Re: [dnsoverhttp] New draft: draft-hoffman-dns-over-http-00.txt
Martin Thomson <martin.thomson@gmail.com> Thu, 22 September 2016 01:19 UTC
Return-Path: <martin.thomson@gmail.com>
X-Original-To: dnsoverhttp@ietfa.amsl.com
Delivered-To: dnsoverhttp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1])
by ietfa.amsl.com (Postfix) with ESMTP id C22D512B7C1
for <dnsoverhttp@ietfa.amsl.com>; Wed, 21 Sep 2016 18:19:19 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.7
X-Spam-Level:
X-Spam-Status: No, score=-2.7 tagged_above=-999 required=5
tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1,
DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7,
SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key)
header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44])
by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id IPGtHC4ZBG6y for <dnsoverhttp@ietfa.amsl.com>;
Wed, 21 Sep 2016 18:19:17 -0700 (PDT)
Received: from mail-qk0-x235.google.com (mail-qk0-x235.google.com
[IPv6:2607:f8b0:400d:c09::235])
(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
(No client certificate requested)
by ietfa.amsl.com (Postfix) with ESMTPS id 19A5812BC41
for <dnsoverhttp@ietf.org>; Wed, 21 Sep 2016 18:19:17 -0700 (PDT)
Received: by mail-qk0-x235.google.com with SMTP id g67so3192593qkd.0
for <dnsoverhttp@ietf.org>; Wed, 21 Sep 2016 18:19:17 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
h=mime-version:in-reply-to:references:from:date:message-id:subject:to
:cc:content-transfer-encoding;
bh=b7XbvKIv85YNA6RNiPjwNVK9KtrPR88lAGVl9Kh2xV0=;
b=NSlZcz6tmKXYyJA4F+m+v8CwlS7kILA/2K4F357j4lwl0/hXZ6MR35abCc4JFuPrIw
3jvcvWCnAZEgW3SPRjAXsznFd1j6ZlceGPpFH5VgEKSutd65UopDg8QvyGx53lN6o46v
bSHQgR+0F8at0CSTs9DqfKXc/WnEq2Xe8AgQUC6dAWAilQMn+AnUYXJJ3THswtiuqJbJ
J2MLAqErbL3OVjyM3t5EjXRFf7bcZNgyvlLVMc1KN2u7IpKUvmvybJtehwdUcm9MNaGk
4xEjxCf98Qz4dxqBfhnTC8JOkW21Wu4oVu7PfCY9jBIvnmkZJLRniaxkcXjvvRCnwlTM
nKSQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20130820;
h=x-gm-message-state:mime-version:in-reply-to:references:from:date
:message-id:subject:to:cc:content-transfer-encoding;
bh=b7XbvKIv85YNA6RNiPjwNVK9KtrPR88lAGVl9Kh2xV0=;
b=Ns4bYknT6ps5U0oDGeK7g9VjBMPnea4d9TTLNKnlAtCHLGRt8prP+0BFLDT6cSqC6f
OnDjVY/NQPpsaMsdssmkfmFUSxmwhwEaXkpRQ84aCMrF4clMDsHwH9hV3NDtXXyiKL7+
uGQFmzEpnKKaPKx285jcpJn/tvtBq92KIMw5SdjHiqzdrfG6+q1jRKpRdmNxST769DYH
c0X9pGpUM0eoYq1LU2m2gGaYUf9mnfDiGg7TngpUqCFNAZeX8Yh0WGIVIVSLayksBcOB
L0n5bdC1T2M3m5dl5MKOjhcpxB7yby3xOFxW4duz3XMq185+ohf8by//YXGAMz+tWo0p
7PyA==
X-Gm-Message-State: AE9vXwNvJGkGgP6vrE+Jm5R8vfecm06A+0+S0MyHoiHwUvm75kganz9r9HTAfGrwIzcRWHjd7FK2Pkt7A6ymgw==
X-Received: by 10.55.113.197 with SMTP id m188mr43101481qkc.55.1474507156267;
Wed, 21 Sep 2016 18:19:16 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.140.22.146 with HTTP; Wed, 21 Sep 2016 18:19:15 -0700 (PDT)
In-Reply-To: <A7C77948-ACEA-49F1-83CC-72E12B6EFA2B@icann.org>
References: <147438228195.28999.4355943522486567954.idtracker@ietfa.amsl.com>
<D1E3CC44-FE5A-4ACE-90A1-EF9B5EE975D7@icann.org>
<CAOdDvNpWdN=w0R7pOkghbwg0-SwHnD9=AqvpnAM7tQfmRpVGEw@mail.gmail.com>
<A7C77948-ACEA-49F1-83CC-72E12B6EFA2B@icann.org>
From: Martin Thomson <martin.thomson@gmail.com>
Date: Thu, 22 Sep 2016 11:19:15 +1000
Message-ID: <CABkgnnX3XBd588W5R1hK05-t9QFL0uetzVoNige0KoyiuoO69A@mail.gmail.com>
To: Paul Hoffman <paul.hoffman@icann.org>
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsoverhttp/i9ZK7GA5DEK6dG9N41Je4IUjDb4>
Cc: "dnsoverhttp@ietf.org" <dnsoverhttp@ietf.org>,
Patrick McManus <pmcmanus@mozilla.com>
Subject: Re: [dnsoverhttp] New draft: draft-hoffman-dns-over-http-00.txt
X-BeenThere: dnsoverhttp@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Discussion of DNS over HTTP <dnsoverhttp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsoverhttp>,
<mailto:dnsoverhttp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsoverhttp/>
List-Post: <mailto:dnsoverhttp@ietf.org>
List-Help: <mailto:dnsoverhttp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsoverhttp>,
<mailto:dnsoverhttp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 22 Sep 2016 01:19:20 -0000
On 22 September 2016 at 01:24, Paul Hoffman <paul.hoffman@icann.org> wrote: >> * I don't have a strong opinion on whether or not the prefix can be discoverable for some use cases, but it seems for h2 push it needs to be in the .wk space in order to give the client enough context to recognize this is dns data. given that, it might make sense to just use .wk everywhere instead of making it discoverable. > > I'm maybe hearing a trend here. Does anyone have a strong argument for discoverability over .well_known? Yes, I think that papers over the real problem. The problem that I think Patrick is worried about is one where arbitrary content can make claims about DNS answers. The problem Ted referenced is that arbitrary servers can make the same sorts of claims. We need a threat model and some systemic way of thinking about the problem before we leap to conclusions. .well-known only narrows the problem, it doesn't solve it.
- [dnsoverhttp] New draft: draft-hoffman-dns-over-h… Paul Hoffman
- Re: [dnsoverhttp] New draft: draft-hoffman-dns-ov… Ted Hardie
- Re: [dnsoverhttp] New draft: draft-hoffman-dns-ov… Paul Hoffman
- Re: [dnsoverhttp] New draft: draft-hoffman-dns-ov… Ted Hardie
- Re: [dnsoverhttp] New draft: draft-hoffman-dns-ov… Paul Hoffman
- Re: [dnsoverhttp] New draft: draft-hoffman-dns-ov… Ted Hardie
- Re: [dnsoverhttp] New draft: draft-hoffman-dns-ov… Martin Thomson
- Re: [dnsoverhttp] New draft: draft-hoffman-dns-ov… Martin Thomson
- Re: [dnsoverhttp] New draft: draft-hoffman-dns-ov… Patrick McManus
- Re: [dnsoverhttp] New draft: draft-hoffman-dns-ov… Paul Hoffman
- Re: [dnsoverhttp] New draft: draft-hoffman-dns-ov… Paul Hoffman
- Re: [dnsoverhttp] New draft: draft-hoffman-dns-ov… Ted Hardie
- Re: [dnsoverhttp] New draft: draft-hoffman-dns-ov… Patrick McManus
- Re: [dnsoverhttp] New draft: draft-hoffman-dns-ov… Martin Thomson
- Re: [dnsoverhttp] New draft: draft-hoffman-dns-ov… Martin Thomson
- Re: [dnsoverhttp] New draft: draft-hoffman-dns-ov… Martin Thomson
- Re: [dnsoverhttp] New draft: draft-hoffman-dns-ov… Martin Thomson
- Re: [dnsoverhttp] New draft: draft-hoffman-dns-ov… Paul Hoffman
- Re: [dnsoverhttp] New draft: draft-hoffman-dns-ov… Martin Thomson
- Re: [dnsoverhttp] New draft: draft-hoffman-dns-ov… Paul Hoffman
- Re: [dnsoverhttp] New draft: draft-hoffman-dns-ov… Patrick McManus
- Re: [dnsoverhttp] New draft: draft-hoffman-dns-ov… Patrick McManus
- Re: [dnsoverhttp] New draft: draft-hoffman-dns-ov… Ted Hardie
- Re: [dnsoverhttp] New draft: draft-hoffman-dns-ov… Martin Thomson