Re: [dnssd] draft-sctl-service-registration call for adoption

Ted Lemon <mellon@fugue.com> Thu, 19 July 2018 19:19 UTC

Return-Path: <mellon@fugue.com>
X-Original-To: dnssd@ietfa.amsl.com
Delivered-To: dnssd@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7A4A6130E8B for <dnssd@ietfa.amsl.com>; Thu, 19 Jul 2018 12:19:18 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.91
X-Spam-Level:
X-Spam-Status: No, score=-1.91 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, T_DKIMWL_WL_MED=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=fugue-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Aq3nuLjOMNYw for <dnssd@ietfa.amsl.com>; Thu, 19 Jul 2018 12:19:16 -0700 (PDT)
Received: from mail-io0-x22e.google.com (mail-io0-x22e.google.com [IPv6:2607:f8b0:4001:c06::22e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id F399C130DBE for <dnssd@ietf.org>; Thu, 19 Jul 2018 12:19:15 -0700 (PDT)
Received: by mail-io0-x22e.google.com with SMTP id r15-v6so1780488ioa.3 for <dnssd@ietf.org>; Thu, 19 Jul 2018 12:19:15 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fugue-com.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=5VTBiCH+TnOn+M/1rIrI+epRHZnJlQo1geELr8OK1Bw=; b=p2LpijnaxjcLlHyDQ7khCVqMUHiq7WrQA2vcDAN9KWiq+bzrGX3E3422ngRlobto/0 rbNZjOrAa4UwUxpDYdMt213UyUrElpIbDyX5tc9DEVgFqaotXquCrhE8xmbhSonaB9Gy OvK1HqYecMsntuH2dTLBRN5356e7cF2nKq6PhMQYUDuTcDzca6JQQS+iI8tpCKBSN1Eu 7g+J9FGHAOU9o14lEYKVb/Tx7f6QZURbRFLRur4tn3AxyfNMUX835JIwCVzVkKIs5NHp LFVwVEaqnYjHlIRS3nJLakVdmyepj4j2LaNlGAZEXYBMdAReZtvGFG30sTizuoAT/T2k 14NQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=5VTBiCH+TnOn+M/1rIrI+epRHZnJlQo1geELr8OK1Bw=; b=F9ub3nezwRgBsAzBEamqoSBI2J+X5R5RQc8csRL8tGbRXd8ci1Gg1LXW41UYzQICZ+ aweovLS9Pv2C97c4X/RDSjVggoRFx7oNlNvrwegh9anhjZT9ZlcJLxXfpxk6D8x3IYV8 WhRym5EOJ/80nhNwjOJHiHezzBH1RkWhTknv4/RflK5YVMcQp4U9K5U2ChPI8qcZPP4C DaAdrBqfvFeBu7gx5s9Cd0kGYgjD7LZM16Dzx1A2VbumRI66rJCn6f1/CL2TsW6SsGof iVyzFqIiduFB4uqw51A81jFI6NG7x5WXP5bUHCWg9h5CHlmRqcvPXnd+zbVFIb1Hp1u0 LBOA==
X-Gm-Message-State: AOUpUlEpmdUnZP2ZlBG2pNtaCWp0xFi41UTamTMnY9CCUOA20jazHco0 a3+/7YWENtkh9qylkPhP6DLglsETGTT73GtsAGgSxf65Swo=
X-Google-Smtp-Source: AAOMgpcDERopFj8FVCVTx0qvIofUmVeVQoCloSU837bnt0RjBg2DhQ1l4uvhGTn149mMAroE0u3thjGv2b642oQfGkY=
X-Received: by 2002:a6b:4c5:: with SMTP id 188-v6mr10132690ioe.32.1532027955254; Thu, 19 Jul 2018 12:19:15 -0700 (PDT)
MIME-Version: 1.0
References: <9CEB602B-87CA-4F5A-A0B9-C514528AB9AD@bangj.com> <CAPt1N1mg24bD9h6+N7EsBLbo9sDpwyAsN1TnopuZ0eAcdiNw0g@mail.gmail.com> <87y3e719eu.fsf@toke.dk> <8FF70F87-733C-4DBB-9AAC-85BEA1067105@bangj.com> <CAPt1N1=XTYr9VDhivAEBxn9O=3woe4r-fLt1HLG9A7rFs6nRVg@mail.gmail.com> <87pnzj3uhd.fsf@toke.dk>
In-Reply-To: <87pnzj3uhd.fsf@toke.dk>
From: Ted Lemon <mellon@fugue.com>
Date: Thu, 19 Jul 2018 15:19:04 -0400
Message-ID: <CAPt1N1=mTGtGdq6=F+K_8eEiShFj+8fVACR4ZU=HysvJpM1VNA@mail.gmail.com>
To: =?UTF-8?B?VG9rZSBIw7hpbGFuZC1Kw7hyZ2Vuc2Vu?= <toke@toke.dk>
Cc: Tom Pusateri <pusateri@bangj.com>, dnssd <dnssd@ietf.org>
Content-Type: multipart/alternative; boundary="0000000000000f284905715f0e76"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnssd/lkh00xRHwH0C69Vwc2odc_qPisA>
Subject: Re: [dnssd] draft-sctl-service-registration call for adoption
X-BeenThere: dnssd@ietf.org
X-Mailman-Version: 2.1.27
Precedence: list
List-Id: "Discussion of extensions to DNS-based service discovery for routed networks." <dnssd.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnssd>, <mailto:dnssd-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnssd/>
List-Post: <mailto:dnssd@ietf.org>
List-Help: <mailto:dnssd-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnssd>, <mailto:dnssd-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 19 Jul 2018 19:19:19 -0000

Sure, but there are privacy implications to that approach.

On Thu, Jul 19, 2018 at 3:18 PM Toke Høiland-Jørgensen <toke@toke.dk> wrote:

> Ted Lemon <mellon@fugue.com> writes:
>
> > You actually talked in your presentation on the charter about an SRP
> > relay. I think that is a good approach for Toke's use case.
>
> I disagree. I don't want to run a relay.
>
> > I don't think there is any way to do service registration across
> > administrative boundaries without some kind of trust mechanism of this
> > sort.
>
> Sure there is: source address validation.
>
> Say I run a dyndns service at dyndns.example.org. I provide an admin
> interface where someone can register and pick a subdomain, say
> myhome.dyndns.example.org, and register their IPv6 prefix. I then
> configure my registration server to accept updates from that v6 prefix
> for subdomains of myhome.dyndns.example.org on a TOFU basis. All the
> user then has to do is add regserver.dynsdns.example.org as their
> _dns-update._tcp.myhome.dynsdns.example.org SRV record on their home
> network, and presto, all their devices can now register themselves in
> global DNS.
>
> -Toke
>