Re: [DNSOP] Root reasons (aka "why") - HTTP vs SRV vs ANAME vs CNAME

Ray Bellis <ray@bellis.me.uk> Fri, 09 November 2018 00:57 UTC

Return-Path: <ray@bellis.me.uk>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B7005130DD0 for <dnsop@ietfa.amsl.com>; Thu, 8 Nov 2018 16:57:42 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id saQCMvsFU8t3 for <dnsop@ietfa.amsl.com>; Thu, 8 Nov 2018 16:57:40 -0800 (PST)
Received: from hydrogen.portfast.net (hydrogen.portfast.net [188.246.200.2]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AE7FC130DC1 for <dnsop@ietf.org>; Thu, 8 Nov 2018 16:57:40 -0800 (PST)
Received: from cm-114-109-178-6.revip13.asianet.co.th ([114.109.178.6]:54407 helo=Rays-MacBook-Pro.local) by hydrogen.portfast.net ([188.246.200.2]:465) with esmtpsa (fixed_plain:ray@bellis.me.uk) (TLS1.0:RSA_AES_128_CBC_SHA1:16) id 1gKv79-0006Gd-8f (Exim 4.72) for dnsop@ietf.org (return-path <ray@bellis.me.uk>); Fri, 09 Nov 2018 00:57:35 +0000
To: dnsop@ietf.org
References: <CAH1iCirLfSEUcTf=p5bHuFJSFie_BoPh4X=89w2mpxgNpR9HkA@mail.gmail.com> <2BDA0411-202D-4199-A43B-3FDC50DC47F5@isoc.org> <CAH1iCirdkU-jYLRGeOm3DcdsReShyOez3oU5hw5sJYEtQyyqGw@mail.gmail.com> <D378E8F5-A667-4649-90ED-7C3612F0A013@isoc.org> <a4087032-acb2-0f2e-f84b-31d2885d8390@bellis.me.uk> <alpine.DEB.2.20.1811081801580.3596@grey.csi.cam.ac.uk> <7702EE25-1B10-4880-804C-C7CF5FE609C8@isc.org> <A7834682-C078-4E7F-985E-8FBBF387AC66@dotat.at>
From: Ray Bellis <ray@bellis.me.uk>
Message-ID: <57fff590-9e0f-0510-9c8a-bc0abab471b6@bellis.me.uk>
Date: Fri, 9 Nov 2018 07:57:35 +0700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.14; rv:60.0) Gecko/20100101 Thunderbird/60.3.0
MIME-Version: 1.0
In-Reply-To: <A7834682-C078-4E7F-985E-8FBBF387AC66@dotat.at>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Language: en-GB
Content-Transfer-Encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/zID_lpgUWs0oPlt17J_7i0LE45c>
Subject: Re: [DNSOP] Root reasons (aka "why") - HTTP vs SRV vs ANAME vs CNAME
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 09 Nov 2018 00:57:43 -0000


On 09/11/2018 07:14, Tony Finch wrote:
> But remember: the goal is to make the DNS easier to use for people
> who don’t know about the restrictions on CNAMEs.

I'd say the goal is to make the DNS *possible* to use for people who
don't know about the restrictions on CNAMEs.

I concede that ANAME perhaps makes that easier than HTTP does, but it 
does so at the expense of significant complexity in authority servers by 
still requiring A and AAAA lookups to be somehow "magic", and doesn't 
fix the architectural problem of lack of a service identifier.

My long-term goal would be to never have an A or AAAA record appear in 
the DNS other than at the owner name of an actual hostname.

Ray