IETF Logo Mail Archive

Re: [Doh] [Ext] Reviewing Resolver-Associated DOH

"Hewitt, Rory" <rhewitt@akamai.com> Mon, 18 March 2019 22:09 UTC

Return-Path: <rhewitt@akamai.com>
X-Original-To: doh@ietfa.amsl.com
Delivered-To: doh@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7D9E61311A9 for <doh@ietfa.amsl.com>; Mon, 18 Mar 2019 15:09:49 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.852
X-Spam-Level:
X-Spam-Status: No, score=-1.852 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, KHOP_DYNAMIC=0.85, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=akamai.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id t04GZ6_KkwG5 for <doh@ietfa.amsl.com>; Mon, 18 Mar 2019 15:09:47 -0700 (PDT)
Received: from mx0a-00190b01.pphosted.com (mx0a-00190b01.pphosted.com [IPv6:2620:100:9001:583::1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9C2E31311A8 for <doh@ietf.org>; Mon, 18 Mar 2019 15:09:47 -0700 (PDT)
Received: from pps.filterd (m0050093.ppops.net [127.0.0.1]) by m0050093.ppops.net-00190b01. (8.16.0.27/8.16.0.27) with SMTP id x2ILvMeG024313; Mon, 18 Mar 2019 22:09:26 GMT
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=akamai.com; h=from : to : cc : subject : date : message-id : references : in-reply-to : content-type : content-transfer-encoding : mime-version; s=jan2016.eng; bh=dilB7Z3STlyRnHD139JcPouqbGBA6Njm+Od1Ug8VBfA=; b=OZ3WMBGqoiiR7TGmtBUxYGIW5mcROJUxZGUMOAiiyYGDRJ0UKRHk0JzPgF7OdEV0g5S/ 5RlXestXXAETl3ZodGwmg5DYhJfcTM/iWqgW4yDr2AppGUtpD016W85NMDMRUO05r9xg 6vDDsc8XvWjnKPnN6Fow4/y9rXguiwL09yET+ecydeHXu1FQrAjGxpAD/Co/jHIFArjl LRWxxgrb0OKeRIgOoaiKGm34Ey77vftVQORHOThF6Za+i7syE+mgTYY67/lUgz99arz2 XZP3uPTX3NXPk1CIKMzC5sYkohi4tqZFcDVoelAEBHiSvU4WDh7Rco4PYOGB11bJWq0A zw==
Received: from prod-mail-ppoint2 (prod-mail-ppoint2.akamai.com [184.51.33.19]) by m0050093.ppops.net-00190b01. with ESMTP id 2rafs50tds-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 18 Mar 2019 22:09:25 +0000
Received: from pps.filterd (prod-mail-ppoint2.akamai.com [127.0.0.1]) by prod-mail-ppoint2.akamai.com (8.16.0.27/8.16.0.27) with SMTP id x2IM2rr1025705; Mon, 18 Mar 2019 18:09:24 -0400
Received: from email.msg.corp.akamai.com ([172.27.25.32]) by prod-mail-ppoint2.akamai.com with ESMTP id 2r8vfuurwp-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Mon, 18 Mar 2019 18:09:24 -0400
Received: from USTX2EX-DAG1MB3.msg.corp.akamai.com (172.27.27.103) by ustx2ex-dag1mb1.msg.corp.akamai.com (172.27.27.101) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Mon, 18 Mar 2019 17:09:22 -0500
Received: from USTX2EX-DAG1MB3.msg.corp.akamai.com ([172.27.27.103]) by ustx2ex-dag1mb3.msg.corp.akamai.com ([172.27.27.103]) with mapi id 15.00.1473.003; Mon, 18 Mar 2019 17:09:16 -0500
From: "Hewitt, Rory" <rhewitt@akamai.com>
To: Mark Nottingham <mnot@mnot.net>, Paul Hoffman <paul.hoffman@icann.org>
CC: nusenu <nusenu-lists@riseup.net>, "doh@ietf.org" <doh@ietf.org>
Thread-Topic: [Doh] [Ext] Reviewing Resolver-Associated DOH
Thread-Index: AQHU3RjEfZ1VPcdKSEuf1fAXMLhziaYRl5QAgACpKQD//6zswIAAV8EA//+tW3A=
Date: Mon, 18 Mar 2019 22:09:16 +0000
Message-ID: <e6e0da6d24b74bf0ada07bf85785ef49@ustx2ex-dag1mb3.msg.corp.akamai.com>
References: <CAHbrMsCNyeabhk0sVexOHVedVkgG2dvV9T8wWL++om5juAUvEw@mail.gmail.com> <5690c5b2-65ab-55d4-b3ec-d06d82ebbb26@riseup.net> <7F06A457-58C6-47A0-BDCA-D25FF0C6C062@icann.org> <b5c7f08d-debc-b426-f72d-b5100c476b4f@it.aoyama.ac.jp> <392246eb108b4421b63f0813f71d3b75@ustx2ex-dag1mb3.msg.corp.akamai.com> <8d56232b-8933-bf8a-186b-e44597364e14@riseup.net> <75491a04058f42ef923a01ccc748fad9@ustx2ex-dag1mb3.msg.corp.akamai.com> <7EAD04F0-5FEB-42DE-92FE-C0B1889B79A2@mnot.net>
In-Reply-To: <7EAD04F0-5FEB-42DE-92FE-C0B1889B79A2@mnot.net>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [172.28.212.170]
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:, , definitions=2019-03-18_13:, , signatures=0
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 suspectscore=0 malwarescore=0 phishscore=0 bulkscore=0 spamscore=0 mlxscore=0 mlxlogscore=999 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1810050000 definitions=main-1903180153
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:, , definitions=2019-03-18_13:, , signatures=0
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 priorityscore=1501 malwarescore=0 suspectscore=0 phishscore=0 bulkscore=0 spamscore=0 clxscore=1011 lowpriorityscore=0 mlxscore=0 impostorscore=0 mlxlogscore=999 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1810050000 definitions=main-1903180153
Archived-At: <https://mailarchive.ietf.org/arch/msg/doh/afhOyl-J3e5YNqjY6LpQWJkm0a8>
Subject: Re: [Doh] [Ext] Reviewing Resolver-Associated DOH
X-BeenThere: doh@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: DNS Over HTTPS <doh.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/doh>, <mailto:doh-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/doh/>
List-Post: <mailto:doh@ietf.org>
List-Help: <mailto:doh-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/doh>, <mailto:doh-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 18 Mar 2019 22:09:49 -0000

@Mark Nottingham

This came up because while chatting to @Paul Hoffman offline, I made it clear that there are lots of people who are sticking assorted files into their /.well-known/ folder, either directly or within sub-folders with no apparent consistency. The last thing anyone wants is a name-clash with an existing file, unlikely though that seems. I'm not sure the extent to which folks on this mailing list are aware of the horrible, ridiculous ways in which real people operate their web servers (as opposed to the 'idealized' way they may be presumed by standards-writers).

That being said, your point about bike-shedding is well-taken.

Thanks,

Rory

Rory Hewitt
Senior Solutions Architect
Global Services & Support

-----Original Message-----
From: Mark Nottingham <mnot@mnot.net> 
Sent: Monday, March 18, 2019 3:00 PM
To: Hewitt, Rory <rhewitt@akamai.com>
Cc: nusenu <nusenu-lists@riseup.net>et>; doh@ietf.org
Subject: Re: [Doh] [Ext] Reviewing Resolver-Associated DOH

*well-known URI expert hat on*

Without speaking to the technical merit of the proposals being discussed, I'd like to discourage folks from thinking that they can reserve prefixes within the first well-known URI path segment; it is a managed space, but if we start this practice, we're going to have a nightmare managing the competing requirements.

If you want to reserve a prefix, reserve something like /.well-known/dns-servers/ and put the specific flavour after that (or in the retrieved file, or...).

All that said, bike shedding the name at this point probably isn't a terribly productive use of time.

Thanks,


> On 19 Mar 2019, at 8:56 am, Hewitt, Rory <rhewitt@akamai.com> wrote:
> 
> I'm firmly in favor of having a naming 'convention' of:
> 
> 	/.well-known/dns-doh-servers
> 
> I think it's critical to have "dns-" as the name prefix, to clearly indicate that this is a DNS-related file. Then "doh-" to indicate that this is a DoH-specific file and so on... Using this convention means that the DoT folks can create their own files as
> 
> 	/.well-known/dns-dot-servers
> 
> While your idea of "/.well-known/dns-over-https-servers" fulfills the first "dns-" part of my convention (and it's also very clear what it is šŸ˜Š), I guess I'm always going to be antsy that there's going to be a new DNS-related 'technology' in the future called e.g. "Carrier-Pigeon DNS" and that team is going to call their file "/.well-known/carrier-pigeon-dns". So it's better (IMHO) to explicitly indicate that it's a series of Three-Letter-Acronyms...
> 
> Of course, a naming convention only works if everyone both knows about it and follows it. Even if we decide to use a 'strict' naming convention, unless it's both 'publicized' and 'enforced', it's kinda useless.

--
Mark Nottingham   https://www.mnot.net/

v2.8.7 | Report a Bug | By Email