Re: [dnssd] WGLC on draft-ietf-dnssd-mdns-dns-interop-02

Dave Thaler <dthaler@microsoft.com> Sat, 02 April 2016 23:45 UTC

Return-Path: <dthaler@microsoft.com>
X-Original-To: dnssd@ietfa.amsl.com
Delivered-To: dnssd@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A784612D5A5 for <dnssd@ietfa.amsl.com>; Sat, 2 Apr 2016 16:45:15 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.002
X-Spam-Level:
X-Spam-Status: No, score=-102.002 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, USER_IN_WHITELIST=-100] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=microsoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id GmDksRKjgY4j for <dnssd@ietfa.amsl.com>; Sat, 2 Apr 2016 16:45:12 -0700 (PDT)
Received: from na01-bn1-obe.outbound.protection.outlook.com (mail-bn1bon0757.outbound.protection.outlook.com [IPv6:2a01:111:f400:fc10::1:757]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8C47712D59A for <dnssd@ietf.org>; Sat, 2 Apr 2016 16:45:12 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector1; h=From:To:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=r1chm02CcMAbrLkg7iBAA/f1DIWtyzr6yCEBqqygzhA=; b=MZD7TO5s7X7Cen+UT/tGGAA7XovsLDWnNXmUuxQ+YFoNuvE9Lsq2WpTcb0gS4nqwrWVWMI3i3a3yJJT3LR+Ks1n65ZhiLK+Ib92jAoIsP3LyZn/yQO1Wbzp6t7/J1wV21SDD4AFQQOMeYm9S19UAxqQ1msREn+DwZL+mrRM6Xkk=
Received: from DM2PR0301MB0717.namprd03.prod.outlook.com (10.160.97.13) by DM2PR0301MB0718.namprd03.prod.outlook.com (10.160.97.139) with Microsoft SMTP Server (TLS) id 15.1.447.15; Sat, 2 Apr 2016 23:44:51 +0000
Received: from DM2PR0301MB0717.namprd03.prod.outlook.com ([10.160.97.13]) by DM2PR0301MB0717.namprd03.prod.outlook.com ([10.160.97.13]) with mapi id 15.01.0447.025; Sat, 2 Apr 2016 23:44:51 +0000
From: Dave Thaler <dthaler@microsoft.com>
To: Tim Chown <tjc@ecs.soton.ac.uk>, "dnssd@ietf.org" <dnssd@ietf.org>, "asullivan@dyn.com" <asullivan@dyn.com>
Thread-Topic: [dnssd] WGLC on draft-ietf-dnssd-mdns-dns-interop-02
Thread-Index: AQHRjNq303NCp289Sk2ooC58ijO+r593VUPw
Date: Sat, 2 Apr 2016 23:44:51 +0000
Message-ID: <DM2PR0301MB07175BA40FB7623216DE6FE4A39B0@DM2PR0301MB0717.namprd03.prod.outlook.com>
References: <E5BEE9A6-3719-4A09-998B-1A583B4D1342@ecs.soton.ac.uk> <1C777AF5-0406-44A2-B2BC-30673E8B5ADB@ecs.soton.ac.uk> <EMEW3|7e690cd33b6c76dcc010b72a8c2a5c1cs31DP503tjc|ecs.soton.ac.uk|1C777AF5-0406-44A2-B2BC-30673E8B5ADB@ecs.soton.ac.uk>
In-Reply-To: <EMEW3|7e690cd33b6c76dcc010b72a8c2a5c1cs31DP503tjc|ecs.soton.ac.uk|1C777AF5-0406-44A2-B2BC-30673E8B5ADB@ecs.soton.ac.uk>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: ecs.soton.ac.uk; dkim=none (message not signed) header.d=none;ecs.soton.ac.uk; dmarc=none action=none header.from=microsoft.com;
x-originating-ip: [12.130.117.210]
x-ms-office365-filtering-correlation-id: 0a354f89-62ef-4623-a8ec-08d35b50c8de
x-microsoft-exchange-diagnostics: 1; DM2PR0301MB0718; 5:vmqzepnlPlDtdlaTi2dBO2yypre5reKeM0Jeu0xfKOl9SiDf0OU0YVKNBVv5rHpPzSQO94d8s2Cr4dR36XbSAwROgilXeWfd3W1EI+9hsnlLrpmSndNS+X2umB9N0mMSkhQjXLnO6uncx6QEvnGevg==; 24:IaSR2YDc9ArPqmT9SN+ZCeqJHxoszugX52P0sCwbFLpzSyl2uC/VnBxslIY5bdjNpdUdOkJl9/dgl7jc9xdCqC+ZgF56ziHB6BqDF4wcH4k=
x-microsoft-antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:DM2PR0301MB0718;
x-microsoft-antispam-prvs: <DM2PR0301MB07185C2D04DFA7A0BA50D9C7A39B0@DM2PR0301MB0718.namprd03.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:;
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(61425038)(601004)(2401047)(8121501046)(5005006)(3002001)(10201501046)(61426038)(61427038); SRVR:DM2PR0301MB0718; BCL:0; PCL:0; RULEID:; SRVR:DM2PR0301MB0718;
x-forefront-prvs: 09007040D4
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(6009001)(24454002)(164054003)(377454003)(51694002)(92566002)(3280700002)(74316001)(1096002)(1220700001)(10290500002)(586003)(3846002)(5008740100001)(6116002)(102836003)(2906002)(10400500002)(31430400001)(2501003)(5005710100001)(3660700001)(19580405001)(19580395003)(33656002)(5001770100001)(107886002)(81166005)(77096005)(2900100001)(2201001)(15975445007)(5003600100002)(11100500001)(76576001)(189998001)(106116001)(10090500001)(99286002)(50986999)(86362001)(76176999)(54356999)(230783001)(5004730100002)(66066001)(122556002)(86612001)(2950100001)(5002640100001); DIR:OUT; SFP:1102; SCL:1; SRVR:DM2PR0301MB0718; H:DM2PR0301MB0717.namprd03.prod.outlook.com; FPR:; SPF:None; MLV:sfv; LANG:en;
spamdiagnosticoutput: 1:23
spamdiagnosticmetadata: NSPM
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: microsoft.com
X-MS-Exchange-CrossTenant-originalarrivaltime: 02 Apr 2016 23:44:51.3512 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM2PR0301MB0718
Archived-At: <http://mailarchive.ietf.org/arch/msg/dnssd/RgO4QwPYkx5kZ5EHTwWvc9kPd_M>
Subject: Re: [dnssd] WGLC on draft-ietf-dnssd-mdns-dns-interop-02
X-BeenThere: dnssd@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "Discussion of extensions to Bonjour \(mDNS and DNS-SD\) for routed networks." <dnssd.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnssd>, <mailto:dnssd-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnssd/>
List-Post: <mailto:dnssd@ietf.org>
List-Help: <mailto:dnssd-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnssd>, <mailto:dnssd-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 02 Apr 2016 23:45:15 -0000

I think the draft needs some editorial clarifications before it is ready to ship.

Section 1:
> Conventional use of
> the DNS generally follows the host name rules [RFC0952] for labels --
> the so-called LDH rule 

I’m not sure I agree with this phrasing.  See https://wiki.tools.ietf.org/html/rfc6055#section-3 

Perhaps replace sentence with:
    Many applications and resource record types follow the “Internet hostname"
    syntax [RFC0952] for labels – the so-called LDH rule.

> It is worth noting that the LDH rule is a convention,
> and not a rule of the DNS; this is made entirely plain by [RFC2181],
> section 11 .

Suggest appending
“and discussed further in [RFC6055], section 3.”

> Users of  applications are, of course, frequently unconcerned with
> (not to say oblivious to) the name-resolution system(s) in service at
> any given moment, and are inclined simply to use the same domain
> names in different contexts.

Suggest
s/Users of/Users and developers of/
(for rationale for this change, see discussion of figure 2 of RFC 6055)

> If DNS-SD is
> to be used in an environment where multiple resolution systems (such
> as mDNS and DNS) are to be queried for services, then some parts of
> the domain names to be queried will need to be compatible with the
> rules and conventions for all  the relevant technologies.

I don’t follow.   The point of RFC 6055 is that the encoding should be
handled by the name resolution provider (mapping to DNS or to mDNS
or hosts file or whatever else) not by the application.   So which layer
is this talking about?

Section 1.1:
> In practice, applications
> sometimes intercept labels that do not conform to the LDH rule and
> apply IDNA  and other transformations.

Unfortunately this is true, which is what causes many problems that led
to writing RFC 6055 to recommend that applications (as opposed to name
resolution libraries) stop doing so.   No change needed here I think, just
wanted to say I agree that's a problem.  :)

Section 2:
> will perform the U-label/A-label transformation automatically, saving
> applications from these details.  If this were the main problem,

Performing transformations automatically is not a problem, it's a solution.
I think the problem you're trying to point out is if they do the transformation
incorrectly.  E.g., if they do so without taking the protocol or the naming
context into account as discussed in RFC 6055.   Need to reword to clarify
what the problem is and isn't.

Section 3:
> and transmit labels as UTF-8 in the DNS is likely either to encounter
> problems or  result in unnecessary traffic to the public DNS (or

Grammar: either insert “to” before "result", or change “either to” to “to either”

> In particular, many labels in the <Domain> part of a Service
> Instance Name is  unlikely to be found in its UTF-8 form in the public

Grammar: “labels … is .. its”.  Perhaps “labels … are .. .their”?

> U-labels cannot contain upper case letters.   

Suggest citing [RFC5894] sections 3.1.3 and 4.2.

Section 4.1:
> The first way would be to treat this portion as likely to be
>   intercepted by system-wide IDNA-aware resolvers ,

What do you mean by "system-wide IDNA-aware resolver" here?
One unaware of which protocol will be used to resolve and in which naming context?
Clarify.

>   Instead, DNS-SD implementations can intercept the <Instance> portion
>   of a Service Instance Name and ensure that those labels are never
>   handed to IDNA-aware resolvers that might attempt to convert these
>   labels into A-labels .  

Either I’m confused (which is certainly possible, but would then imply the document
could be better worded for dummies), or neither approach in this document is
consistent with RFC 6055 recommendations.

Section 4.3:
> More important, operators of internationalized domain names will
> frequently publish such names in the  DNS as A-labels

For clarity it would be best to add “public” before "DNS".
This shouldn’t change the meaning since the sentence already says “frequently” so isn’t an absolute.

> DNS-SD implementations ought
>   to identify the <Domain> portion of the Service Instance Name and
>   treat it subject to IDNA2008 in case the domain is to be queried from
>   the global DNS .

If the “DNS-SD implementation” falls into either the “app” category or the “name resolution API”
category of figure 2 of RFC 6055, then I think this text seems to imply what I would consider bad
design (not how we would implement it).  Instead I think the DNS, mDNS, etc components 
should all do the correct transformation.   But RFC 6055 just recommends that it be done by 
some layer that knows both the protocol & the naming context, which could be the protocol layer
or could be the naming API layer, but to me having to change the naming API layer to be protocol-aware
seems architecturally bad.   So I think the confusing is perhaps around the term 
“DNS-SD implementations” which could use some elaboration, or at least rewording for consistency
with RFC 6055.

Dave

From: dnssd [mailto:dnssd-bounces@ietf.org] On Behalf Of Tim Chown
Sent: Saturday, April 2, 2016 5:25 AM
To: dnssd@ietf.org
Subject: Re: [dnssd] WGLC on draft-ietf-dnssd-mdns-dns-interop-02

Hi,

Ralph and I will take further comments to the list in advance of the dnssd meeting on Monday.

Comments of the form ‘this is ready to ship’ are also very useful.

Tim

On 17 Mar 2016, at 22:39, Tim Chown <tjc@ecs.soton.ac.uk> wrote:

Dear dnssd WG participants,
We are initiating a WG Last Call today on draft-ietf-dnssd-mdns-dns-interop-02, as can be found at https://tools.ietf.org/html/draft-ietf-dnssd-mdns-dns-interop-02.

The call runs for two weeks, and will thus close on Thursday 31st March.

Please send any comments (including indications of support for progression of the document as is) to the dnssd@ietf.org list. This draft will not be advanced for publication unless there is sufficient response and support from the WG.  And, of course, any substantive comments on the draft are strongly encouraged as well. 

We will discuss the comments arising from the WGLC in the WG meeting in BA on Monday 4th April.

Abstract

   Despite its name, DNS-Based Service Discovery can use naming systems
   other than the Domain Name System when looking for services.
   Moreover, when it uses the DNS, DNS-Based Service Discovery uses the
   full capability of DNS, rather than using a subset of available
   octets.  In order for DNS-SD to be used effectively in environments
   where multiple different name systems and conventions for their
   operation are in use, it is important to attend to differences in the
   underlying technology and operational environment.  This memo
   presents an outline of the requirements for selection of labels for
   conventional DNS and other resolution systems when they are expected
   to interoperate in this manner.


Thanks,

Ralph and Tim
dnssd WG co-chairs