Re: [Doh] [Ext] A question on the mix of DNS and HTTP semantics

Patrick McManus <pmcmanus@mozilla.com> Mon, 19 March 2018 11:15 UTC

Return-Path: <pmcmanus@mozilla.com>
X-Original-To: doh@ietfa.amsl.com
Delivered-To: doh@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 36AA212741D for <doh@ietfa.amsl.com>; Mon, 19 Mar 2018 04:15:12 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 2.102
X-Spam-Level: **
X-Spam-Status: No, score=2.102 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_SBL_CSS=3.335, SPF_SOFTFAIL=0.665, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MwZZWwUejB80 for <doh@ietfa.amsl.com>; Mon, 19 Mar 2018 04:15:10 -0700 (PDT)
Received: from linode64.ducksong.com (linode6only.ducksong.com [IPv6:2600:3c02::f03c:91ff:fe6e:e8da]) by ietfa.amsl.com (Postfix) with ESMTP id 554B212D889 for <doh@ietf.org>; Mon, 19 Mar 2018 04:15:07 -0700 (PDT)
Received: from mail-ot0-f175.google.com (mail-ot0-f175.google.com [74.125.82.175]) by linode64.ducksong.com (Postfix) with ESMTPSA id E0FC43A04F for <doh@ietf.org>; Mon, 19 Mar 2018 07:15:06 -0400 (EDT)
Received: by mail-ot0-f175.google.com with SMTP id h8-v6so16921316oti.6 for <doh@ietf.org>; Mon, 19 Mar 2018 04:15:06 -0700 (PDT)
X-Gm-Message-State: AElRT7EMaTwvkQOF/DhgK7aKhv8Uz5h2GwEloRm4IBIwfbfZ4NAb/UUG RfvI+rZoRzbpVkIFc34XY14blziWOEauclgk4Hs=
X-Google-Smtp-Source: AG47ELuQvi91RnP70Qd/gfCJx8WxHdXCh5JR7AQoWUUTXQhSUxN44LyU/C71b1jlyknvGHyzgS2XTVcGrv86P7I4mAc=
X-Received: by 2002:a9d:1189:: with SMTP id v9-v6mr6933560otf.397.1521458103368; Mon, 19 Mar 2018 04:15:03 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.74.66.212 with HTTP; Mon, 19 Mar 2018 04:15:02 -0700 (PDT)
In-Reply-To: <CA+9kkMAZCsUaE4+-5RNt=0e0fO1P5b3WPbAuHNZ1W0sPoMkRrw@mail.gmail.com>
References: <CA+9kkMB7awRfW9jUmY9Q-1p+w3VLtpG5DxhF3s7Q58nEMZeX3w@mail.gmail.com> <20180318164307.GB6724@laperouse.bortzmeyer.org> <CAOdDvNr1GstB+g3pYi4w0bXuQ=Nz8HqgTRfWUX9TGu9YAYiz0w@mail.gmail.com> <CA+9kkMA733q3BPRbnN++0vwKrmOOCN8SBgknYwFaeEf2cvYikw@mail.gmail.com> <88AB1743-7270-4D72-8C70-0AB6B74416BD@icann.org> <SN1PR08MB1854485BF319264F51D208C3DAD40@SN1PR08MB1854.namprd08.prod.outlook.com> <CA+9kkMAZCsUaE4+-5RNt=0e0fO1P5b3WPbAuHNZ1W0sPoMkRrw@mail.gmail.com>
From: Patrick McManus <pmcmanus@mozilla.com>
Date: Mon, 19 Mar 2018 11:15:02 +0000
X-Gmail-Original-Message-ID: <CAOdDvNpRuh=NTR3Z4OiJLsc6orQZvrE0OvZ0xfvCXBweG7-hiQ@mail.gmail.com>
Message-ID: <CAOdDvNpRuh=NTR3Z4OiJLsc6orQZvrE0OvZ0xfvCXBweG7-hiQ@mail.gmail.com>
To: Ted Hardie <ted.ietf@gmail.com>
Cc: Mike Bishop <mbishop@evequefou.be>, Paul Hoffman <paul.hoffman@icann.org>, DoH WG <doh@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000cac43f0567c21155"
Archived-At: <https://mailarchive.ietf.org/arch/msg/doh/zHiXnms9u2GkytQsXY_QAX1EMPo>
Subject: Re: [Doh] [Ext] A question on the mix of DNS and HTTP semantics
X-BeenThere: doh@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: DNS Over HTTPS <doh.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/doh>, <mailto:doh-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/doh/>
List-Post: <mailto:doh@ietf.org>
List-Help: <mailto:doh-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/doh>, <mailto:doh-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 19 Mar 2018 11:15:12 -0000

there is a really fine line here. You can process a message body from a 4xx
anyway you want - its trying to communicate information to you and the
content-type is going to tell you how to go about trying to process it.
But, very clearly, that message body is not the answer to the DNS query
that was part of the HTTP request. If you can interpret it in some way that
makes your DNS gateway code richer, that's fine.. but its not a requirement
this protocol can, imo, put on a non success response beyond what is
already defined. I don't think the message body has any practical
epigrammatic interop value.


On Mon, Mar 19, 2018 at 11:03 AM, Ted Hardie <ted.ietf@gmail.com>; wrote:

> On Mon, Mar 19, 2018 at 3:42 AM, Mike Bishop <mbishop@evequefou.be>; wrote:
>
>> There's a reasonable argument that if Content-Type is
>> application/dns-udpwireformat, it should be processed by the DNS client
>> regardless of the HTTP status code.  (And that a 200 with any other
>> Content-Type is an error.)
>>
>>
> I think this makes sense.
>
> Ted
>
>
>> -----Original Message-----
>> From: Doh <doh-bounces@ietf.org>; On Behalf Of Paul Hoffman
>> Sent: Monday, March 19, 2018 10:13 AM
>> To: Ted Hardie <ted.ietf@gmail.com>;
>> Cc: DoH WG <doh@ietf.org>;
>> Subject: Re: [Doh] [Ext] A question on the mix of DNS and HTTP semantics
>>
>> On Mar 19, 2018, at 9:49 AM, Ted Hardie <ted.ietf@gmail.com>; wrote:
>> > The message body may not be able to answer this question completely,
>> but it can clarify at the DNS level that this was REFUSED.  The semantics
>> of that are much closer to 451's meaning than producing no DNS-level
>> response at all (which maps to "query did not complete" if I understand it
>> correctly).
>>
>> Hopping up one level, I think you are describing a DOH server that
>> inspects queries or responses and chooses to change the HTTP response to
>> use a non-2xx code. That seems fine, but it also seems like you are saying
>> that the DNS response inside that HTTP response should be understood by the
>> client, and in a code-specific way. Is that a fair summary?
>>
>> --Paul Hoffman
>> _______________________________________________
>> Doh mailing list
>> Doh@ietf.org
>> https://www.ietf.org/mailman/listinfo/doh
>>
>
>
> _______________________________________________
> Doh mailing list
> Doh@ietf.org
> https://www.ietf.org/mailman/listinfo/doh
>
>