IETF Logo Mail Archive

Re: [dnssd] draft-sullivan-dnssd-mdns-dns-interop-00

Andrew Sullivan <ajs@anvilwalrusden.com> Thu, 06 February 2014 14:04 UTC

Return-Path: <ajs@anvilwalrusden.com>
X-Original-To: dnssd@ietfa.amsl.com
Delivered-To: dnssd@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 39AF91A010C for <dnssd@ietfa.amsl.com>; Thu, 6 Feb 2014 06:04:18 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.141
X-Spam-Level:
X-Spam-Status: No, score=-0.141 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HELO_MISMATCH_INFO=1.448, HOST_MISMATCH_NET=0.311] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7KUMQjivZmdw for <dnssd@ietfa.amsl.com>; Thu, 6 Feb 2014 06:04:16 -0800 (PST)
Received: from mx1.yitter.info (ow5p.x.rootbsd.net [208.79.81.114]) by ietfa.amsl.com (Postfix) with ESMTP id B12AC1A0105 for <dnssd@ietf.org>; Thu, 6 Feb 2014 06:04:16 -0800 (PST)
Received: from mx1.yitter.info (c-75-69-155-67.hsd1.nh.comcast.net [75.69.155.67]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.yitter.info (Postfix) with ESMTPSA id A75EF8A031 for <dnssd@ietf.org>; Thu, 6 Feb 2014 14:04:14 +0000 (UTC)
Date: Thu, 06 Feb 2014 09:04:10 -0500
From: Andrew Sullivan <ajs@anvilwalrusden.com>
To: dnssd@ietf.org
Message-ID: <20140206140409.GA60568@mx1.yitter.info>
References: <20140122222616.GN1271@mx1.yitter.info> <B1173945-F2CB-4086-A5BA-CAC44C0974D1@gmail.com> <20140123032553.GC1580@mx1.yitter.info> <779216FA-E974-4C95-A46F-DD55F6FC4F89@gmail.com> <20140124193205.GB2065@mx1.yitter.info> <BB22DC64-FA2C-4C2A-975C-8FFB41F8A0BD@gmail.com> <20140128035044.GB7975@mx1.yitter.info> <6451CD8A-1690-4C3F-B69D-65966F4B7F4B@apple.com> <20140203150707.GE12150@mx1.yitter.info> <67AC76BF-3DAF-4250-AE94-9490C331FC8C@apple.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
In-Reply-To: <67AC76BF-3DAF-4250-AE94-9490C331FC8C@apple.com>
User-Agent: Mutt/1.5.21 (2010-09-15)
Subject: Re: [dnssd] draft-sullivan-dnssd-mdns-dns-interop-00
X-BeenThere: dnssd@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Discussion of extensions to Bonjour \(mDNS and DNS-SD\) for routed networks." <dnssd.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnssd>, <mailto:dnssd-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dnssd/>
List-Post: <mailto:dnssd@ietf.org>
List-Help: <mailto:dnssd-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnssd>, <mailto:dnssd-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 06 Feb 2014 14:04:18 -0000

On Wed, Feb 05, 2014 at 10:49:44PM -0800, Stuart Cheshire wrote:
> 
> Yes, Service Discovery libraries issue their own DNS queries, and pass through the 8-bit data they receive from the public DNS unmolested.
> 

It would probably be useful to write down advice somewhere that DNS-SD
implementations not use other resolver libraries lest those libraries
implement IDNA automatically.

> I don’t know what “junk queries” for “names that don’t exist and
> will never exist” you are talking about. If you try the Safari
> example I suggested, the Service Discovery libraries on your machine
> will issue DNS queries for rich-text service names that *do* exist
> in the public DNS. 

The Safari example you suggested doesn't have internationalized labels
in all the positions.  If you wanted to discover services underneath 
互联网中心.中国, for instance (I have no idea what that name is -- it's
an example I pulled off CNNIC's FAQ), you'd send a query to the root
for 中国, and get NXDOMAIN, so then you'd send a query to the root for
xn--fiqs8s.  Then you'd send a query to the relevant name server for 
互联网中心.xn--fiqs8s, and that would return NXDOMAIN, so you'd send a
query for xn--fiq7iq58bfy3a8bb.xn--fiqs8s, and that would return the
NS set.  And so on.

Unless what you're saying is that the way you got to be trying to
select a service beneath 互联网中心.中国 in the first place was
IDNA-using.  That is, let's suppose the search domain in the network
preferences knows that it's using IDNA (or just uses it that way
because that's what DHCP handed it.  This is an excellent question, by
the way -- the search-path handling in DNS is already a mess, and I
wonder what happens to people who try to do predictable things with it
in an IDNA context) and therefore the display is just correct.  But
since the displayed label is a U-label, and since the U-label is
UTF-8, why doesn't DNS-SD try the UTF-8 version first?  That is what
the algorithm says to do.

> I don’t know whether you mean “everywhere” in the sense of
> “everywhere geographically” or “using libraries that don’t work for
> DNS-Based Service Discovery”.

"Using ordinary system resolvers."  I have very little difficulty
imagining the case where an implementer does DNS-SD by relying on the
system resolver because DNS is 8 bit, and a system resolver that has
been ginned up to catch UTF-8 labels and turn them into A-labels
because the IETF said that's how we're handling internationalized
domain names, and therefore the whole result being unsatisfactory.
I'm not saying anyone must do that.  But it's surely our
responsibility as people who want to ensure interoperability to point
out this sharp corner.  That's all I was trying to do in the first
place.

Best regards,

A

-- 
Andrew Sullivan
ajs@anvilwalrusden.com

v2.23.0 | Report a Bug | By Email