[dnsoverhttp] Post-Seoul thoughts
Paul Hoffman <paul.hoffman@icann.org> Tue, 22 November 2016 18:14 UTC
Return-Path: <paul.hoffman@icann.org>
X-Original-To: dnsoverhttp@ietfa.amsl.com
Delivered-To: dnsoverhttp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D018C129ADE for <dnsoverhttp@ietfa.amsl.com>; Tue, 22 Nov 2016 10:14:11 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.698
X-Spam-Level:
X-Spam-Status: No, score=-5.698 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-1.497, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4o9NbRkwlRfl for <dnsoverhttp@ietfa.amsl.com>; Tue, 22 Nov 2016 10:14:08 -0800 (PST)
Received: from out.west.pexch112.icann.org (pfe112-ca-1.pexch112.icann.org [64.78.40.7]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2764E129A7E for <dnsoverhttp@ietf.org>; Tue, 22 Nov 2016 10:13:00 -0800 (PST)
Received: from PMBX112-W1-CA-1.pexch112.icann.org (64.78.40.21) by PMBX112-W1-CA-2.pexch112.icann.org (64.78.40.23) with Microsoft SMTP Server (TLS) id 15.0.1178.4; Tue, 22 Nov 2016 10:12:57 -0800
Received: from PMBX112-W1-CA-1.pexch112.icann.org ([64.78.40.21]) by PMBX112-W1-CA-1.PEXCH112.ICANN.ORG ([64.78.40.21]) with mapi id 15.00.1178.000; Tue, 22 Nov 2016 10:12:57 -0800
From: Paul Hoffman <paul.hoffman@icann.org>
To: "dnsoverhttp@ietf.org" <dnsoverhttp@ietf.org>
Thread-Topic: Post-Seoul thoughts
Thread-Index: AQHSROwNuaY0JcvekkCAff0BIJspHA==
Date: Tue, 22 Nov 2016 18:12:57 +0000
Message-ID: <DCC70406-E4C6-4F50-8D6A-CE9E16010A54@icann.org>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
x-ms-exchange-messagesentrepresentingtype: 1
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [192.0.32.234]
Content-Type: multipart/signed; boundary="Apple-Mail=_B173383B-A099-4F5E-82E3-1617D27E7728"; protocol="application/pkcs7-signature"; micalg="sha1"
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsoverhttp/71m8aW1ewXJh8xHelLsPveC_wSc>
Subject: [dnsoverhttp] Post-Seoul thoughts
X-BeenThere: dnsoverhttp@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Discussion of DNS over HTTP <dnsoverhttp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsoverhttp>, <mailto:dnsoverhttp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsoverhttp/>
List-Post: <mailto:dnsoverhttp@ietf.org>
List-Help: <mailto:dnsoverhttp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsoverhttp>, <mailto:dnsoverhttp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 22 Nov 2016 18:14:12 -0000
Greetings. The gathering in Seoul was useful and pretty interesting. One thing that didn't get mentioned in the loose minutes taken by two folks was that someone mentioned was that HTTP servers might not want to use DNS-over-HTTP to push DNS data into clients but instead to use <link rel="dns-prefetch"> to cause the client to prefetch the DNS data itself. Doing this completely alleviates some of the questions that were raised in the meeting about the security model of the client trusting the server's data. Given dns-prefetch, the use cases for DNS-over-HTTP maybe reduce to: - update of DNS information - a different transport for getting DNS information - tunneling through aggressive firewalls Does that seem right to other folks? --Paul Hoffman
- [dnsoverhttp] Post-Seoul thoughts Paul Hoffman
- Re: [dnsoverhttp] Post-Seoul thoughts Patrick McManus
- Re: [dnsoverhttp] Post-Seoul thoughts Patrick McManus
- Re: [dnsoverhttp] Post-Seoul thoughts Shane Kerr