[dnsoverhttp] Thinking about inlining DNS in HTTP
Patrick McManus <pmcmanus@mozilla.com> Fri, 16 September 2016 16:29 UTC
Return-Path: <pmcmanus@mozilla.com>
X-Original-To: dnsoverhttp@ietfa.amsl.com
Delivered-To: dnsoverhttp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1])
by ietfa.amsl.com (Postfix) with ESMTP id F16C812B2CA
for <dnsoverhttp@ietfa.amsl.com>; Fri, 16 Sep 2016 09:29:48 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.234
X-Spam-Level:
X-Spam-Status: No, score=-1.234 tagged_above=-999 required=5
tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_SORBS_SPAM=0.001,
SPF_HELO_PASS=-0.001, SPF_SOFTFAIL=0.665]
autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44])
by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id vdTA7zkZlXoa for <dnsoverhttp@ietfa.amsl.com>;
Fri, 16 Sep 2016 09:29:47 -0700 (PDT)
Received: from linode64.ducksong.com (www.ducksong.com [192.155.95.102])
by ietfa.amsl.com (Postfix) with ESMTP id E3B9D12B2BB
for <dnsoverhttp@ietf.org>; Fri, 16 Sep 2016 09:29:46 -0700 (PDT)
Received: from mail-io0-f170.google.com (mail-io0-f170.google.com
[209.85.223.170])
by linode64.ducksong.com (Postfix) with ESMTPSA id 676CD3A06D
for <dnsoverhttp@ietf.org>; Fri, 16 Sep 2016 12:29:38 -0400 (EDT)
Received: by mail-io0-f170.google.com with SMTP id q92so31208327ioi.1
for <dnsoverhttp@ietf.org>; Fri, 16 Sep 2016 09:29:38 -0700 (PDT)
X-Gm-Message-State: AE9vXwPcJC6cpLRf7Pa+f2JEPkMpN8V+c2hGShYBSQPOdX9a0pQoiqTCFGyEFSbI5Ke0m0aFyCZ8TLkEa3xNRg==
X-Received: by 10.107.19.37 with SMTP id b37mr25339449ioj.162.1474043377862;
Fri, 16 Sep 2016 09:29:37 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.64.148.50 with HTTP; Fri, 16 Sep 2016 09:29:37 -0700 (PDT)
From: Patrick McManus <pmcmanus@mozilla.com>
Date: Fri, 16 Sep 2016 12:29:37 -0400
X-Gmail-Original-Message-ID: <CAOdDvNqBUacK5oCs3V4sYi+F3Yhqf2e5NiNC1LuPz+jAeuQ4gw@mail.gmail.com>
Message-ID: <CAOdDvNqBUacK5oCs3V4sYi+F3Yhqf2e5NiNC1LuPz+jAeuQ4gw@mail.gmail.com>
To: dnsoverhttp@ietf.org
Content-Type: multipart/alternative; boundary=001a113dea0eebda2b053ca2773d
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsoverhttp/AQRnfaBwcaZjPiNMjXOooOv_51Q>
Subject: [dnsoverhttp] Thinking about inlining DNS in HTTP
X-BeenThere: dnsoverhttp@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Discussion of DNS over HTTP <dnsoverhttp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsoverhttp>,
<mailto:dnsoverhttp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsoverhttp/>
List-Post: <mailto:dnsoverhttp@ietf.org>
List-Help: <mailto:dnsoverhttp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsoverhttp>,
<mailto:dnsoverhttp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 16 Sep 2016 16:29:49 -0000
Anyone want to talk about the general model of pushing DNS records to clients as part of HTTP? This was originally part of the SPDY documents, but was never fully implemented there and never made it into HTTP/2 due to its experimental and speculative nature (unlike the rest of what became h2). But a number of folks, including myself, think the idea still holds significant promise. Briefly, if www.example.com were to include references to content on www.cdn.com it would be able to staple, unsolicited, at the protocol level the necessary DNS records for the cdn into the http response containing the reference. .presumably with a complete dnssec chain inline. Since example.com pushes this information to different folks all the time, it can have the chain cached suitably to the lifetime of the records in the chain. Because the client can verify the information via dnssec it can go ahead and connect www.cdn.com without the round trips necessary for resolution. Remembering that this is bar bof fodder, If the HTTP folks were interested in going down this path with an extension to h2 what would the guidance from the dns folk be on corner cases to consider? -Patrick
- [dnsoverhttp] Thinking about inlining DNS in HTTP Patrick McManus
- Re: [dnsoverhttp] Thinking about inlining DNS in … Martin Thomson
- Re: [dnsoverhttp] Thinking about inlining DNS in … Patrick McManus