Re: [dnssd] draft-sctl-service-registration call for adoption

Toke Høiland-Jørgensen <> Thu, 19 July 2018 19:18 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 069D7130E8B for <>; Thu, 19 Jul 2018 12:18:20 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2.001
X-Spam-Status: No, score=-2.001 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (2048-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id ZUddYWfgLy8u for <>; Thu, 19 Jul 2018 12:18:16 -0700 (PDT)
Received: from ( [IPv6:2001:470:dc45:1000::1]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 74A5C130DC6 for <>; Thu, 19 Jul 2018 12:18:16 -0700 (PDT)
From: Toke =?utf-8?Q?H=C3=B8iland-J=C3=B8rgensen?= <>
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;; s=20161023; t=1532027894; bh=SiFPprHdhAMhFvTb/pKw059uXhxFROqrQNeyMpeLLKI=; h=From:To:Cc:Subject:In-Reply-To:References:Date:From; b=OenRk7/g3jlareIndSeYzlgh5Dn62h18D2gCoqGy6Cl3mePadFWsZmILPiskan/5O kKg8QovjsIQUzWGKWPNCMOq2sOqj16sd/uBPdLtN7m/lY5TtHjSYfGSwK5JMUxiWdu YNnJILvfCoXp2oTIwrac3XONc+Ti05FNSogJg4x/NpU2dssH5iPZ28Aw2xKS3bKaLB JzFOK6a/iGMmbZAX6F4IQPWTpUzPnFnibROXndvBKIoz1oOEKhO/coGtagXRruCBFb sq+ieHmFZdRSkQAOvO6aA8NBIUudtHKyTOqlag5dZIy9WVdGIcAR5sL3/TBwW8lHkk rPMpcJSI7qgYA==
To: Ted Lemon <>, Tom Pusateri <>
Cc: dnssd <>
In-Reply-To: <>
References: <> <> <> <> <>
Date: Thu, 19 Jul 2018 21:18:06 +0200
X-Clacks-Overhead: GNU Terry Pratchett
Message-ID: <>
MIME-Version: 1.0
Content-Type: text/plain
Archived-At: <>
Subject: Re: [dnssd] draft-sctl-service-registration call for adoption
X-Mailman-Version: 2.1.27
Precedence: list
List-Id: "Discussion of extensions to DNS-based service discovery for routed networks." <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Thu, 19 Jul 2018 19:18:20 -0000

Ted Lemon <> writes:

> You actually talked in your presentation on the charter about an SRP
> relay. I think that is a good approach for Toke's use case.

I disagree. I don't want to run a relay.

> I don't think there is any way to do service registration across
> administrative boundaries without some kind of trust mechanism of this
> sort.

Sure there is: source address validation.

Say I run a dyndns service at I provide an admin
interface where someone can register and pick a subdomain, say, and register their IPv6 prefix. I then
configure my registration server to accept updates from that v6 prefix
for subdomains of on a TOFU basis. All the
user then has to do is add as their SRV record on their home
network, and presto, all their devices can now register themselves in
global DNS.