Re: [Doh] DOH server on non-standard ports
Patrick McManus <pmcmanus@mozilla.com> Fri, 06 April 2018 17:32 UTC
Return-Path: <pmcmanus@mozilla.com>
X-Original-To: doh@ietfa.amsl.com
Delivered-To: doh@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C903912422F for <doh@ietfa.amsl.com>; Fri, 6 Apr 2018 10:32:21 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 2.101
X-Spam-Level: **
X-Spam-Status: No, score=2.101 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_SBL_CSS=3.335, SPF_SOFTFAIL=0.665] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8HTKiPOHbUQD for <doh@ietfa.amsl.com>; Fri, 6 Apr 2018 10:32:19 -0700 (PDT)
Received: from linode64.ducksong.com (linode6only.ducksong.com [IPv6:2600:3c02::f03c:91ff:fe6e:e8da]) by ietfa.amsl.com (Postfix) with ESMTP id 6F51712025C for <doh@ietf.org>; Fri, 6 Apr 2018 10:32:19 -0700 (PDT)
Received: from mail-oi0-f45.google.com (mail-oi0-f45.google.com [209.85.218.45]) by linode64.ducksong.com (Postfix) with ESMTPSA id 6916E3A03F for <doh@ietf.org>; Fri, 6 Apr 2018 13:32:16 -0400 (EDT)
Received: by mail-oi0-f45.google.com with SMTP id u141-v6so1763900oif.1 for <doh@ietf.org>; Fri, 06 Apr 2018 10:32:16 -0700 (PDT)
X-Gm-Message-State: ALQs6tDnp0fNpu87KVoq3WMW2CjDsmGfGXwYWOro7A/ZUKUCelu4m5Ry tRfTX4dtcLWFE5KBAFAWAjcEUiUpPQRg3Sh1AXQ=
X-Google-Smtp-Source: AIpwx4+I48yiGEsfXd09PcUM9BKxwFxj2Z0lkk+2o+tp48YAm8W/Etrud6BvyW/U2VlqGiwEuh0hiRlvE8h6MTnssZo=
X-Received: by 2002:aca:5a44:: with SMTP id o65-v6mr1547094oib.38.1523035936102; Fri, 06 Apr 2018 10:32:16 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.74.70.23 with HTTP; Fri, 6 Apr 2018 10:32:15 -0700 (PDT)
In-Reply-To: <f536aecc-d3e6-bd01-e869-c57a0fc9e1a8@o2.pl>
References: <39301825-be3c-5888-ce99-45caf5ab0857@o2.pl> <f536aecc-d3e6-bd01-e869-c57a0fc9e1a8@o2.pl>
From: Patrick McManus <pmcmanus@mozilla.com>
Date: Fri, 06 Apr 2018 13:32:15 -0400
X-Gmail-Original-Message-ID: <CAOdDvNqWRCCmR_6gX-u6W6qhiDfqaWh_dui_S2nTCZFcb+H1WQ@mail.gmail.com>
Message-ID: <CAOdDvNqWRCCmR_6gX-u6W6qhiDfqaWh_dui_S2nTCZFcb+H1WQ@mail.gmail.com>
To: Mateusz Jończyk <mat.jonczyk@o2.pl>
Cc: DoH WG <doh@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000f3a13e0569316fc5"
Archived-At: <https://mailarchive.ietf.org/arch/msg/doh/zEuFRptQ5y4MEZWcr4xuZAoUPPc>
Subject: Re: [Doh] DOH server on non-standard ports
X-BeenThere: doh@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: DNS Over HTTPS <doh.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/doh>, <mailto:doh-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/doh/>
List-Post: <mailto:doh@ietf.org>
List-Help: <mailto:doh-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/doh>, <mailto:doh-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 06 Apr 2018 17:32:22 -0000
one of the nice things about DoH is that it does not squat on any particular part of the URI space which will allow many deployments to integrate DoH into existing servers. (That's actually one of the points of bcp56bis, and a good argument for tossing the .wk url out). obviously, that's not always possible (such as your example) and a different port is required.. but that's not really desirable and is already possible so I don't think I support the change in language. On Fri, Apr 6, 2018 at 5:49 AM, Mateusz Jończyk <mat.jonczyk@o2.pl> wrote: > OK, but wouldn't it be beneficial to specify explicitly that DOH clients > MUST > support accessing DOH servers on ports other then 443 - for compatibility > reasons? > > I would propose to add the following text: > A DNS API server MAY work on a port other then 443 so all DNS API > clients MUST support accessing DOH servers on ports other than 443. > > at the end of section 4 "The HTTP Request". > > Greetings, > Mateusz Jończyk > > Patrick McManus on Wed, 04 April 2018 12:50 UTC wrote: > > neither https not uris are limited to any particular port. I don't see a > > problem here.. > > > > W dniu 04.04.2018 o 12:58, Mateusz Jończyk pisze: > >> Hello, > >> I think that it may be beneficial to specify that a DOH server MAY work > on a > >> port other than 443 and that the DOH client MUST support accessing DOH > servers > >> on ports other than 443. > >> > >> I have been thinking about the possibility of adding support for DOH to > a home > >> router. In the future, someone may modify dnsmasq so that it would act > as a DOH > >> server - dnsmasq could then run on this router and provide DOH services. > >> The port 443 would be already used by the router's management interface > which > >> would probably run as a separate process on this router (as it would be > an > >> entirely different codebase). So dnsmasq would have to provide DOH > services on > >> another port. > >> > >> Greetings, > >> Mateusz Jończyk > >> > > _______________________________________________ > Doh mailing list > Doh@ietf.org > https://www.ietf.org/mailman/listinfo/doh > >
- [Doh] DOH server on non-standard ports Mateusz Jończyk
- Re: [Doh] DOH server on non-standard ports Patrick McManus
- Re: [Doh] DOH server on non-standard ports Mateusz Jończyk
- Re: [Doh] DOH server on non-standard ports Patrick McManus
- Re: [Doh] DOH server on non-standard ports Dave Lawrence