Re: [dnsoverhttp] New version of draft-hoffman-dns-over-http
Patrick McManus <pmcmanus@mozilla.com> Mon, 17 October 2016 21:19 UTC
Return-Path: <pmcmanus@mozilla.com>
X-Original-To: dnsoverhttp@ietfa.amsl.com
Delivered-To: dnsoverhttp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BFD3B1294EA for <dnsoverhttp@ietfa.amsl.com>; Mon, 17 Oct 2016 14:19:07 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.235
X-Spam-Level:
X-Spam-Status: No, score=-1.235 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, SPF_HELO_PASS=-0.001, SPF_SOFTFAIL=0.665] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id nF2AEEru2tfG for <dnsoverhttp@ietfa.amsl.com>; Mon, 17 Oct 2016 14:19:05 -0700 (PDT)
Received: from linode64.ducksong.com (www.ducksong.com [192.155.95.102]) by ietfa.amsl.com (Postfix) with ESMTP id 10D381294DF for <dnsoverhttp@ietf.org>; Mon, 17 Oct 2016 14:19:05 -0700 (PDT)
Received: from mail-it0-f42.google.com (mail-it0-f42.google.com [209.85.214.42]) by linode64.ducksong.com (Postfix) with ESMTPSA id 61C563A01F for <dnsoverhttp@ietf.org>; Mon, 17 Oct 2016 17:19:02 -0400 (EDT)
Received: by mail-it0-f42.google.com with SMTP id 139so55875274itm.1 for <dnsoverhttp@ietf.org>; Mon, 17 Oct 2016 14:19:02 -0700 (PDT)
X-Gm-Message-State: AA6/9Rn0XElgCcbFL0bb8IQ0PbjjSWuZc2M6CnsG5xcRkUII8sCQAIBInsGsM4nlShAZ0nk0E10CbW6ece+IAA==
X-Received: by 10.36.107.82 with SMTP id v79mr11373503itc.52.1476739141986; Mon, 17 Oct 2016 14:19:01 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.64.110.164 with HTTP; Mon, 17 Oct 2016 14:19:01 -0700 (PDT)
In-Reply-To: <5E9B74C7-6B48-4CF7-B952-084DC7F81141@icann.org>
References: <5E9B74C7-6B48-4CF7-B952-084DC7F81141@icann.org>
From: Patrick McManus <pmcmanus@mozilla.com>
Date: Mon, 17 Oct 2016 17:19:01 -0400
X-Gmail-Original-Message-ID: <CAOdDvNoTrf1rXZ+tFzrKoZhQp3sK9NSXWOUn6Sn5L3jPvWKE0Q@mail.gmail.com>
Message-ID: <CAOdDvNoTrf1rXZ+tFzrKoZhQp3sK9NSXWOUn6Sn5L3jPvWKE0Q@mail.gmail.com>
To: Paul Hoffman <paul.hoffman@icann.org>
Content-Type: multipart/alternative; boundary="001a114ac840fbfaab053f161fe9"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsoverhttp/Sqr3DO_8c3ThebJ54zDhQgdQHBE>
Cc: "dnsoverhttp@ietf.org" <dnsoverhttp@ietf.org>
Subject: Re: [dnsoverhttp] New version of draft-hoffman-dns-over-http
X-BeenThere: dnsoverhttp@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Discussion of DNS over HTTP <dnsoverhttp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsoverhttp>, <mailto:dnsoverhttp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsoverhttp/>
List-Post: <mailto:dnsoverhttp@ietf.org>
List-Help: <mailto:dnsoverhttp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsoverhttp>, <mailto:dnsoverhttp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 17 Oct 2016 21:19:08 -0000
Paul, Joe, thanks for pushing this forward. I don't have a chance this minute to propose text - but I have a few notes. I can help with text down the line if it would help. But I didn't want to just sit on my comments. -Patrick On Sat, Oct 15, 2016 at 9:23 AM, Paul Hoffman <paul.hoffman@icann.org> wrote: > Greetings again. Joe and I have submitted a new draft that we hopefully > covers all of the messages from this list on the -00 draft. The diffs are > here: > https://www.ietf.org/rfcdiff?url2=draft-hoffman-dns-over-http-01 > > For things where there seemed to be agreement, we put them in; where there > wasn't, we put in a TODO. We would love to hear proposals for specific text > on any of the TODOs. > > If no PREFIX is configured as above, the client MAY query a DNS resolver for which they have an IP address. The query is https://<IPADDRESS>/.well_known/TBD1 If the DNS server knows about API support, the returned URI will be the PREFIX. I don't really know what this means for sure. Is the query an https query or a DNS query? methods etc? What is a returned URI? TODO: Full discussion about using this protocol in HTTP/2 for server push. This will also hopefully cover caching and DNS TTLs. I don't think the push section will satisfy the caching considerations language - that is independent of push The primary thing to define here is what path and origin the pushed request is for. Secondarily you get to decide whether that lives in the scope of an existing stream (e.g. an html document) or is attached to the whole session (aka stream 0) - this relationship is defined by push. If it is stream 0 you would need to define an h2 extension and negotiate it with settings - so I would probably avoid that. Thirdly, as we've discussed there are security considerations around the scope in which you want to use the response. My argument would be to require it to be signed and not restrict its usage, while discussing the implications of that. > Earlier, there was discussion of having an informal bar BoF in Seoul. > There is no need to wait for that to happen before submitting proposed text. > > --Paul Hoffman > _______________________________________________ > dnsoverhttp mailing list > dnsoverhttp@ietf.org > https://www.ietf.org/mailman/listinfo/dnsoverhttp >
- [dnsoverhttp] New version of draft-hoffman-dns-ov… Paul Hoffman
- Re: [dnsoverhttp] New version of draft-hoffman-dn… Patrick McManus
- Re: [dnsoverhttp] New version of draft-hoffman-dn… Paul Hoffman
- Re: [dnsoverhttp] New version of draft-hoffman-dn… Patrick McManus