[dnssd] Re: DNSSD: DNS-SD discovery for BRSKI and variations
Chris Box <chris.box.ietf@gmail.com> Tue, 05 November 2024 12:45 UTC
Return-Path: <chris.box.ietf@gmail.com>
X-Original-To: dnssd@ietfa.amsl.com
Delivered-To: dnssd@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 73FF6C14F71C; Tue, 5 Nov 2024 04:45:08 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.104
X-Spam-Level:
X-Spam-Status: No, score=-2.104 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bkLAayxwwkII; Tue, 5 Nov 2024 04:45:04 -0800 (PST)
Received: from mail-ej1-x634.google.com (mail-ej1-x634.google.com [IPv6:2a00:1450:4864:20::634]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 90988C151536; Tue, 5 Nov 2024 04:45:04 -0800 (PST)
Received: by mail-ej1-x634.google.com with SMTP id a640c23a62f3a-a9eaaab29bcso260444866b.2; Tue, 05 Nov 2024 04:45:04 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1730810702; x=1731415502; darn=ietf.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=8R6x/3mmsQhh3E2ea9HgFR5xWAC+0Rqdfia/NTztv2o=; b=Sb4js9mdRLY8Glz3mI1nWj6indW1QMPZM8RMVHHPuflCSF1giszSuZAZnoPdZ6DPuc 8ml5yjV1DcBbgWpvCG84OICnJcXf9+pI7CjLC3dcTCjs9AKLB7Qe3sVQWxIiXsPASTCl 7G+iMUcWYK4mksS173zfLOsQbdvK397Jn8bZD21mXECGf124RDwyEw1aQAop7tsjPFzw EpDZEUAB/kOzY/ga26HrAlX2hXsAbHCGGuN4Z26Wg0fyd1SJKDRBzcghF5uO8cjl3aUn WlVgAIFx0GW3HuF1GMBWGe7b2H6hiZ0CjZQidPYUGQeWQ5X22WtEi9RRKIX3AQE0kB9Q YUNg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1730810702; x=1731415502; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=8R6x/3mmsQhh3E2ea9HgFR5xWAC+0Rqdfia/NTztv2o=; b=FigN71rG4W0qz32aY6Y7zMJtOP4zIiYv+TWyRGSBy36h6AKdlFA5Y7k/mWHyT8WEoR DkvQaBBuhx3wqWPhfEyS6pZQkU4Uw4GavPY/WJdvkj1i+mngrqqKtGmbB2LfehO6FRxj nyB/UWdCQjANIsHtPMXwd2+Sd0VrUyLsTL1xFfppzUZ5aM17UwYElofrRltHqhIovSlO L8P+4NjdI2ERv+Uow8ThodF80BMtB603lCzldJaQPnEatmB3dpHXadfIgV7jjoZWA43s UFqF0Cy6rZ9a+w+pbFJSwoau9sBzyR9YYFtxoCnDtfxtf4tiaAegdrsiRj/F3JS83Om/ XoWA==
X-Forwarded-Encrypted: i=1; AJvYcCUk6uYHfKgVZqOuUq2VMfQo/lZ/OyO7NoD4JFw0LlbT7aGKflfcxz6k6cdI4XYFJOlvCo1TJHQme3fKwg0=@ietf.org
X-Gm-Message-State: AOJu0YzDoh6EguGynVFBDSs6AAT1N+JxW3aYUz7oHCgMDRvzM90ql7Hr o17g6ZxpkZbMG7t/GbX2PmaOTbtIHJUsZZTmuh+ip7mJccYEKDdUMn/APM4XMpjrkZB/6vTEexx 9TN4qi1/D68rg36Yea5fvILiijN0=
X-Google-Smtp-Source: AGHT+IHrCMbxO7G7XOhHVBfYzTyWaOLQUsZCazqKP6cfdnwYl6pHWxhz24ZoDGNp9BpaJAiSM3GGCBMN7bLmp5T5q0Q=
X-Received: by 2002:a17:907:9812:b0:a9a:49a8:f1fa with SMTP id a640c23a62f3a-a9e508e9870mr1721243166b.23.1730810702362; Tue, 05 Nov 2024 04:45:02 -0800 (PST)
MIME-Version: 1.0
References: <ZxgqAHVI2sZn98QW@faui48e.informatik.uni-erlangen.de> <ZyoQt4ImuRAgJ59K@faui48e.informatik.uni-erlangen.de>
In-Reply-To: <ZyoQt4ImuRAgJ59K@faui48e.informatik.uni-erlangen.de>
From: Chris Box <chris.box.ietf@gmail.com>
Date: Tue, 05 Nov 2024 12:44:49 +0000
Message-ID: <CACJ6M14gWMCgZBGiKH+7akH4+VUMeFmBomPLgRZdYAw7hJShOw@mail.gmail.com>
To: Toerless Eckert <tte@cs.fau.de>
Content-Type: multipart/alternative; boundary="000000000000167f80062629c50d"
Message-ID-Hash: W3T7B3FBWOB7ZXFP55CZ525BZJVC7PNG
X-Message-ID-Hash: W3T7B3FBWOB7ZXFP55CZ525BZJVC7PNG
X-MailFrom: chris.box.ietf@gmail.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-dnssd.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: dnssd@ietf.org, dnssd-chairs@ietf.org
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [dnssd] Re: DNSSD: DNS-SD discovery for BRSKI and variations
List-Id: "Discussion of extensions to DNS-based service discovery for routed networks." <dnssd.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnssd/-2FYMjcZ71rhe0B2ZW7MbgEBJRA>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnssd>
List-Help: <mailto:dnssd-request@ietf.org?subject=help>
List-Owner: <mailto:dnssd-owner@ietf.org>
List-Post: <mailto:dnssd@ietf.org>
List-Subscribe: <mailto:dnssd-join@ietf.org>
List-Unsubscribe: <mailto:dnssd-leave@ietf.org>
Toerless, The chairs agreed that we would only grant agenda time to this topic if we heard there was interest from working group members. As of this point, we've not seen any, so the current position is that it won't be on Thursday's agenda. If any list members want to amend that position, e.g. after seeing your slides, please let us know: dnssd-chairs@ietf.org Thanks Chris On Tue, 5 Nov 2024 at 12:34, Toerless Eckert <tte@cs.fau.de> wrote: > I've proposed slides for the topic to datatracker. > > These are the same slides as i'll use for ANIMA: > > https://datatracker.ietf.org/meeting/121/materials/slides-121-anima-04-brski-discovery-00 > > except that i would of course concentrate @dnssd on the DNS-SD relevant > background, > details and questions, whereas the ANIMA presentation is focussing on the > diffs over IETF120 > draft state. (yes, sorry, slide deck reuse is not ideal...). > > Cheers > Toerless > > On Wed, Oct 23, 2024 at 12:41:04AM +0200, Toerless Eckert wrote: > > Dear DNS-SD WG > > > > I was wondering if i could bother you folks in taking a look @ and > providing > > feedback suggestions 4 our ANIMA-WG draft: > > > > https://www.ietf.org/archive/id/draft-ietf-anima-brski-discovery-05.html > > > > This should have a couple of aspects of general interest to DNS-SD > enthusiasts, but > > also some new concepts. > > > > If there is interest, i would be happy to present about it at the > IETF121 DNS-SD WG meeting. > > > > BRSKI is the IETF ANIMA secure onboarding protocol for devices, where > > for resilience and automation its highly beneficial to discover > onboarding > > servers (registrars), and in the absence of full routing also proxies > for them. > > > > If this sounds boring, consider that unfortunately several industry > groups have diffeent > > opinions about protocol details, so we have ended up in a set of > variations of the > > protocol where not necessarily all servers are compatible with all > clients. So this > > draft introduces an extensible method to indicate supported variations > so clients > > can pick the right server. More importantly, proxies can discover all > possible > > variations even future ones and create appropriate proxy announcements. > > > > Of course, we want discovery to be fast and resilient, so there is also > text about the > > details how to select the best server based on prio & weight and time > out in case it's > > not responding. And how to optimize this in the face of having to do > this as a proxy > > > > If that's not annoying enough, then there is also no consensus on what > discovery protocol > > is the best, so we have to support DNS-SD, GRASP and CORE-LF... today, > tomorrow may be > > more, and i really don't want to see specs over specs written for a full > matrix, so the > > draft also attempts to reduce this problem into a cross-discovery > mechanism IANA registry, > > so that we hopefully can easily define extensions mostly only through > additional registrations > > in that registry. Which might also be a concept for other protocols with > similar interop issues. > > > > If thats' not enough, we also needed to discover client devices (which > we call pledges) > > via DNS-SD by their serial number, so we had to define a scheme by which > we do > > that, which is also described. > > > > So, if any of this sounds like an interesting application use of DNS-SD > that you'd > > like to check out as DNS-SD folks, please do so! > > > > Cheers > > Toerless > > > > -- > --- > tte@cs.fau.de >
- [dnssd] DNSSD: DNS-SD discovery for BRSKI and var… Toerless Eckert
- [dnssd] Re: DNSSD: DNS-SD discovery for BRSKI and… Toerless Eckert
- [dnssd] Re: DNSSD: DNS-SD discovery for BRSKI and… Chris Box
- [dnssd] Re: DNSSD: DNS-SD discovery for BRSKI and… Toerless Eckert