Re: [Doh] POST and GET
bert hubert <bert.hubert@powerdns.com> Tue, 18 September 2018 05:16 UTC
Return-Path: <bert@hubertnet.nl>
X-Original-To: doh@ietfa.amsl.com
Delivered-To: doh@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2E7B912008A for <doh@ietfa.amsl.com>; Mon, 17 Sep 2018 22:16:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.651
X-Spam-Level:
X-Spam-Status: No, score=-1.651 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HEADER_FROM_DIFFERENT_DOMAINS=0.25, SPF_PASS=-0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZBwGSE1vzSjW for <doh@ietfa.amsl.com>; Mon, 17 Sep 2018 22:16:30 -0700 (PDT)
Received: from xs.powerdns.com (xs.powerdns.com [82.94.213.34]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7AFB4128D68 for <doh@ietf.org>; Mon, 17 Sep 2018 22:16:29 -0700 (PDT)
Received: from server.ds9a.nl (unknown [86.82.68.237]) by xs.powerdns.com (Postfix) with ESMTPS id 9F70C9FB55; Tue, 18 Sep 2018 05:16:20 +0000 (UTC)
Received: by server.ds9a.nl (Postfix, from userid 1000) id 5A7D8AC81A7; Tue, 18 Sep 2018 07:16:20 +0200 (CEST)
Date: Tue, 18 Sep 2018 07:16:20 +0200
From: bert hubert <bert.hubert@powerdns.com>
To: Sebastiaan Deckers <sebdeckers83@gmail.com>
Cc: doh@ietf.org, Kenny Shen <kenny@machinesung.com>
Message-ID: <20180918051620.GA17118@server.ds9a.nl>
References: <CADVGGb8+znpFStX4Qn3S4oCqOp1Np9uDPVXfS0V8nQecN3P+FA@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <CADVGGb8+znpFStX4Qn3S4oCqOp1Np9uDPVXfS0V8nQecN3P+FA@mail.gmail.com>
User-Agent: Mutt/1.5.24 (2015-08-30)
Archived-At: <https://mailarchive.ietf.org/arch/msg/doh/PM3EO6HZm3_W0vb5anviaUbEuB8>
Subject: Re: [Doh] POST and GET
X-BeenThere: doh@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: DNS Over HTTPS <doh.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/doh>, <mailto:doh-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/doh/>
List-Post: <mailto:doh@ietf.org>
List-Help: <mailto:doh-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/doh>, <mailto:doh-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 18 Sep 2018 05:16:32 -0000
On Tue, Sep 18, 2018 at 11:21:48AM +0800, Sebastiaan Deckers wrote: > > DoH servers MUST implement both the POST and GET methods. > What is meant by the word "implement"? That you implement both methods and that they both work. > I have *implemented* both GET and POST code paths. But do they need to > exposed in every use case? I want to be able to support GET only for server I see no exception or limitation in the text. > GET requires much more processing from a DOH proxy. I.e. parse the DNS > response packet to find the lowest TTL for HTTP cache-control header > max-age. As an operator I may want to disable support for GET requests from > the client and return 405 or 501. If you do that, you violate the principle of least astonishment https://en.wikipedia.org/wiki/Principle_of_least_astonishment Clients would rightfully be confused. They would also mess it up. > I love the idea of pushing DNS responses as GET. This is lightweight and > can be easily injected by a DOH proxy. However the current draft, in > section 5.3, does not impose a similar "MUST implement both" requirement on > the client. Should it? What you are asking for is a sentence that says 'if GET did not work you must retry as POST'. This complicates every client in existence with fallback code. DNS is already riddled with fallbacks and retries. So please no. Bert
- [Doh] POST and GET Sebastiaan Deckers
- Re: [Doh] POST and GET bert hubert
- Re: [Doh] POST and GET Daniel Stenberg
- Re: [Doh] POST and GET Ben Schwartz