Re: [Doh] [Ext] Reviewing Resolver-Associated DOH
Martin J. Dürst <duerst@it.aoyama.ac.jp> Sun, 17 March 2019 23:25 UTC
Return-Path: <duerst@it.aoyama.ac.jp>
X-Original-To: doh@ietfa.amsl.com
Delivered-To: doh@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4338E129BBF for <doh@ietfa.amsl.com>; Sun, 17 Mar 2019 16:25:45 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.922
X-Spam-Level:
X-Spam-Status: No, score=-0.922 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FROM_EXCESS_BASE64=0.979, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=itaoyama.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id JEJZ13zcClqT for <doh@ietfa.amsl.com>; Sun, 17 Mar 2019 16:25:43 -0700 (PDT)
Received: from JPN01-OS2-obe.outbound.protection.outlook.com (mail-eopbgr1410119.outbound.protection.outlook.com [40.107.141.119]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E73D01240D3 for <doh@ietf.org>; Sun, 17 Mar 2019 16:25:41 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=itaoyama.onmicrosoft.com; s=selector1-it-aoyama-ac-jp; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=H71UZlJOG2ub9VJSjd4LsgCFtmEAzBgwut0xQlmeFJc=; b=RkkmwsZ+lO4KgSwswgzn4e9eJnjF3jKIWSsMsaZJ51asmg+232LS8z9dMUe7b+ei9IEKGN0hfppinzTRN161mdnEiNNHCiwNiHSmwZhpFZ2hAM4In/A1V+ziBunGrv2BrQKQJk/tWlzcEE5A/XWHN6DlZ2Kva2TBzznHrAmJRxI=
Received: from TYAPR01MB5149.jpnprd01.prod.outlook.com (20.179.187.18) by TYAPR01MB2479.jpnprd01.prod.outlook.com (20.177.105.140) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1709.14; Sun, 17 Mar 2019 23:25:37 +0000
Received: from TYAPR01MB5149.jpnprd01.prod.outlook.com ([fe80::98b6:d90e:9ae7:302]) by TYAPR01MB5149.jpnprd01.prod.outlook.com ([fe80::98b6:d90e:9ae7:302%3]) with mapi id 15.20.1709.015; Sun, 17 Mar 2019 23:25:37 +0000
From: "Martin J. Dürst" <duerst@it.aoyama.ac.jp>
To: Paul Hoffman <paul.hoffman@icann.org>, DoH WG <doh@ietf.org>
Thread-Topic: [Doh] [Ext] Reviewing Resolver-Associated DOH
Thread-Index: AQHU3Ri65s1iy12g3kKbR1p/RaqBHg==
Date: Sun, 17 Mar 2019 23:25:37 +0000
Message-ID: <b5c7f08d-debc-b426-f72d-b5100c476b4f@it.aoyama.ac.jp>
References: <CAHbrMsCNyeabhk0sVexOHVedVkgG2dvV9T8wWL++om5juAUvEw@mail.gmail.com> <5690c5b2-65ab-55d4-b3ec-d06d82ebbb26@riseup.net> <7F06A457-58C6-47A0-BDCA-D25FF0C6C062@icann.org>
In-Reply-To: <7F06A457-58C6-47A0-BDCA-D25FF0C6C062@icann.org>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-clientproxiedby: TYAPR01CA0227.jpnprd01.prod.outlook.com (2603:1096:404:11e::23) To TYAPR01MB5149.jpnprd01.prod.outlook.com (2603:1096:404:12e::18)
authentication-results: spf=none (sender IP is ) smtp.mailfrom=duerst@it.aoyama.ac.jp;
x-ms-exchange-messagesentrepresentingtype: 1
x-originating-ip: [223.218.133.122]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 419b9d0f-fb3a-4a49-cfdf-08d6ab2fdca1
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(7021145)(8989299)(4534185)(7022145)(4603075)(4627221)(201702281549075)(8990200)(7048125)(7024125)(7025125)(7027125)(7023125)(5600127)(711020)(4605104)(2017052603328)(7153060)(7193020); SRVR:TYAPR01MB2479;
x-ms-traffictypediagnostic: TYAPR01MB2479:
x-microsoft-antispam-prvs: <TYAPR01MB247957B2057EC2D34AC83935CA460@TYAPR01MB2479.jpnprd01.prod.outlook.com>
x-forefront-prvs: 09796A1B83
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(136003)(39830400003)(366004)(396003)(376002)(346002)(199004)(189003)(8936002)(256004)(31686004)(85202003)(106356001)(31696002)(97736004)(68736007)(305945005)(85182001)(786003)(316002)(25786009)(7736002)(486006)(2616005)(26005)(476003)(5660300002)(508600001)(105586002)(86362001)(99286004)(71190400001)(2906002)(71200400001)(8676002)(52116002)(66066001)(81166006)(81156014)(53936002)(6436002)(6246003)(110136005)(6486002)(6506007)(53546011)(74482002)(229853002)(11346002)(446003)(6512007)(76176011)(386003)(14454004)(186003)(6116002)(102836004)(3846002); DIR:OUT; SFP:1102; SCL:1; SRVR:TYAPR01MB2479; H:TYAPR01MB5149.jpnprd01.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:0; MX:1;
received-spf: None (protection.outlook.com: it.aoyama.ac.jp does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: 7eSNfoOk6olQydn7DtarwUFK0OkRFAkV9M9TzOtZFXCchsnf+v6Vq3QI1p4q++tFmM9Ft7WA+u5QRP8laA1ntaw1bltXryoXjyGS4Fk6hrMnvglLWaeUQlBrSKKP1wQHDgoba/6BgajHMdqEV5xaRk0Bh5cYeGlKRoCHfzTMvZovJ4MzA/od6c745A8+YdlW530Rjkvp8YVOzMkvjDAbDSoxxFXG/1aXXnTuWoBWrl+zOjZXs6zi8LlKVPbqzWL5/lEO30KfCjQ4oBPdqcvH/8nPWS46RFukzS4+FxkVBw2sXkC9q5AZR/reh0nJ6xTLzHpbkRss7CVsYZ/gx8EJAd6OczDSHp3g1rTa8V0YhplamnUn0PsCDo706+yn+Mzddj0OzxI81E7qAIU/pZYKj0tjFVCmmMmyGcwo9/twpiE=
Content-Type: text/plain; charset="utf-8"
Content-ID: <8CDAF1FC70BC9043A4BE91E575C3F760@jpnprd01.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: it.aoyama.ac.jp
X-MS-Exchange-CrossTenant-Network-Message-Id: 419b9d0f-fb3a-4a49-cfdf-08d6ab2fdca1
X-MS-Exchange-CrossTenant-originalarrivaltime: 17 Mar 2019 23:25:37.6070 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: e02030e7-4d45-463e-a968-0290e738c18e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-Transport-CrossTenantHeadersStamped: TYAPR01MB2479
Archived-At: <https://mailarchive.ietf.org/arch/msg/doh/Acr44D5gTY-cWpZq5cw2KFZ4Wmk>
Subject: Re: [Doh] [Ext] Reviewing Resolver-Associated DOH
X-BeenThere: doh@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: DNS Over HTTPS <doh.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/doh>, <mailto:doh-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/doh/>
List-Post: <mailto:doh@ietf.org>
List-Help: <mailto:doh-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/doh>, <mailto:doh-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 17 Mar 2019 23:25:46 -0000
On 2019/03/17 01:04, Paul Hoffman wrote: > > On Mar 16, 2019, at 8:51 AM, nusenu <nusenu-lists@riseup.net> wrote: > On Mar 16, 2019, at 8:51 AM, nusenu <nusenu-lists@riseup.net> wrote: >> Hewitt, Rory wrote: >>> As with all /.well-known/ endpoints, the issue is both >>> standardization and publicization. AIUI, @mnot's original ideal would >>> be to have /.well-known/ be pretty 'generic'. Therefore I'm not a fan >>> of "/doh-servers-associated/" - I'd much rather see "/dns/doh/", >>> which would enable other (future) DNS-related functionality to have a >>> sub-folder within "/.well-known/dns/". If that's not a possibility, >>> what about "/.well-known/dns-doh/"? >> >> +1 >> >> I find these suggested .well-known URLs clearer than "doh-servers-associated". > > I'm generally against this idea for two reasons: > > - No one will see this URL other than software developers and operators watching their logs. They will not be visible to users. > > - Layered spaces under a .well-known/ are possible but I don't think they are well-understood. I very much agree. It could make things more complicated for IANA, and it could make things more complicated for server administrators. Even if the additional level of complexity is minimal in many cases, it may not be in others. I'm not against including the three-letter acronym 'dns' in the string somehow; that may help administrators who look at .well-known a while after somebody got that folder set up. Regards, Martin.
- [Doh] Reviewing Resolver-Associated DOH Ben Schwartz
- Re: [Doh] [EXTERNAL] Reviewing Resolver-Associate… Winfield, Alister
- Re: [Doh] [EXTERNAL] Reviewing Resolver-Associate… Winfield, Alister
- Re: [Doh] [EXTERNAL] Reviewing Resolver-Associate… Loganaden Velvindron
- Re: [Doh] [EXTERNAL] Reviewing Resolver-Associate… Winfield, Alister
- [Doh] IP address certificates Paul Hoffman
- [Doh] Use of TXT records Paul Hoffman
- Re: [Doh] Use of TXT records Ben Schwartz
- Re: [Doh] Reviewing Resolver-Associated DOH Hewitt, Rory
- Re: [Doh] Use of TXT records Hewitt, Rory
- Re: [Doh] Use of TXT records Ben Schwartz
- Re: [Doh] Use of TXT records Hewitt, Rory
- Re: [Doh] [EXTERNAL] Reviewing Resolver-Associate… Adam Roach
- Re: [Doh] Use of TXT records Eliot Lear
- Re: [Doh] [Ext] Use of TXT records Paul Hoffman
- Re: [Doh] Reviewing Resolver-Associated DOH nusenu
- Re: [Doh] Reviewing Resolver-Associated DOH nusenu
- Re: [Doh] [Ext] Reviewing Resolver-Associated DOH Paul Hoffman
- Re: [Doh] [Ext] Reviewing Resolver-Associated DOH nusenu
- [Doh] Talking to my resolver Martin Thomson
- Re: [Doh] IP address certificates Martin Thomson
- Re: [Doh] [Ext] IP address certificates Paul Hoffman
- Re: [Doh] [Ext] IP address certificates Martin Thomson
- Re: [Doh] [Ext] Reviewing Resolver-Associated DOH Martin J. Dürst
- Re: [Doh] Talking to my resolver nusenu
- Re: [Doh] Talking to my resolver Martin Thomson
- Re: [Doh] Talking to my resolver Ben Schwartz
- Re: [Doh] [Ext] Reviewing Resolver-Associated DOH Hewitt, Rory
- Re: [Doh] Talking to my resolver nusenu
- Re: [Doh] [Ext] Reviewing Resolver-Associated DOH nusenu
- Re: [Doh] [Ext] Reviewing Resolver-Associated DOH Hewitt, Rory
- Re: [Doh] [Ext] Reviewing Resolver-Associated DOH Mark Nottingham
- Re: [Doh] Talking to my resolver Ben Schwartz
- Re: [Doh] [Ext] Reviewing Resolver-Associated DOH Hewitt, Rory
- Re: [Doh] [Ext] Reviewing Resolver-Associated DOH Adam Roach
- Re: [Doh] security goals nusenu
- Re: [Doh] [Ext] security goals Paul Hoffman
- [Doh] DoH discovery security goals nusenu