Re: [dnsoverhttp] New draft: draft-hoffman-dns-over-http-00.txt
Ted Hardie <ted.ietf@gmail.com> Tue, 20 September 2016 22:02 UTC
Return-Path: <ted.ietf@gmail.com>
X-Original-To: dnsoverhttp@ietfa.amsl.com
Delivered-To: dnsoverhttp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1])
by ietfa.amsl.com (Postfix) with ESMTP id 0672312B482
for <dnsoverhttp@ietfa.amsl.com>; Tue, 20 Sep 2016 15:02:30 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.699
X-Spam-Level:
X-Spam-Status: No, score=-2.699 tagged_above=-999 required=5
tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1,
DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001,
RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001]
autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key)
header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44])
by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id UdStlUARnh7H for <dnsoverhttp@ietfa.amsl.com>;
Tue, 20 Sep 2016 15:02:28 -0700 (PDT)
Received: from mail-oi0-x22a.google.com (mail-oi0-x22a.google.com
[IPv6:2607:f8b0:4003:c06::22a])
(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
(No client certificate requested)
by ietfa.amsl.com (Postfix) with ESMTPS id F00A112B14D
for <dnsoverhttp@ietf.org>; Tue, 20 Sep 2016 15:02:27 -0700 (PDT)
Received: by mail-oi0-x22a.google.com with SMTP id r126so39009428oib.0
for <dnsoverhttp@ietf.org>; Tue, 20 Sep 2016 15:02:27 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
h=mime-version:in-reply-to:references:from:date:message-id:subject:to
:cc; bh=0TxDTW0JXC+OKG9N7wSuGZPg3Ai5HTg4kWZ2SB0S/6w=;
b=bcjC6SyoIiwgds5l9dKbqTvHyiTmNE1qncaQa6JHQJadCGoXDwR4/OfwMj5P05Har1
5XrVSuGkO5AWn1ex6jaxLwtmGPxEbUH8xEfdq0FP8ECENPzZvlPdraYJwXZptGPbZhnl
A6kbhv5ehdBT1cB3LTjBpvbH0w6f8z0wX3Sk7YYb08spTeMygUg3HR4Y/nToGZcgUewG
md+SiCZsuJvBJl32urUrCo9YWXC8eypGrgLmk399ilqe66JpXTQrnHpwqzp5Qb6ldmBb
hweZdIkzVxSYgTqjp0pMEy51UGfX8VVXPkJ6BbkiRC3YLJWmvJq2HX5IgNT2eKD0DU5H
DrbA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20130820;
h=x-gm-message-state:mime-version:in-reply-to:references:from:date
:message-id:subject:to:cc;
bh=0TxDTW0JXC+OKG9N7wSuGZPg3Ai5HTg4kWZ2SB0S/6w=;
b=g5OQktFqR3SYqXcl+gmhh/V4Nr8kQJrq3WJq9Kw+JsfbPjIAgmKakYKfirU6FfDH/D
++qlUe/l1FFLHX7HX701In6ar25NHwnizvRwHyg9d83YUPKtmlVaqxZGzV5AvrdKoqnt
1XStK+0P+gG03Xg7KPCBfhEmMfvNoHkcDhoAlX0ig6PeE8U7UzZK0o29RPiEY+dM0qMT
Pb6WOUZVXPZeHZYgtTEJmJ12iJbwn4TjhXMsBsE3V9rXm19sGbWQmcah6uFD8gPHGn3X
2omuvYmrdDHwhcHBTnGO4Iw4RyHbJysaSZQqfGp2gPwDSIH0Rs9UOoRhgXCPt/g1CqpL
wpJw==
X-Gm-Message-State: AE9vXwOC2Q7FrW5cDOxRzwupb1FaM1daWQvBydpesrI1VT/SnssFTzN9Waj/8Iwlr3yoKiXNLcHrLC/+FdaOfA==
X-Received: by 10.202.90.196 with SMTP id o187mr5022656oib.176.1474408947276;
Tue, 20 Sep 2016 15:02:27 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.202.85.72 with HTTP; Tue, 20 Sep 2016 15:01:56 -0700 (PDT)
In-Reply-To: <AF616D4B-A22B-4CB7-AD20-29B4E6107276@icann.org>
References: <147438228195.28999.4355943522486567954.idtracker@ietfa.amsl.com>
<D1E3CC44-FE5A-4ACE-90A1-EF9B5EE975D7@icann.org>
<CA+9kkMATL4RVv=RCmS0nqks2OWB1aQSeNcZ_-zyqHBnv5eYmLg@mail.gmail.com>
<AF616D4B-A22B-4CB7-AD20-29B4E6107276@icann.org>
From: Ted Hardie <ted.ietf@gmail.com>
Date: Tue, 20 Sep 2016 15:01:56 -0700
Message-ID: <CA+9kkMCsX9=+uWmAAydW5yuda_Jzs+qX6MBZBq0ztQKOsEDndQ@mail.gmail.com>
To: Paul Hoffman <paul.hoffman@icann.org>
Content-Type: multipart/alternative; boundary=001a113d47f28e62ea053cf795d9
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsoverhttp/pDbZDZtgosf8Zm7xxkYDVPS69Ak>
Cc: "dnsoverhttp@ietf.org" <dnsoverhttp@ietf.org>
Subject: Re: [dnsoverhttp] New draft: draft-hoffman-dns-over-http-00.txt
X-BeenThere: dnsoverhttp@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Discussion of DNS over HTTP <dnsoverhttp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsoverhttp>,
<mailto:dnsoverhttp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsoverhttp/>
List-Post: <mailto:dnsoverhttp@ietf.org>
List-Help: <mailto:dnsoverhttp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsoverhttp>,
<mailto:dnsoverhttp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 20 Sep 2016 22:02:30 -0000
On Tue, Sep 20, 2016 at 2:43 PM, Paul Hoffman <paul.hoffman@icann.org> wrote: > On Sep 20, 2016, at 1:40 PM, Ted Hardie <ted.ietf@gmail.com> wrote: > > Thanks for the draft. Reading through it, it seems to posit a mechanism > for providing a DNS API server that will serve the same function as a > recursive resolver would now. > > We did not mean to limit it to recursive resolvers: it could be any DNS > server. In Section 2.4, note the rd parameter can be set to 0. Maybe we > should say this explicitly in the Introduction. > > I guess the focus on discovery threw me there; clearly you wouldn't provision authoritative servers with DHCP. > > Given that this is basically similar to a recursive resolver putting up > a new API, I'm not sure why the complication of a non-standardized prefix > is the right trade-off. Why not standardize it? If not standardized, why > not use the well known URI mechanisms? > > If folks prefer a standard prefix, we could certainly go that way. Having > said that, if we started off with that instead, I strongly suspect that > some would ask why we were forcing a particular URI on servers, and the > modern IETF way is to give flexibility through discovery. > > Well, ACME and others use well known URIs; that might be an approach to consider (as the redirect gives you flexibility). > > I also note that this seems to be answering a different use case than > Patrick and Martin were talking about in regards to server push. With > this, server push might be used for something like additional data, but you > wouldn't see this in the same context as "normal" HTTPS connections, so > server push from a content server wouldn't apply. Have I got that bit right? > > Hopefully not. That is, we certainly want the server push model to work > with our proposal. > > So, if I am connected to https://blogplatform.example.com/, and it wants me to know the dns info for securedimages.example.com, what does it do in this mode? Ted > --Paul Hoffman
- [dnsoverhttp] New draft: draft-hoffman-dns-over-h… Paul Hoffman
- Re: [dnsoverhttp] New draft: draft-hoffman-dns-ov… Ted Hardie
- Re: [dnsoverhttp] New draft: draft-hoffman-dns-ov… Paul Hoffman
- Re: [dnsoverhttp] New draft: draft-hoffman-dns-ov… Ted Hardie
- Re: [dnsoverhttp] New draft: draft-hoffman-dns-ov… Paul Hoffman
- Re: [dnsoverhttp] New draft: draft-hoffman-dns-ov… Ted Hardie
- Re: [dnsoverhttp] New draft: draft-hoffman-dns-ov… Martin Thomson
- Re: [dnsoverhttp] New draft: draft-hoffman-dns-ov… Martin Thomson
- Re: [dnsoverhttp] New draft: draft-hoffman-dns-ov… Patrick McManus
- Re: [dnsoverhttp] New draft: draft-hoffman-dns-ov… Paul Hoffman
- Re: [dnsoverhttp] New draft: draft-hoffman-dns-ov… Paul Hoffman
- Re: [dnsoverhttp] New draft: draft-hoffman-dns-ov… Ted Hardie
- Re: [dnsoverhttp] New draft: draft-hoffman-dns-ov… Patrick McManus
- Re: [dnsoverhttp] New draft: draft-hoffman-dns-ov… Martin Thomson
- Re: [dnsoverhttp] New draft: draft-hoffman-dns-ov… Martin Thomson
- Re: [dnsoverhttp] New draft: draft-hoffman-dns-ov… Martin Thomson
- Re: [dnsoverhttp] New draft: draft-hoffman-dns-ov… Martin Thomson
- Re: [dnsoverhttp] New draft: draft-hoffman-dns-ov… Paul Hoffman
- Re: [dnsoverhttp] New draft: draft-hoffman-dns-ov… Martin Thomson
- Re: [dnsoverhttp] New draft: draft-hoffman-dns-ov… Paul Hoffman
- Re: [dnsoverhttp] New draft: draft-hoffman-dns-ov… Patrick McManus
- Re: [dnsoverhttp] New draft: draft-hoffman-dns-ov… Patrick McManus
- Re: [dnsoverhttp] New draft: draft-hoffman-dns-ov… Ted Hardie
- Re: [dnsoverhttp] New draft: draft-hoffman-dns-ov… Martin Thomson