Re: [dnssd] Adoption call for draft-sctl-advertising-proxy
Ted Lemon <mellon@fugue.com> Tue, 17 August 2021 22:46 UTC
Return-Path: <mellon@fugue.com>
X-Original-To: dnssd@ietfa.amsl.com
Delivered-To: dnssd@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 97C273A0DB3 for <dnssd@ietfa.amsl.com>; Tue, 17 Aug 2021 15:46:26 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.898
X-Spam-Level:
X-Spam-Status: No, score=-1.898 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, UNPARSEABLE_RELAY=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=fugue-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hWWxp6GgzwgR for <dnssd@ietfa.amsl.com>; Tue, 17 Aug 2021 15:46:24 -0700 (PDT)
Received: from mail-oi1-x235.google.com (mail-oi1-x235.google.com [IPv6:2607:f8b0:4864:20::235]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id F3FA93A0DBA for <dnssd@ietf.org>; Tue, 17 Aug 2021 15:46:23 -0700 (PDT)
Received: by mail-oi1-x235.google.com with SMTP id u25so1585895oiv.5 for <dnssd@ietf.org>; Tue, 17 Aug 2021 15:46:23 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fugue-com.20150623.gappssmtp.com; s=20150623; h=from:in-reply-to:references:mime-version:date:message-id:subject:to :cc; bh=VoKLKmaJbGhNlegbseMm3oYNps4VUCWfbFjLG6/68a4=; b=QfxYB2BmsBs34TUdQvDJiSeCg1RxQq+UEY2GYSEOT78OSM9fA6wbiPNwmdhsVGkbfP d+KXwMFQwTHDxcPfmjSEbOBXTjtLd+e2NRwFDvSuoPd/h3qpX6DTSCPqNF/CEZQZslf6 BNrifNRAAEl9VOuTgyInW0QVWkjivMPsQw/cQJOt2XYIZ97eMnWrLvb7USdTEyouowfD K/11jDoffp1Nv4DelyLiuSeSw9VBy8j9E0/VJ4FQwoT3TOQeWIsZbINoZlmkojXsgZfM 8GUFBW5+u4lLJq2n3lKfTg8fNeyoLKY2o1FdvBDBG/g3xclEzWeVG7+UNbzpiEnJJvcI DdEA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:in-reply-to:references:mime-version:date :message-id:subject:to:cc; bh=VoKLKmaJbGhNlegbseMm3oYNps4VUCWfbFjLG6/68a4=; b=WJJKEdQYDCA9jOxdfjXQiPnSUK05xdD+hwQ6vZtGZr1VYXNH3VGwQbHsOjfiddyHIb Z1DhcE4uOvCoBwbKcDiN0tfEiYKhFxy/jT0XQjj4JPPNIkWNT1pHx1Rh342c1o7/6/vZ xxdX0o9afiR74uRL8lM82+shkA+B+zeUg8hfIghe1PR1y0em1wy0oGryc88ii73zHRzD 1IGshipN7UOVxkMdtT1Yg9bumJASKW1CXS3bgGeQUFxkzNaeGDWeuYnFOzn+zOocS1df P1fRvu0JzoJSFObmF7w51gcuSda6keh7MR6V9krkN3QIGQsFOw8xv4ZFWO9zBWbLnJrJ zGQw==
X-Gm-Message-State: AOAM531178oSpxDiWVp1NX8GdyFCFq6ufF+FS7e41eymyRFEOqnKlY+h CfNzevnXEIr+3KUBpynPXvMlmB+zneo14H0bhye1NA==
X-Google-Smtp-Source: ABdhPJyGRjPBKx4tucTPBirGrTFbrdb4DAhWiCKur5A4n8tH0k/xZRfljIAQI0n8RQPRcHwe8sSnxwwQMQQ2Dqqja20=
X-Received: by 2002:aca:2b05:: with SMTP id i5mr4406138oik.55.1629240381002; Tue, 17 Aug 2021 15:46:21 -0700 (PDT)
Received: from 1058052472880 named unknown by gmailapi.google.com with HTTPREST; Tue, 17 Aug 2021 15:46:20 -0700
From: Ted Lemon <mellon@fugue.com>
In-Reply-To: <CANLjSvV45ki5ZjGut62uJTtyJ8+J8AwXcPKNMUTimDUoga5qkA@mail.gmail.com>
References: <CADPZrgTu8QeR=yAM+9w0zDJ45Uz7Lgs12-6PKzutTW_p1RkA4Q@mail.gmail.com> <CAPt1N1=NgRRVnD1L_dJ_mZYuE5ReXOv0sK_cL6RcjcmpdQZOYg@mail.gmail.com> <CANLjSvV45ki5ZjGut62uJTtyJ8+J8AwXcPKNMUTimDUoga5qkA@mail.gmail.com>
MIME-Version: 1.0
Date: Tue, 17 Aug 2021 15:46:20 -0700
Message-ID: <CAPt1N1myE-01aNhTS69OU4Xr+6dhfyzZCXO_Piov2LFpjbNsNw@mail.gmail.com>
To: Lanlan Pan <abbypan@gmail.com>
Cc: Simon Lin <simonlin=40google.com@dmarc.ietf.org>, dnssd <dnssd@ietf.org>
Content-Type: multipart/alternative; boundary="0000000000002a084205c9c91695"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnssd/h1veaZ5XC7nsauMyXK5UzgWqMWg>
Subject: Re: [dnssd] Adoption call for draft-sctl-advertising-proxy
X-BeenThere: dnssd@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Discussion of extensions to DNS-based service discovery for routed networks." <dnssd.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnssd>, <mailto:dnssd-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnssd/>
List-Post: <mailto:dnssd@ietf.org>
List-Help: <mailto:dnssd-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnssd>, <mailto:dnssd-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 17 Aug 2021 22:46:27 -0000
On August 17, 2021 at 10:33:00 AM, Lanlan Pan (abbypan@gmail.com) wrote: I don't think dnssd-zone-discover helps with this. I think the client needs to either unregister itself with SRP before migrating, or follow the same protocol I mentioned earlier with respect to its service advertisement: advertise without asserting uniqueness. +1, advertise without asserting uniqueness. To join in a Thread zone, srp client should be authenticated through J-PAKE or other protocols. the srp client only its own the srp server, the srp server can only ensure the uniqueness in its zone, but not asserting the uniqueness with other zones. If srp client migrating to a mdns client, just follow the mdns conflicts policy. Actually that's not really an issue we address. Yes, on a network like Thread, the commissioning process guarantees that the client has the right to connect, but it doesn't guarantee a unique hostname. Some other part of the onboarding process might do that, or might not, but SRP doesn't really pay attention to that. Rather, devices are expected to have a unique public/private key pair that's used to claim the name, and conflicts are detected by noticing that the client making a claim to a name has signed their claim with the wrong key (wrong meaning not the key that was used last time). And then that client doesn't get the name. This is FCFS naming. As long as there is a single SRP namespace, it's fine for it to span more than one network link, because the FCFS naming process ensures that there will be no duplicate names. If a device moves from Thread to WiFi, we want it to keep the same name. The problem is that mDNS currently lacks the capability to defend names using FCFS, and so when this roaming occurs, if there is an overlap between the lifetime of the SRP registration and the lifetime of the mDNS advertisement, we need a strategy for dealing with that. The strategy I'm proposing is that we allow the conflict to exist, and let the application figure out which information to use. Ultimately though we want WiFi clients to use SRP, with FCFS naming, and that solves the problem. We could do what the Discovery Proxy does and give each link its own name, but I didn't suggest going that route because I think it's confusing. Is a device with the same name in a different domain the same device that's moved to a different network, or a different device? The application still has to figure this out, so we haven't gained anything. Additionally, the app needs to do more work, because now it has to have a list of domains to query (or the API for finding names has to know to query multiple domains). Also, with that model, when a device roams to a new link, until it's discovered to have roamed, there is no name the app can use to immediately reference the device, because now the name changes from link to link. So the app has to always be doing discovery just to find the device when it roams, even if it isn't interested in other devices that have the same service type. So that's why I tend to prefer the model where we do our best to avoid conflicts, but when we have duplicate information, we allow it to coexist. The app should be able to fairly easily figure out which information to use, and the period of coexistence should be brief, so if there is a cost to disambiguating, it will be paid only infrequently.
- [dnssd] Adoption call for draft-sctl-advertising-… Kangping Dong
- Re: [dnssd] Adoption call for draft-sctl-advertis… Martin Turon
- Re: [dnssd] Adoption call for draft-sctl-advertis… Ted Lemon
- Re: [dnssd] Adoption call for draft-sctl-advertis… Simon Lin
- Re: [dnssd] Adoption call for draft-sctl-advertis… Jonathan Hui
- Re: [dnssd] Adoption call for draft-sctl-advertis… Simon Lin
- Re: [dnssd] Adoption call for draft-sctl-advertis… Ted Lemon
- Re: [dnssd] Adoption call for draft-sctl-advertis… Jonathan Hui
- Re: [dnssd] Adoption call for draft-sctl-advertis… Ted Lemon
- Re: [dnssd] Adoption call for draft-sctl-advertis… Saurabh Kumar
- Re: [dnssd] Adoption call for draft-sctl-advertis… Jonathan Hui
- Re: [dnssd] Adoption call for draft-sctl-advertis… Ted Lemon
- Re: [dnssd] Adoption call for draft-sctl-advertis… Simon Lin
- Re: [dnssd] Adoption call for draft-sctl-advertis… mellon
- Re: [dnssd] Adoption call for draft-sctl-advertis… Simon Lin
- Re: [dnssd] Adoption call for draft-sctl-advertis… Jonathan Hui
- Re: [dnssd] Adoption call for draft-sctl-advertis… Lanlan Pan
- Re: [dnssd] Adoption call for draft-sctl-advertis… Ted Lemon
- Re: [dnssd] Adoption call for draft-sctl-advertis… Lanlan Pan