Re: [Doh] [Ext] Re: Associating a DoH server with a resolver
Patrick McManus <mcmanus@ducksong.com> Wed, 24 October 2018 16:09 UTC
Return-Path: <mcmanus@ducksong.com>
X-Original-To: doh@ietfa.amsl.com
Delivered-To: doh@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 90498130E16 for <doh@ietfa.amsl.com>; Wed, 24 Oct 2018 09:09:59 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ducksong.com header.b=enkm19t2; dkim=pass (2048-bit key) header.d=outbound.mailhop.org header.b=C0cuCk/l
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tnmoAVQruxk8 for <doh@ietfa.amsl.com>; Wed, 24 Oct 2018 09:09:57 -0700 (PDT)
Received: from outbound1.eu.mailhop.org (outbound1.eu.mailhop.org [52.28.251.132]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 12ED31286E7 for <doh@ietf.org>; Wed, 24 Oct 2018 09:09:56 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1540397395; cv=none; d=outbound.mailhop.org; s=arc-outbound20181012; b=kbxoPrqM2x7kUH9lQDbT2T9EWXUOSS+9+GAa0Cz5Q+qvOE1vMdej9CpUWigxIP7Ox61FUiy9yFVcc 532ncw6CFCD0yZtuXisN/csFT+Z0SrdxR0RsfMn0oQXv8ubsEfvegQyx3ZZfbYJONR+CCjUMCdKjZ9 tyjpt0zrnW0Al9Fg8xZvQ1zPpJoEksmq+R0CJOMrAlz51klrp5e+ERkBk5s43mJJLx7eGDKL+QToXB HbUO/MlgcVZMxFpSP6G2+iE57N7qnMr1FxKJNCDwijwxqC1HM2k9MhUHNIt0gIWIXX/gBW/gzR3uTX PHgtCl2WZe+R7hvICDXjZTsa9DW4+BA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=outbound.mailhop.org; s=arc-outbound20181012; h=content-type:cc:to:subject:message-id:date:from:in-reply-to:references: mime-version:dkim-signature:dkim-signature:from; bh=/KLfHK2pkOAzCgJQbpGfnDtZ0qoqmzOrJAYVMsPMW+c=; b=qVGg+RyUTxivXGLQUcT/NBDAuUjxeIAcDOUx8YWQsM3z5rZiQG6QRhT7iuaf3jdAaJM/tYPbn36Oq YKtoL+lTPAARSGWfAQssdozaI+FXUP++JpUTLxaBdvZ6b8gMKat4dQnvKQ+5qhJLc5Op/XeOLM8Rgt bw9rxgz66Mz3UfbumspwEdyxEU4J0kHTVi93Fc93v63jQsuIsjrKAFlhREYc7DZv/X0dFLVJIxfbTJ 8MlGetqhGBdkWi3pTq2i8IKqluogurGSMF90Dw8SkssZCs/snn47ex8wSK9I79xLlHke/1SiCS376y ua4zPKhe1c5J7ZY8YDqmMY+DDYyqFag==
ARC-Authentication-Results: i=1; outbound1.eu.mailhop.org; spf=pass smtp.mailfrom=ducksong.com smtp.remote-ip=209.85.167.179; dmarc=none header.from=ducksong.com; arc=none header.oldest-pass=0;
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ducksong.com; s=duo-1537391512170-ea99bbb3; h=content-type:cc:to:subject:message-id:date:from:in-reply-to:references: mime-version:from; bh=/KLfHK2pkOAzCgJQbpGfnDtZ0qoqmzOrJAYVMsPMW+c=; b=enkm19t2JjImYf+rT0nNz3b9j6wQlUm7zC+9jptEawLyQ9zE3rSFbwsJGx//Pchtt2KGT7+e2NeJ8 ABuZnB1HidlBBH5BByeG1XFVXp55/oJm0sK1m97zbcBSHQglb/cYhalh3a3EKHPUGOOE2BxnL1liN4 +qKmWNP5QgyyDsl4=
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=outbound.mailhop.org; s=dkim-high; h=content-type:cc:to:subject:message-id:date:from:in-reply-to:references: mime-version:from; bh=/KLfHK2pkOAzCgJQbpGfnDtZ0qoqmzOrJAYVMsPMW+c=; b=C0cuCk/lgM0QBZjwYlQumV5RE4LjUyQFFLj5vdaoS7sj6TQ7b9eYTT5mq8nxGvBhZlqnv4loXwh+4 7v4v2DFTL/73BnEFQvO2qALJN7vZRVpDEnUY0DU24ibjAJ8CrWQ0eIELKbG0W/PEIkMwykSS2fWXL1 anxP1z4uOgh1xwnB8w/wk21X4yqOPJI17d3Evmq3m1CWBETpind12wtCIHWsL6eNDxmQJQTY0yC8Sw glpHenPa0WmsBoGVi1qjAAePTp9oY0FqgkNy8UciY4+r57c+AlcpG21nGuQqbnEz1LZpXQq42QIZ5z 1Zc+Q7+f2U+ON2mZbjJoCoQTGCS92Gg==
X-MHO-RoutePath: bWNtYW51cw==
X-MHO-User: 3c0d3105-d7a7-11e8-9048-075f73944867
X-Report-Abuse-To: https://support.duocircle.com/support/solutions/articles/5000540958-duocircle-standard-smtp-abuse-information
X-Originating-IP: 209.85.167.179
X-Mail-Handler: DuoCircle Outbound SMTP
Received: from mail-oi1-f179.google.com (unknown [209.85.167.179]) by outbound1.eu.mailhop.org (Halon) with ESMTPSA id 3c0d3105-d7a7-11e8-9048-075f73944867; Wed, 24 Oct 2018 16:09:52 +0000 (UTC)
Received: by mail-oi1-f179.google.com with SMTP id j68-v6so4533344oib.7 for <doh@ietf.org>; Wed, 24 Oct 2018 09:09:51 -0700 (PDT)
X-Gm-Message-State: AGRZ1gKnvWRt5QfwnHVboI375j6g6p0B8tcnsaLDltRAdM8IMS2ZFVbh p4PTidAdHlJK6+DXjvQ3tC/xvSFyrcvTZMmzXwo=
X-Google-Smtp-Source: AJdET5dGJWOEs2DOoDX5imorGgFi+i+wi2z5ErJJTYeC+IYNvk0ZrWdZ09AQkykEg15/aBdP4rVN9Uys3LLgmmd01Wc=
X-Received: by 2002:aca:1c6:: with SMTP id 189-v6mr1821931oib.325.1540397389869; Wed, 24 Oct 2018 09:09:49 -0700 (PDT)
MIME-Version: 1.0
References: <02C39DFD-9550-447D-B00E-702B441A88BE@icann.org> <CABkgnnV2YMtcdOyMfE2NMH4L1ZbK4dcp1KQt3FttCfz-nfQd6A@mail.gmail.com> <C82FBB08-8DAA-4C50-8934-576596C2532F@icann.org>
In-Reply-To: <C82FBB08-8DAA-4C50-8934-576596C2532F@icann.org>
From: Patrick McManus <mcmanus@ducksong.com>
Date: Wed, 24 Oct 2018 12:09:38 -0400
X-Gmail-Original-Message-ID: <CAOdDvNoPL0FB2s9MbLPOU1LneYsHrW39E24g+1U8hkcdgNBLaw@mail.gmail.com>
Message-ID: <CAOdDvNoPL0FB2s9MbLPOU1LneYsHrW39E24g+1U8hkcdgNBLaw@mail.gmail.com>
To: Paul Hoffman <paul.hoffman@icann.org>
Cc: Martin Thomson <martin.thomson@gmail.com>, DoH WG <doh@ietf.org>
Content-Type: multipart/alternative; boundary="0000000000003c7a100578fbb7e6"
Archived-At: <https://mailarchive.ietf.org/arch/msg/doh/tha-hdQblmqx0RmA6qncZyaVAng>
Subject: Re: [Doh] [Ext] Re: Associating a DoH server with a resolver
X-BeenThere: doh@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: DNS Over HTTPS <doh.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/doh>, <mailto:doh-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/doh/>
List-Post: <mailto:doh@ietf.org>
List-Help: <mailto:doh-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/doh>, <mailto:doh-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 24 Oct 2018 16:10:00 -0000
On Tue, Oct 23, 2018 at 9:12 PM Paul Hoffman <paul.hoffman@icann.org> wrote: > > There is no way for an application like a browser to send a query through > the OS for anything other than address records. That is, gethostbyname() > and its equivalents only pass back address records good news - that's not true. The concern is that other APIs often are DNS only (and therefore break compatibility with other naming systems like netbios, whatever).. however in the case that you're specifically looking for DNS resolvers, that doesn't seem like a problem. However I disagree with the premise of the work - browsers I have spoken with do not seek to find a DoH version of a resolver that was discovered from a broadcast address over a network that wasn't authenticated in the first place and has an unknown trust relationship with the user in the second case.
- [Doh] Associating a DoH server with a resolver Paul Hoffman
- Re: [Doh] Associating a DoH server with a resolver Hewitt, Rory
- Re: [Doh] Associating a DoH server with a resolver Ben Schwartz
- Re: [Doh] Associating a DoH server with a resolver Martin Thomson
- Re: [Doh] Associating a DoH server with a resolver Martin Thomson
- Re: [Doh] [Ext] Re: Associating a DoH server with… Paul Hoffman
- Re: [Doh] [Ext] Associating a DoH server with a r… Paul Hoffman
- Re: [Doh] [Ext] Re: Associating a DoH server with… Martin Thomson
- Re: [Doh] [Ext] Re: Associating a DoH server with… Eric Rescorla
- Re: [Doh] [Ext] Re: Associating a DoH server with… Adam Roach
- Re: [Doh] [Ext] Associating a DoH server with a r… Tony Finch
- Re: [Doh] [Ext] Re: Associating a DoH server with… Patrick McManus
- Re: [Doh] [Ext] Re: Associating a DoH server with… Paul Hoffman
- Re: [Doh] [Ext] Re: Associating a DoH server with… Paul Hoffman
- Re: [Doh] [Ext] Re: Associating a DoH server with… Adam Roach
- Re: [Doh] [Ext] Re: Associating a DoH server with… Paul Hoffman
- Re: [Doh] [Ext] Re: Associating a DoH server with… Paul Hoffman
- Re: [Doh] [Ext] Re: Associating a DoH server with… Paul Hoffman
- Re: [Doh] [Ext] Re: Associating a DoH server with… Eric Rescorla
- Re: [Doh] [Ext] Re: Associating a DoH server with… Paul Hoffman
- Re: [Doh] [Ext] Re: Associating a DoH server with… Christopher Wood
- Re: [Doh] [Ext] Associating a DoH server with a r… Jim Reid
- Re: [Doh] [Ext] Associating a DoH server with a r… Tony Finch
- Re: [Doh] [Ext] Associating a DoH server with a r… Paul Hoffman
- Re: [Doh] [Ext] Associating a DoH server with a r… Adam Roach
- Re: [Doh] [Ext] Re: Associating a DoH server with… Eliot Lear
- Re: [Doh] Associating a DoH server with a resolver Kenji Baheux
- Re: [Doh] Associating a DoH server with a resolver Todd Hubers
- Re: [Doh] Associating a DoH server with a resolver Ted Lemon
- Re: [Doh] [Ext] Re: Associating a DoH server with… Erik Nygren
- Re: [Doh] [Ext] Re: Associating a DoH server with… Ben Schwartz