Re: [Doh] operational considerations
Patrick McManus <pmcmanus@mozilla.com> Sun, 19 November 2017 01:48 UTC
Return-Path: <pmcmanus@mozilla.com>
X-Original-To: doh@ietfa.amsl.com
Delivered-To: doh@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 02BC4126B7F for <doh@ietfa.amsl.com>; Sat, 18 Nov 2017 17:48:11 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.734
X-Spam-Level:
X-Spam-Status: No, score=-0.734 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_SORBS_SPAM=0.5, SPF_SOFTFAIL=0.665] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id P4i_ng3HqXNi for <doh@ietfa.amsl.com>; Sat, 18 Nov 2017 17:48:09 -0800 (PST)
Received: from linode64.ducksong.com (linode6only.ducksong.com [IPv6:2600:3c02::f03c:91ff:fe6e:e8da]) by ietfa.amsl.com (Postfix) with ESMTP id 7D2A3126557 for <doh@ietf.org>; Sat, 18 Nov 2017 17:48:09 -0800 (PST)
Received: from mail-lf0-f45.google.com (mail-lf0-f45.google.com [209.85.215.45]) by linode64.ducksong.com (Postfix) with ESMTPSA id 6A3693A0A9 for <doh@ietf.org>; Sat, 18 Nov 2017 20:48:06 -0500 (EST)
Received: by mail-lf0-f45.google.com with SMTP id i14so6492989lfc.1 for <doh@ietf.org>; Sat, 18 Nov 2017 17:48:06 -0800 (PST)
X-Gm-Message-State: AJaThX4pk6fBGevvdsAbHxBRI3xXvV3t6Kv38tzxixJWGQmoIIeHOip5 aXEQkgIHa8SMxs9mjxJNzIxR0oZJ5LLbXc9r1zg=
X-Google-Smtp-Source: AGs4zMaYCFNJoyaK8VoLjfUsNEpESvApbNQoAhczbs1qNQ4+fGdqLZsyqHBs2wJdziPuClUuxOy7/R+yJ5fCtKwLvh0=
X-Received: by 10.46.2.87 with SMTP id 84mr2532728ljc.0.1511056085130; Sat, 18 Nov 2017 17:48:05 -0800 (PST)
MIME-Version: 1.0
Received: by 10.25.151.9 with HTTP; Sat, 18 Nov 2017 17:48:03 -0800 (PST)
In-Reply-To: <60b879b8-d107-ec79-b2f1-357e354702e4@cisco.com>
References: <60b879b8-d107-ec79-b2f1-357e354702e4@cisco.com>
From: Patrick McManus <pmcmanus@mozilla.com>
Date: Sun, 19 Nov 2017 09:48:03 +0800
X-Gmail-Original-Message-ID: <CAOdDvNpuNhZF+966qUY8Sq4cfdrC-j_vFYoE9LT_jMRnWozgaQ@mail.gmail.com>
Message-ID: <CAOdDvNpuNhZF+966qUY8Sq4cfdrC-j_vFYoE9LT_jMRnWozgaQ@mail.gmail.com>
To: Eliot Lear <lear@cisco.com>
Cc: "doh@ietf.org" <doh@ietf.org>
Content-Type: multipart/alternative; boundary="94eb2c1a168230a5b4055e4c2938"
Archived-At: <https://mailarchive.ietf.org/arch/msg/doh/eJIc9KnS3c4Ot2xS_UWPfTwn8FE>
Subject: Re: [Doh] operational considerations
X-BeenThere: doh@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: DNS Over HTTPS <doh.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/doh>, <mailto:doh-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/doh/>
List-Post: <mailto:doh@ietf.org>
List-Help: <mailto:doh-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/doh>, <mailto:doh-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 19 Nov 2017 01:48:11 -0000
Hi Eliot - indeed this is fairly brief.. thank you. if we can keep it to this scope I'm ok - but if the section begins to grow organically we should really discuss moving to a different doc. I have a proposed minor rework of your text below which I believe to be more concise and a bit more illuminating on the root issues. Let me know what you think. Operational Considerations Different DNS servers may provide different results to the same query. It logically follows that which server is consulted influences the end result. Split-horizon DNS [RFC6950] is a specific example of this approach where the answers are derived from the (potentially natted) source of the query. A client that chooses to query a non-default resolver for a name that is using this style of algorithm may not obtain correct results. The HTTPS channel used by this specification establishes secure two party communication between the DNS API Client and the DNS API Server. Filtering or inspection systems that rely on unsecured transport of DNS will not function in a DNS over HTTPS environment.
- [Doh] operational considerations Eliot Lear
- Re: [Doh] operational considerations Martin J. Dürst
- Re: [Doh] operational considerations Jim Reid
- Re: [Doh] operational considerations Eliot Lear
- Re: [Doh] operational considerations Patrick McManus
- Re: [Doh] operational considerations Jim Reid
- Re: [Doh] operational considerations Eliot Lear
- Re: [Doh] operational considerations Patrick McManus
- Re: [Doh] operational considerations Hewitt, Rory
- Re: [Doh] operational considerations Eliot Lear
- Re: [Doh] operational considerations Patrick McManus
- Re: [Doh] operational considerations Eliot Lear
- Re: [Doh] operational considerations Jim Reid
- Re: [Doh] operational considerations Jim Reid