Re: [Doh] [DNSOP] [Ext] Re: Alternate proposal for transport indication in draft-ietf-dnsop-dns-wireformat-http
Paul Vixie <paul@redbarn.org> Wed, 04 April 2018 15:49 UTC
Return-Path: <paul@redbarn.org>
X-Original-To: doh@ietfa.amsl.com
Delivered-To: doh@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A6C4512DA49; Wed, 4 Apr 2018 08:49:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.911
X-Spam-Level:
X-Spam-Status: No, score=-1.911 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id dz4ckK41UY3B; Wed, 4 Apr 2018 08:49:13 -0700 (PDT)
Received: from family.redbarn.org (family.redbarn.org [IPv6:2001:559:8000:cd::5]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1207C12DA3E; Wed, 4 Apr 2018 08:49:13 -0700 (PDT)
Received: from [10.0.5.44] (unknown [38.100.27.170]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client did not present a certificate) by family.redbarn.org (Postfix) with ESMTPSA id 8F8B17594C; Wed, 4 Apr 2018 15:49:12 +0000 (UTC)
Message-ID: <5AC4F3F5.6080408@redbarn.org>
Date: Wed, 04 Apr 2018 08:49:09 -0700
From: Paul Vixie <paul@redbarn.org>
User-Agent: Postbox 5.0.25 (Windows/20180328)
MIME-Version: 1.0
To: Ted Lemon <mellon@fugue.com>
CC: Ray Bellis <ray@bellis.me.uk>, dnsop@ietf.org, doh@ietf.org
References: <152168039295.5550.9572034766968749020.idtracker@ietfa.amsl.com> <CAAObRX+xF5SwVd3x3iXSWd-A0Kpr_ubbOJzn0yTrSk8pc+tm6Q@mail.gmail.com> <23219.56569.2064.711002@gro.dd.org> <CA+nkc8ANQh2wAr6==eNuM82mbD+E2ELzHGizdqF_sGdY-kkOqg@mail.gmail.com> <5AB3E3B7.3080607@redbarn.org> <69AA6C5D-D348-4956-8A31-FE1EC3A2042E@icann.org> <CABkgnnX2jGY_JpVbqJuQdDVUyVzsuM_2CDg4nppfqQHZQm0F+w@mail.gmail.com> <CAAObRXKHhk51DxNt5uiYB0gunJ=DNde2j9FJSU=Ky2m4Q1UkhQ@mail.gmail.com> <CABkgnnVL0XaUDS-WzDGaN9-kLx9p3x1+UVuWhvx=Zyo5oRos+w@mail.gmail.com> <19BED07A-942E-4A46-93A6-09770083EFF9@icann.org> <CABkgnnX-=n-reO9yjA8a2pHAD+JtoS5wX1w-dXMnDFdt4HXu-g@mail.gmail.com> <23236.18671.182273.977633@gro.dd.org> <28199575-e2e2-6966-fe17-f678f9f397f3@bellis.me.uk> <5AC4C2F7.7050906@redbarn.org> <3630b151-9628-235e-a5b1-c838b777d9d2@bellis.me.uk> <5AC4E70C.7020003@redbarn.org> <A0A55AED-0CB2-478C-913A-DCA678FBAC33@fugue.com> <5AC4F11F.3050009@redbarn.org> <602DF02A-3A85-4B3B-9E11-F7A701BD25B5@fugue.com>
In-Reply-To: <602DF02A-3A85-4B3B-9E11-F7A701BD25B5@fugue.com>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/doh/_5-DA8lCH6xD1dcszpcLTqx8Prk>
Subject: Re: [Doh] [DNSOP] [Ext] Re: Alternate proposal for transport indication in draft-ietf-dnsop-dns-wireformat-http
X-BeenThere: doh@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: DNS Over HTTPS <doh.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/doh>, <mailto:doh-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/doh/>
List-Post: <mailto:doh@ietf.org>
List-Help: <mailto:doh-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/doh>, <mailto:doh-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 04 Apr 2018 15:49:15 -0000
Ted Lemon wrote: > On Apr 4, 2018, at 11:37 AM, Paul Vixie <paul@redbarn.org > <mailto:paul@redbarn.org>> wrote: >> there's code that implements this. there are people using it. there >> will be more of both. a standard will mean greater interoperability. > > Why was the code written? Why are they using this? where the client can't be upgraded to DOH, and the network can't be upgraded to add VPN's, this allows a name server to be reachable with full fidelity (no middleboxes, so EDNS works) and better-than-cleartext privacy. i use it on my laptop when in a hotel room or coffee shop. > What is it about this > solution that makes it preferable, for their use case, to a smart proxy > that is itself a full-service resolver and thus shouldn't tunnel > information about the query transport? this is a far thinner solution than a full-service resolver, which would require local configuration and monitoring and so on, as well as topology stability that can't be guaranteed. > Given Bert's talk on camels, I think these are questions that are worth > asking, and the answer shouldn't be "because." this would never be part of the mandatory-to-implement "DNS core". -- P Vixie
- [Doh] Fwd: New Version Notification for draft-iet… Davey Song
- Re: [Doh] [DNSOP] Fwd: New Version Notification f… Richard Gibson
- Re: [Doh] [DNSOP] Fwd: New Version Notification f… Dave Lawrence
- Re: [Doh] [DNSOP] Fwd: New Version Notification f… Davey Song
- Re: [Doh] [DNSOP] Fwd: New Version Notification f… Bob Harold
- Re: [Doh] [DNSOP] Fwd: New Version Notification f… Davey Song
- Re: [Doh] [DNSOP] Fwd: New Version Notification f… Dave Lawrence
- Re: [Doh] [DNSOP] Fwd: New Version Notification f… Paul Vixie
- Re: [Doh] [DNSOP] Fwd: New Version Notification f… Bob Harold
- Re: [Doh] [DNSOP] Fwd: New Version Notification f… Paul Vixie
- [Doh] Alternate proposal for transport indication… Paul Hoffman
- Re: [Doh] [DNSOP] Alternate proposal for transpor… Paul Vixie
- Re: [Doh] [Ext] Re: [DNSOP] Alternate proposal fo… Paul Hoffman
- Re: [Doh] [DNSOP] Alternate proposal for transpor… Davey Song
- Re: [Doh] [Ext] Re: [DNSOP] Alternate proposal fo… Davey Song
- Re: [Doh] [Ext] Re: [DNSOP] Alternate proposal fo… Paul Hoffman
- Re: [Doh] Alternate proposal for transport indica… Martin Thomson
- Re: [Doh] Alternate proposal for transport indica… Davey Song
- Re: [Doh] Alternate proposal for transport indica… Martin Thomson
- Re: [Doh] [Ext] Re: Alternate proposal for transp… Paul Hoffman
- Re: [Doh] [DNSOP] Alternate proposal for transpor… Dave Lawrence
- Re: [Doh] Alternate proposal for transport indica… Davey Song
- Re: [Doh] [Ext] Re: Alternate proposal for transp… Martin Thomson
- Re: [Doh] [DNSOP] [Ext] Re: Alternate proposal fo… Dave Lawrence
- Re: [Doh] [Ext] Re: Alternate proposal for transp… Davey Song
- Re: [Doh] [DNSOP] [Ext] Re: Alternate proposal fo… Ray Bellis
- Re: [Doh] [DNSOP] [Ext] Re: Alternate proposal fo… Ray Bellis
- Re: [Doh] [DNSOP] [Ext] Re: Alternate proposal fo… Paul Vixie
- Re: [Doh] [DNSOP] [Ext] Re: Alternate proposal fo… Ted Lemon
- Re: [Doh] [DNSOP] [Ext] Re: Alternate proposal fo… Ray Bellis
- Re: [Doh] [DNSOP] [Ext] Re: Alternate proposal fo… Paul Vixie
- Re: [Doh] [DNSOP] [Ext] Re: Alternate proposal fo… Ted Lemon
- Re: [Doh] [DNSOP] [Ext] Re: Alternate proposal fo… Paul Vixie
- Re: [Doh] [DNSOP] [Ext] Re: Alternate proposal fo… Ted Lemon
- Re: [Doh] [DNSOP] [Ext] Re: Alternate proposal fo… Tony Finch
- Re: [Doh] [DNSOP] [Ext] Re: Alternate proposal fo… Paul Vixie
- Re: [Doh] [DNSOP] [Ext] Re: Alternate proposal fo… Paul Vixie
- Re: [Doh] [DNSOP] [Ext] Re: Alternate proposal fo… Paul Vixie
- Re: [Doh] [DNSOP] [Ext] Re: Alternate proposal fo… Ben Schwartz
- Re: [Doh] [DNSOP] [Ext] Re: Alternate proposal fo… Paul Vixie
- Re: [Doh] [DNSOP] [Ext] Re: Alternate proposal fo… Ted Lemon
- Re: [Doh] [DNSOP] [Ext] Re: Alternate proposal fo… Paul Vixie
- Re: [Doh] [DNSOP] [Ext] Re: Alternate proposal fo… Ted Lemon
- Re: [Doh] [DNSOP] [Ext] Re: Alternate proposal fo… Paul Vixie
- Re: [Doh] [DNSOP] [Ext] Re: Alternate proposal fo… Ted Lemon
- Re: [Doh] [DNSOP] [Ext] Re: Alternate proposal fo… Paul Vixie
- Re: [Doh] [DNSOP] [Ext] Re: Alternate proposal fo… Ted Lemon
- Re: [Doh] [DNSOP] [Ext] Re: Alternate proposal fo… Tony Finch
- Re: [Doh] [DNSOP] [Ext] Re: Alternate proposal fo… Martin Thomson