IETF Logo Mail Archive

Re: [dnssd] Strategy of advertising proxy for hostname conflicts during key lease period? (draft-ietf-dnssd-advertising-proxy-00)

Ted Lemon <mellon@fugue.com> Wed, 08 June 2022 18:45 UTC

Return-Path: <mellon@fugue.com>
X-Original-To: dnssd@ietfa.amsl.com
Delivered-To: dnssd@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 71885C157B59 for <dnssd@ietfa.amsl.com>; Wed, 8 Jun 2022 11:45:27 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.908
X-Spam-Level:
X-Spam-Status: No, score=-6.908 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=fugue-com.20210112.gappssmtp.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3D5tkMBd8atC for <dnssd@ietfa.amsl.com>; Wed, 8 Jun 2022 11:45:23 -0700 (PDT)
Received: from mail-oa1-x31.google.com (mail-oa1-x31.google.com [IPv6:2001:4860:4864:20::31]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C00D5C2D8F4E for <dnssd@ietf.org>; Wed, 8 Jun 2022 11:45:23 -0700 (PDT)
Received: by mail-oa1-x31.google.com with SMTP id 586e51a60fabf-e93bbb54f9so28283367fac.12 for <dnssd@ietf.org>; Wed, 08 Jun 2022 11:45:23 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fugue-com.20210112.gappssmtp.com; s=20210112; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=bfMT5XuUzY5+BBvUqtVRPPgB3iWcfXDYIkIyfCle3zk=; b=RID08S1bvJRGgVKgRBnZ7uC4DlRfJ3Haz0PbsocMJBezeLQ7ceCul7kOUTbHY6U2ib Ro0WySW1izAsq9efMB3OKUFvVT4cbXsIb6x1UJxklb4QMuLkLST4kk8UuWEMaPz4L444 y6BqCE1YBLuxjzFbk7dDLuCZ+o/Ikm2PnzLhtGc5ogTpAQSC0UWR74xDNN3GJmu2TEfS FsrmXW20lVCOeqznnXzY/qyCYjIa6oazIFBgEWHfzArfvmRtpRsQ4fl4HwwdmiVF9V6M iR/xP2cFXJdQ8uxiydRPoRUzDQ05t6GnUpNF+yziTQk1TyIbM2siQk1kkZUpWsrDimd5 LEUA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=bfMT5XuUzY5+BBvUqtVRPPgB3iWcfXDYIkIyfCle3zk=; b=fUPdTj0B493yn2W5MGZvfoIbcQSr9C3++yCMkXnZXPOqbMJDbdgCyFSCJa5wdD1bDJ RkXVxY9HLPvayyO/nXiJ+f9coWs+PQAInmwamuShST4UJ1ls3VdZOCtxdC7o8vPh15J5 hYUaur//LcQ6R/WKXba2oaY40F0BxPjqxoac8SMmqANHHlRZoigbSMYVI1FInivkQQcc 9CsZGkAyFyxquZXc77hegwMCC+Xi/2zfxCf+J8HDlrXe/gazq2XSfQuB8L+7Avoiljfx /urdHlCI8ooSLGLxZBNFSvXV2GV/cW8c1FMDS2rBKr8Q0yZwcoZ+ZHNq+3T8NccdbUDW LW6g==
X-Gm-Message-State: AOAM532Rjm9wICIUmznqzIPwZtGrGVcaxcHw6YoYHlaumYBsN0RSQDdI 7S+VHh0ZpMYBvWFjBYgxlQDh8+3VA9fL17JrrYy//woD5R8=
X-Google-Smtp-Source: ABdhPJwoGkFaB/OQINaABN317v2BSZ+S/NAudTLjQ4r4LX1yPMtgWMottVTChEnj3bTiEmNmOwdCHIchLtsqEjLcg9M=
X-Received: by 2002:a05:6871:54c:b0:f3:44ea:6452 with SMTP id t12-20020a056871054c00b000f344ea6452mr3082705oal.209.1654713922062; Wed, 08 Jun 2022 11:45:22 -0700 (PDT)
MIME-Version: 1.0
References: <DU0P190MB1978D4C3F784B67C8AF39A7DFDA49@DU0P190MB1978.EURP190.PROD.OUTLOOK.COM>
In-Reply-To: <DU0P190MB1978D4C3F784B67C8AF39A7DFDA49@DU0P190MB1978.EURP190.PROD.OUTLOOK.COM>
From: Ted Lemon <mellon@fugue.com>
Date: Wed, 08 Jun 2022 14:44:46 -0400
Message-ID: <CAPt1N1nFYVMYiEuhSM4Kuickvb2VBgyanEV=VgGtX996oZW5EA@mail.gmail.com>
To: Esko Dijk <esko.dijk@iotconsultancy.nl>
Cc: "dnssd@ietf.org" <dnssd@ietf.org>
Content-Type: multipart/alternative; boundary="00000000000087a67f05e0f41b21"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnssd/W3-NIx1u9H8RPg4l4NnHlxQhny8>
Subject: Re: [dnssd] Strategy of advertising proxy for hostname conflicts during key lease period? (draft-ietf-dnssd-advertising-proxy-00)
X-BeenThere: dnssd@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Discussion of extensions to DNS-based service discovery for routed networks." <dnssd.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnssd>, <mailto:dnssd-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnssd/>
List-Post: <mailto:dnssd@ietf.org>
List-Help: <mailto:dnssd-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnssd>, <mailto:dnssd-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 08 Jun 2022 18:45:27 -0000

You are correct. Fortunately, we always have a KEY record that we can
publish on the owner name. This is what the advertising proxy should do to
defend the name. If some non-SRP service tries to register the name, it
will get a hostname conflict.

On Wed, Jun 8, 2022 at 9:36 AM Esko Dijk <esko.dijk@iotconsultancy.nl>
wrote:

> Hi all,
>
>
>
> Something that could be added to draft-ietf-dnssd-advertising-proxy-00 is
> the handling of hostname conflicts; and how an advertising proxy would
> “defend” an SRP registration on the mDNS link side. (There was a previous
> thread on this too.)
>
>
>
> In particular, what if a host registration has already expired but the
> key-lease is still active? In SRP, then no-one else can claim this
> hostname. But in mDNS, we don’t seem to have such mechanism i.e. the
> advertising proxy doesn’t “defend” the hostname registration on the mDNS
> link. Or does it?
>
> So it could happen that this hostname is claimed on the mDNS side by an
> mDNS native device, even though a particular SRP client still has the
> key-lease on this name.
>
>
>
> The original name owner (SRP client) could later come back online and it
> may need to claim the name again – conflicting with the mDNS link.
>
>
>
> Best regards
>
> Esko
>
>
>
> *IoTconsultancy.nl*  |  Email/Teams: esko.dijk@iotconsultancy.nl    |
> +31 6 2385 8339
>
>
> _______________________________________________
> dnssd mailing list
> dnssd@ietf.org
> https://www.ietf.org/mailman/listinfo/dnssd
>

v2.23.0 | Report a Bug | By Email