Re: [Doh] [Ext] Re: Use cases and URLs

Patrick McManus <pmcmanus@mozilla.com> Wed, 07 March 2018 21:11 UTC

Return-Path: <pmcmanus@mozilla.com>
X-Original-To: doh@ietfa.amsl.com
Delivered-To: doh@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7732C127863 for <doh@ietfa.amsl.com>; Wed, 7 Mar 2018 13:11:09 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.233
X-Spam-Level:
X-Spam-Status: No, score=-1.233 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, SPF_SOFTFAIL=0.665, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id yR_dRXjv-rA0 for <doh@ietfa.amsl.com>; Wed, 7 Mar 2018 13:11:03 -0800 (PST)
Received: from linode64.ducksong.com (www.ducksong.com [192.155.95.102]) by ietfa.amsl.com (Postfix) with ESMTP id F07F41277BB for <doh@ietf.org>; Wed, 7 Mar 2018 13:11:02 -0800 (PST)
Received: from mail-oi0-f41.google.com (mail-oi0-f41.google.com [209.85.218.41]) by linode64.ducksong.com (Postfix) with ESMTPSA id 5F9343A067 for <doh@ietf.org>; Wed, 7 Mar 2018 16:11:02 -0500 (EST)
Received: by mail-oi0-f41.google.com with SMTP id t185so2776985oif.6 for <doh@ietf.org>; Wed, 07 Mar 2018 13:11:02 -0800 (PST)
X-Gm-Message-State: APf1xPDMIQBp3Frnlp7wSkRnH4yPa6RLQN6cdGIs6IIj4J6hYHGv1UXv 53jAWNuJyN5br0zIw9iG94R9THFRPozZ32eXQno=
X-Google-Smtp-Source: AG47ELvxhDzrzVoJNEtKtRWRXcbK2dWh7fl57SIbznxG8gcughd8VHO+jYdVX3MP1z0vK/BAoM9XquMX/h7/hC63s+o=
X-Received: by 10.202.94.132 with SMTP id s126mr14362728oib.155.1520457062049; Wed, 07 Mar 2018 13:11:02 -0800 (PST)
MIME-Version: 1.0
Received: by 10.74.66.212 with HTTP; Wed, 7 Mar 2018 13:11:01 -0800 (PST)
In-Reply-To: <497ECCA2-5453-40CC-8385-7FEBE1A3FB0D@icann.org>
References: <24DEFAAB-D2A3-45E5-8CEE-E2E4EA23B9C2@icann.org> <5bca3f4f-e40a-4afc-c71a-25ede395a065@nostrum.com> <497ECCA2-5453-40CC-8385-7FEBE1A3FB0D@icann.org>
From: Patrick McManus <pmcmanus@mozilla.com>
Date: Wed, 7 Mar 2018 16:11:01 -0500
X-Gmail-Original-Message-ID: <CAOdDvNr-uDrQjpmB9RVfqqNtj+65QJoM+-bqQLbgYvfGKG4EQQ@mail.gmail.com>
Message-ID: <CAOdDvNr-uDrQjpmB9RVfqqNtj+65QJoM+-bqQLbgYvfGKG4EQQ@mail.gmail.com>
To: Paul Hoffman <paul.hoffman@icann.org>
Cc: Adam Roach <adam@nostrum.com>, "doh@ietf.org" <doh@ietf.org>
Content-Type: multipart/alternative; boundary="001a113d5160146f7d0566d8ff42"
Archived-At: <https://mailarchive.ietf.org/arch/msg/doh/2HHeHlvQQW35mnAkCGTOoQ3TBO8>
Subject: Re: [Doh] [Ext] Re: Use cases and URLs
X-BeenThere: doh@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: DNS Over HTTPS <doh.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/doh>, <mailto:doh-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/doh/>
List-Post: <mailto:doh@ietf.org>
List-Help: <mailto:doh-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/doh>, <mailto:doh-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 07 Mar 2018 21:11:09 -0000

On Wed, Mar 7, 2018 at 12:28 AM, Paul Hoffman <paul.hoffman@icann.org>;
wrote:

> On Mar 6, 2018, at 20:04, Adam Roach <adam@nostrum.com>; wrote:
> >
> >
> >
> > Can you elaborate on this a bit? I fully expect that the typical
> user-self-provisioning case will involve copy/pasting server information,
> in which case the difference between a server and a URL is pretty minimal.
> Do you expect users to type server names in rather than copying them?
>
> Yes, exactly. If someone tells you that your bank runs this secure DNS
> server, that’s verbal, not copy and paste.
>
>
I don't agree with this.

Its logically an argument for not even using hostnames. The minimal
information in your example is your bank - so just assume www.BANK.com.
That's certainly easier to convey though it has some obvious shortcomings.

But even if you argue hostname is the goldilocks of granularity, the DNS
resolver market has already shown that its not rich enough. note that
quad-9 offers both 9.9.9.9 and 9.9.9.10 and that 10 is not simply a
secondary for .9 but its a different service with different policies and
different results.. but because the configuration scheme of traditional DNS
is so coarse they needed to burn IPv4 addresses just to convey
configuration information. Your suggestion uplevels that from 1 address to
1 hostname but the fundamental problem remains.

Lastly, we want this work to be consistent with the BCP56bis work which
explicitly talks about Initial URLs in 4.4.1. It says arbitrary URLs should
be used unless they are not practical. I would say if there were no
configuration at all we could talk about whether or not they were
impractical, but in the cases that are in scope we're definitely talking
about configuration.

-P