Re: [Doh] [Ext] draft-ietf-doh-resolver-associated-doh-02 comments
Patrick McManus <mcmanus@ducksong.com> Sun, 24 March 2019 12:21 UTC
Return-Path: <mcmanus@ducksong.com>
X-Original-To: doh@ietfa.amsl.com
Delivered-To: doh@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 71F371275F3 for <doh@ietfa.amsl.com>; Sun, 24 Mar 2019 05:21:42 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ducksong.com header.b=UaXtjQSO; dkim=pass (2048-bit key) header.d=outbound.mailhop.org header.b=UYwhYF9S
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id j5nMMY0DExQX for <doh@ietfa.amsl.com>; Sun, 24 Mar 2019 05:21:40 -0700 (PDT)
Received: from outbound1g.eu.mailhop.org (outbound1g.eu.mailhop.org [52.28.6.212]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D16DF126C01 for <doh@ietf.org>; Sun, 24 Mar 2019 05:21:39 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1553430098; cv=none; d=outbound.mailhop.org; s=arc-outbound20181012; b=FjWeXbAo9WveuakZmlrmCpaohLtZd8zgcRMLmixjVm2CeoOGXvVRN5bq2G9NlJlFrDCskVRYu1ec7 XzCD2c5ewu1c2oSZpEYY2nmuCtEZTtIEo2onxiSSlU5/qRzBP3lfMzxOx+SxILQRncYBh8/1XUOoCi ufxtuXTrmpCRhRjaYfbKsQlmCLBrk6rRJZCI1Y9WlQopC2UephMC7VirINW1jHs3uALtpFYlkaE/R1 Jgt2HM/K5ChSWs3fGWGmuzP9tMhJwGhtpvTXBlFiMj2qEl7X8PYbizdEbFbTN7BkqEfdgSnNg33P+2 kOmbhiEvsERu8kQpTEW9GQBsSi4ve1A==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=outbound.mailhop.org; s=arc-outbound20181012; h=content-type:cc:to:subject:message-id:date:from:in-reply-to:references: mime-version:dkim-signature:dkim-signature:from; bh=1K86N9HdeBJw+sg9Ok7CL1q9+Vb1N+GZ4RDhZRM0DmE=; b=ROgBkXfZd0xbnrEE8HEVAzCcyAJECTjbzIqfOx0VgkXDXAdoFmWO5yp7TjIM4g0XzRXsQ4vY1lRIS eBXzW+9zmXQwfMwPDWrocrNYYDH1dxFTNNJA+aXIS51h5Zb6Tw3UNhDWpTLKxXrQD/BTELhg6cAkap B5iP854cYzclChvhR9cJPX5FenH91MamwmbzaPgdKvHcgReEiMLXoyY0WtGLTzotoWZEKwZqYMfz8J zOvi5idHJHDEwDn24OOS2p2vt6MPQ4Lk4LrIqRCo6nc4kNyqvBceSh5fzHbUNND2jBadhCs//ts1bL s/XANx2UNO05hrugWM0xUbSY40lZCSA==
ARC-Authentication-Results: i=1; outbound3.eu.mailhop.org; spf=pass smtp.mailfrom=ducksong.com smtp.remote-ip=209.85.167.177; dmarc=none header.from=ducksong.com; arc=none header.oldest-pass=0;
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ducksong.com; s=duo-1537391512170-ea99bbb3; h=content-type:cc:to:subject:message-id:date:from:in-reply-to:references: mime-version:from; bh=1K86N9HdeBJw+sg9Ok7CL1q9+Vb1N+GZ4RDhZRM0DmE=; b=UaXtjQSO4/3mlztpR1zebPM8SZu/VkWHfOP9xD/y/agKJmu7XwE2opwcF1ok8bmoXCy7PP6/VSPBE EiO6WCUEYUexNo6rYRAhLDsGVkVOwXdypmXGQhhDJrLSjvJ/vRtCauzR5T2q5J27JHPbzq43aTB4GS 0L+6VH8hAHRVQIeQ=
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=outbound.mailhop.org; s=dkim-high; h=content-type:cc:to:subject:message-id:date:from:in-reply-to:references: mime-version:from; bh=1K86N9HdeBJw+sg9Ok7CL1q9+Vb1N+GZ4RDhZRM0DmE=; b=UYwhYF9Si2MGcFzR1+LjLn4Oj6fqVqt5cAjXr9TXATNXeRbgaz0eMMf02MhNA6e17Kp6drNKGs8iC LdHFmfC8va+okdSC02CvzQVo6YIrnM5qnXFz6eHXZgwugG8FQH/zLuibEb54gsOHa2hcaOaqkAZ/GV LBpsBcilMCaMA3lu4j+/CrABI7qmpBlCU8cBreEDsz3SKm08SWjS1tqeTMPiMQ31Q4gFoyQjYeKDN7 /vQvUw9X4W7SYrgDNrbennsv2TS4GvOJImY2mU8TE2hXo/dlgvNLHIRBbqLKNLpllZLZORIzYohlne fQ7fvnrjV7BP9JgoyvYlvnW4M9WGfRg==
X-MHO-RoutePath: bWNtYW51cw==
X-MHO-User: 5d9d208a-4e2f-11e9-908b-352056dbf2de
X-Report-Abuse-To: https://support.duocircle.com/support/solutions/articles/5000540958-duocircle-standard-smtp-abuse-information
X-Originating-IP: 209.85.167.177
X-Mail-Handler: DuoCircle Outbound SMTP
Received: from mail-oi1-f177.google.com (unknown [209.85.167.177]) by outbound3.eu.mailhop.org (Halon) with ESMTPSA id 5d9d208a-4e2f-11e9-908b-352056dbf2de; Sun, 24 Mar 2019 12:21:36 +0000 (UTC)
Received: by mail-oi1-f177.google.com with SMTP id v10so586060oib.1 for <doh@ietf.org>; Sun, 24 Mar 2019 05:21:35 -0700 (PDT)
X-Gm-Message-State: APjAAAXid45ZigdG5WSNi1S2Yl8Pl/ewJWLg2aqay3fl+8BZLC5O3CdK xUWd8U9WHkHXkk0KdXKgOIRFl0kqZhhbLPAkW8A=
X-Google-Smtp-Source: APXvYqzKw4t71eV71AOeWnYd/QuNrdAHiJwa7JdLN6Jqv9Hglt99WpjKnbZ+qNNxXr+W8dm/31hrqU/eSAkJFaioJ4M=
X-Received: by 2002:aca:c0c2:: with SMTP id q185mr7822332oif.118.1553430095032; Sun, 24 Mar 2019 05:21:35 -0700 (PDT)
MIME-Version: 1.0
References: <6980a503-bbe2-ffa1-351e-0d2005221bf2@cs.tcd.ie> <E83A0D72-01E0-4C35-9100-C745908A4340@icann.org>
In-Reply-To: <E83A0D72-01E0-4C35-9100-C745908A4340@icann.org>
From: Patrick McManus <mcmanus@ducksong.com>
Date: Sun, 24 Mar 2019 13:21:24 +0100
X-Gmail-Original-Message-ID: <CAOdDvNo=RBnrp1f=-Zm=QtTLmT7SZqQpPJqkDMhd0=5AS+-TYQ@mail.gmail.com>
Message-ID: <CAOdDvNo=RBnrp1f=-Zm=QtTLmT7SZqQpPJqkDMhd0=5AS+-TYQ@mail.gmail.com>
To: Paul Hoffman <paul.hoffman@icann.org>
Cc: Stephen Farrell <stephen.farrell@cs.tcd.ie>, "doh@ietf.org" <doh@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000ff79860584d620a6"
Archived-At: <https://mailarchive.ietf.org/arch/msg/doh/VRABofYueUeWZNU9xDaYCK2mcDA>
Subject: Re: [Doh] [Ext] draft-ietf-doh-resolver-associated-doh-02 comments
X-BeenThere: doh@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: DNS Over HTTPS <doh.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/doh>, <mailto:doh-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/doh/>
List-Post: <mailto:doh@ietf.org>
List-Help: <mailto:doh-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/doh>, <mailto:doh-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 24 Mar 2019 12:21:42 -0000
On Wed, Mar 20, 2019 at 2:03 AM Paul Hoffman <paul.hoffman@icann.org> wrote: > > > - Section 2: "the normal rules for HTTP" - does that mean > > all re-directs MUST be HTTPS too? And can those URLs use > > DNS names or must they be IP address certs too? > > The term "normal HTTP" was used in the DoH spec (RFC 8484), and here > "normal rules for HTTP" were assumed to be the same. > > There is a (emerging) definition that I believe is being referred to as normal http (or version independent http) - but it doesn't govern this question of the scheme of the target redirect. This draft would need to limit cross scheme redirects explicitly if that was what was wanted. (which makes sense to me). The definition I am referring to is the http-core work in the 3 active drafts here: https://github.com/httpwg/http-core -Patrick
- [Doh] draft-ietf-doh-resolver-associated-doh-02 c… Stephen Farrell
- Re: [Doh] [Ext] draft-ietf-doh-resolver-associate… Paul Hoffman
- Re: [Doh] draft-ietf-doh-resolver-associated-doh-… Martin Thomson
- Re: [Doh] draft-ietf-doh-resolver-associated-doh-… Stephen Farrell
- Re: [Doh] [Ext] draft-ietf-doh-resolver-associate… Stephen Farrell
- Re: [Doh] [Ext] draft-ietf-doh-resolver-associate… Martin Thomson
- Re: [Doh] [Ext] draft-ietf-doh-resolver-associate… Patrick McManus