Re: [dnssd] I-D Action: draft-ietf-dnssd-srp-23.txt

Alexander Clouter <alex+ietf@coremem.com> Tue, 03 October 2023 13:48 UTC

Return-Path: <alex+ietf@coremem.com>
X-Original-To: dnssd@ietfa.amsl.com
Delivered-To: dnssd@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 79201C15198C for <dnssd@ietfa.amsl.com>; Tue, 3 Oct 2023 06:48:55 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.105
X-Spam-Level:
X-Spam-Status: No, score=-7.105 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H5=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=coremem.com header.b="lT4qNz3L"; dkim=pass (2048-bit key) header.d=messagingengine.com header.b="TX3aEtmP"
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id H7ySuhtN4cpT for <dnssd@ietfa.amsl.com>; Tue, 3 Oct 2023 06:48:50 -0700 (PDT)
Received: from wout2-smtp.messagingengine.com (wout2-smtp.messagingengine.com [64.147.123.25]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BE1D3C151717 for <dnssd@ietf.org>; Tue, 3 Oct 2023 06:48:50 -0700 (PDT)
Received: from compute3.internal (compute3.nyi.internal [10.202.2.43]) by mailout.west.internal (Postfix) with ESMTP id A5BF93200B5A for <dnssd@ietf.org>; Tue, 3 Oct 2023 09:48:49 -0400 (EDT)
Received: from imap46 ([10.202.2.96]) by compute3.internal (MEProxy); Tue, 03 Oct 2023 09:48:49 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=coremem.com; h= cc:content-type:content-type:date:date:from:from:in-reply-to :in-reply-to:message-id:mime-version:references:reply-to:sender :subject:subject:to:to; s=fm1; t=1696340929; x=1696427329; bh=9F JGcx4LDzjrFbWNWMHrKhzRBmjz2i+o+lgcHyThY6w=; b=lT4qNz3LgDsMyQtj4S uP4MAdWRY50ugV3PDfcdl5Rc8PSZUdTTCk07DyM2pyztqcGuita6f6UpG8t5yoq3 EQb2NwoW4WEkWB/bxMZPKw1tVg9yL6awst4L3KqMPctLrOQlvHpI38uXOl6crCuM IAD83MIciwzOUyJ0+O1v4rrOoKNKThD9Tr5wCBbN2g6IQaredK6AJGj9zfsGqwiW uidBLQtNvzC2NJLbpYooz7AGlVZ7macA4gMU2jkox4f0vNzOTPuROECtqSCBW/ST 7hylebd67Yw8SXK4aWXfg9zgGo4Pc37wJQEm+bkWNRWVz44xqWfIa4OzPIbFzv5C 4y1w==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-type:content-type:date:date :feedback-id:feedback-id:from:from:in-reply-to:in-reply-to :message-id:mime-version:references:reply-to:sender:subject :subject:to:to:x-me-proxy:x-me-proxy:x-me-sender:x-me-sender :x-sasl-enc; s=fm2; t=1696340929; x=1696427329; bh=9FJGcx4LDzjrF bWNWMHrKhzRBmjz2i+o+lgcHyThY6w=; b=TX3aEtmPEqgBAGzHSqdQSKK5dwW3w btxOfiqi5R3TkLn0J4eCOAaBD+2018lv+kddCOhqQH1LqqTC7pyOz8KAaZTBpjsy 5f7Nt5n9MVwjnKXEKvpvT820jpjRg4w5IF8G9fJycyehOvLRuqhQue6/t/D4cBJL wwTZdZljEP0sNRlKXp+x+JWICZO1Y29Tw6Hj0+viz1eSrR+51DRsZ9oXmUYy2TrV KcO2smcnnkWfKLxAKR4ncBO7Z4rH2mpK+uhTtsATptc0SaEFikIuc6vScZjvqfYR xhnYrxsbX4Cupdv1BQsRUrwYCtpL1ZLNnMi/bCRaoiq0IT9I0piPvWcnQ==
X-ME-Sender: <xms:wRscZYonKBPkqX9IMYcEADMTmf5NYhLYPgek5tmk_kNLZzkbJ_DwFQ> <xme:wRscZertzKJCr4rd-kmGq82ohpHG-pgTjvATHSrpRhfcQbcupxt9eA7JOBB_-DaoJ cXanvrwyfsrvEdglQ>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvkedrfeeigdeijecutefuodetggdotefrodftvf curfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfghnecu uegrihhlohhuthemuceftddtnecunecujfgurhepofgfggfkjghffffhvffutgesthdtre dtreertdenucfhrhhomhepfdetlhgvgigrnhguvghrucevlhhouhhtvghrfdcuoegrlhgv gidoihgvthhfsegtohhrvghmvghmrdgtohhmqeenucggtffrrghtthgvrhhnpedvteejhf ehgfegleeuleefteeikefgvefhheekheevvdekueefkeeiieffhfdvgeenucevlhhushht vghrufhiiigvpedtnecurfgrrhgrmhepmhgrihhlfhhrohhmpegrlhgvgidoihgvthhfse gtohhrvghmvghmrdgtohhm
X-ME-Proxy: <xmx:wRscZdPgGaYPvT1n-j2p0cVhNX6IX3x3AFxfGaPfMSgpp6Yw7KA_2g> <xmx:wRscZf63aXq_-qhGF6y5-fNsegCNPcGeOHPttbR6RwUZYPJ-y25NMQ> <xmx:wRscZX5PvTifxo6tGCZlmdL6rvCUq-OKGhAFQS083RTv2eQ17bCykg> <xmx:wRscZZE5_mGslnlKdSPMQ7KkfJUGkJBhd5OaPI4qp3Qe7X4-V-YZ7A>
Feedback-ID: ie3614602:Fastmail
Received: by mailuser.nyi.internal (Postfix, from userid 501) id E97482A20085; Tue, 3 Oct 2023 09:48:48 -0400 (EDT)
X-Mailer: MessagingEngine.com Webmail Interface
User-Agent: Cyrus-JMAP/3.9.0-alpha0-958-g1b1b911df8-fm-20230927.002-g1b1b911d
MIME-Version: 1.0
Message-Id: <ee7f1fcc-ed24-457e-9fad-0248cd2d7fee@app.fastmail.com>
In-Reply-To: <169118866241.13601.15936262706231533955@ietfa.amsl.com>
References: <169118866241.13601.15936262706231533955@ietfa.amsl.com>
Date: Tue, 03 Oct 2023 14:48:24 +0100
From: Alexander Clouter <alex+ietf@coremem.com>
To: dnssd@ietf.org
Content-Type: text/plain
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnssd/7PDQYdQFwzwDT8pqNVxV5DB38gY>
Subject: Re: [dnssd] I-D Action: draft-ietf-dnssd-srp-23.txt
X-BeenThere: dnssd@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Discussion of extensions to DNS-based service discovery for routed networks." <dnssd.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnssd>, <mailto:dnssd-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnssd/>
List-Post: <mailto:dnssd@ietf.org>
List-Help: <mailto:dnssd-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnssd>, <mailto:dnssd-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 03 Oct 2023 13:48:55 -0000

On Fri, 4 Aug 2023, at 23:37, internet-drafts@ietf.org wrote:
>    Title           : Service Registration Protocol for DNS-Based Service Discovery
>    Authors         : Ted Lemon
>                      Stuart Cheshire
>    Filename        : draft-ietf-dnssd-srp-23.txt
>    Pages           : 40
>    Date            : 2023-08-04

Late to the party and tried searching the list archives, but 'TTL' in a DNS archive naturally steers you to the wrong kind of TTL.

Apologies if this was already thrashed out.

> Section 6.1 -  Source Validation
>
> [snipped]
>
> For example, a stub router [I-D.ietf-snac-simple] for a constrained network might only accept UDP updates from source addresses known to be on-link on that stub network, ...

An IP header TTL of 255 can also provide proof of being on-link where the registrar verifies if the received TTL is 255; this technique is described in RFC 5082.

Cheers