Re: [dnsoverhttp] [Ext] DNS over HTTP: next steps?
Shane Kerr <shane@time-travellers.org> Tue, 17 January 2017 10:28 UTC
Return-Path: <shane@time-travellers.org>
X-Original-To: dnsoverhttp@ietfa.amsl.com
Delivered-To: dnsoverhttp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 89DB0129514 for <dnsoverhttp@ietfa.amsl.com>; Tue, 17 Jan 2017 02:28:29 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.902
X-Spam-Level:
X-Spam-Status: No, score=-1.902 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id A73UyKHm-2Yt for <dnsoverhttp@ietfa.amsl.com>; Tue, 17 Jan 2017 02:28:28 -0800 (PST)
Received: from time-travellers.nl.eu.org (c.time-travellers.nl.eu.org [IPv6:2a02:2770::21a:4aff:fea3:eeaa]) (using TLSv1.2 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4F83612945F for <dnsoverhttp@ietf.org>; Tue, 17 Jan 2017 02:28:28 -0800 (PST)
Received: from [240c:f:1:4000:8a63:3b33:66a5:1600] (helo=pallas.home.time-travellers.org) by time-travellers.nl.eu.org with esmtpsa (TLS1.2:RSA_AES_256_CBC_SHA1:256) (Exim 4.80) (envelope-from <shane@time-travellers.org>) id 1cTR0E-0002bp-TL; Tue, 17 Jan 2017 10:28:35 +0000
Date: Tue, 17 Jan 2017 18:28:15 +0800
From: Shane Kerr <shane@time-travellers.org>
To: Erik Kline <ek@google.com>
Message-ID: <20170117182815.70957a27@pallas.home.time-travellers.org>
In-Reply-To: <CAAedzxrui3ayuurjYxv+d1A1ghnaQWS1-VXFuOVpLKm+CB2jEQ@mail.gmail.com>
References: <20161221171207.06fb9acb@pallas.home.time-travellers.org> <AE968DEF-3E00-420E-9EC6-6D12AF81E3E7@icann.org> <CAOdDvNpOPE7rD6Hqeeo-xf1co6HG2+Jx_BSFG4hLeFA9GC4=HQ@mail.gmail.com> <CABWuLVetY+2ocnVAn-AhfuJ=GqEQFqmHtsapXE9Ef7uyaM4JEA@mail.gmail.com> <20170106110522.7f181abf@pallas.home.time-travellers.org> <CAAedzxrui3ayuurjYxv+d1A1ghnaQWS1-VXFuOVpLKm+CB2jEQ@mail.gmail.com>
X-Mailer: Claws Mail 3.14.1 (GTK+ 2.24.31; x86_64-pc-linux-gnu)
MIME-Version: 1.0
Content-Type: multipart/signed; micalg="pgp-sha256"; boundary="Sig_/XpvV3jEmdQsjQTBBlkdTwfn"; protocol="application/pgp-signature"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsoverhttp/nra1jZ_7sZhpJA6jGxQZpjDPZAU>
Cc: "dnsoverhttp@ietf.org" <dnsoverhttp@ietf.org>
Subject: Re: [dnsoverhttp] [Ext] DNS over HTTP: next steps?
X-BeenThere: dnsoverhttp@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Discussion of DNS over HTTP <dnsoverhttp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsoverhttp>, <mailto:dnsoverhttp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsoverhttp/>
List-Post: <mailto:dnsoverhttp@ietf.org>
List-Help: <mailto:dnsoverhttp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsoverhttp>, <mailto:dnsoverhttp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 17 Jan 2017 10:28:29 -0000
Erik, Apologies for the late reply! At 2017-01-08 20:34:23 +0900 Erik Kline <ek@google.com> wrote: > Can you clarify something for me about the wireformat draft, section 3.4? > > I believe that a client proxy does not include the DNS-over-TCP 2 byte > length toward the server, instead relying on the HTTP content-length. > Is it fair (and would be more clear) to simply say that the > DNS-over-TCP 2 byte length is *never* included when encapsulating over > HTTP regardless of role and query vs. response status? I think that's fair. The basic idea is that you don't need any length indicator for the DNS message because HTTP already includes that information. However, I have re-written this section at least 3 times and every time someone ends up finding it unclear in some way. :( I think that I might not be able to write this in good way. Maybe someone can help? > I'm also a tad confused about how things look if one was, for example, > doing a zone transfer via DNS-over-HTTP and the server wanted to send > things with Transfer-Encoding of type chunked? I haven't actually thought about it. Generally server-to-server communications fall outside of the scope of the draft. I would expect those to use normal DNS over TCP. But in principle there is nothing to prevent a user from asking for a zone transfer (I do it all the time, actually), and no reason why this shouldn't work over HTTP. > Actually, re-reading RFC 7230 sections 3.3.1 and 3.3.2, I believe that > if it's a requirement to include a Content-Length header then that > means Transfer-Encoding MUST NOT be used. Is this fair to say, and is > it true of all DNS-over-HTTP data streams, regardless of role and > direction (i.e. it doesn't just apply to client requests)? Thinking about it, I don't think there is a strong requirement to include a Content-Length header. Honestly all that we really need is for the data to end up on the other end, and to know how much got there. Any transfer encoding should work for this. Probably I should go through the document and remove references to this, and make it more general to indicate this. Do you think it makes sense to include Content-Length as an example of a possible way to do this or would that confuse things? > My apologies if I'm focusing on minutiae too early in the process. Not at all! I'm not actually sure where this draft is process-wise. :) Cheers, -- Shane
- [dnsoverhttp] DNS over HTTP: next steps? Shane Kerr
- Re: [dnsoverhttp] [Ext] DNS over HTTP: next steps? Paul Hoffman
- Re: [dnsoverhttp] [Ext] DNS over HTTP: next steps? Patrick McManus
- Re: [dnsoverhttp] [Ext] DNS over HTTP: next steps? Zach Lym
- Re: [dnsoverhttp] [Ext] DNS over HTTP: next steps? Shane Kerr
- Re: [dnsoverhttp] [Ext] DNS over HTTP: next steps? Erik Kline
- Re: [dnsoverhttp] [Ext] DNS over HTTP: next steps? Shane Kerr
- Re: [dnsoverhttp] [Ext] DNS over HTTP: next steps? Erik Kline
- Re: [dnsoverhttp] [Ext] DNS over HTTP: next steps? Patrick McManus