTP - 18:30 Tuesday (room change)
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.27
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 18 Jul 2018 13:20:47 -0000

[ pruned CC list ]

Ray Bellis <ray@bellis.me.uk> wrote:

> On 17/07/2018 19:43, Shane Kerr wrote:
>
> > Ray Bellis: ANAME shifts work to resolvers; a really bad idea.
>
> correction here - what I actually said was that in the transitional
> phase ANAME shifts work to * authoritatives *.

>From my perspective, it shifts work from manual / static to automated /
dynamic, which is a really good idea :-)

In my setup, with signed zones and traditional secondaries, it isn't
possible for most of my auth servers to actively expand ANAMEs, so the
extra auth work only happens on the primary / signer.

("active" / "passive" ANAME terminology from
https://mailarchive.ietf.org/arch/msg/dnsop/0HM5FkROQ8cBMSa5ZHwdsqGvKoQ)

Tony.
-- 
f.anthony.n.finch  <dot@dotat.at>  http://dotat.at/
North Biscay: Variable 3 or 4, becoming northerly or northeasterly 4 or 5.
Slight or moderate. Occasional rain later. Moderate or good.