Re: [Driu] [DNSOP] [Doh] Resolverless DNS Side Meeting in Montreal

Patrick McManus <pmcmanus@mozilla.com> Tue, 10 July 2018 17:10 UTC

Return-Path: <pmcmanus@mozilla.com>
X-Original-To: driu@ietfa.amsl.com
Delivered-To: driu@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 410251311B5; Tue, 10 Jul 2018 10:10:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.233
X-Spam-Level:
X-Spam-Status: No, score=-1.233 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, SPF_SOFTFAIL=0.665, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pd5Yo_xuezKc; Tue, 10 Jul 2018 10:10:38 -0700 (PDT)
Received: from linode64.ducksong.com (www.ducksong.com [192.155.95.102]) by ietfa.amsl.com (Postfix) with ESMTP id B2C141311A6; Tue, 10 Jul 2018 10:10:38 -0700 (PDT)
Received: from mail-oi0-f52.google.com (mail-oi0-f52.google.com [209.85.218.52]) by linode64.ducksong.com (Postfix) with ESMTPSA id 4E69C3A054; Tue, 10 Jul 2018 13:10:37 -0400 (EDT)
Received: by mail-oi0-f52.google.com with SMTP id d189-v6so44008009oib.6; Tue, 10 Jul 2018 10:10:37 -0700 (PDT)
X-Gm-Message-State: APt69E29hbkmQI8u8jt2VFu4z4O+anGFmOOEhMjFQOjSgFbrQInGRwWw NPFIheEuiGiS1o2+9we0/Rno5hvYHmV+9yBHCsw=
X-Google-Smtp-Source: AAOMgpetPYvarAgMzytWSOGAzaYS4w4G0+9dAmWlEbTDFFifAbCRgeBtQrxk5XkXV6rFIFYv5O4h6SD/TywJVVVDKhQ=
X-Received: by 2002:aca:5f0a:: with SMTP id t10-v6mr12880476oib.337.1531242637005; Tue, 10 Jul 2018 10:10:37 -0700 (PDT)
MIME-Version: 1.0
Received: by 2002:a4a:8a22:0:0:0:0:0 with HTTP; Tue, 10 Jul 2018 10:10:36 -0700 (PDT)
In-Reply-To: <e658445a-242b-5f94-f1fc-0bc4c850319d@nostrum.com>
References: <m1fcoe5-0000GuC@stereo.hq.phicoh.net> <alpine.LRH.2.21.1807101056140.5219@bofh.nohats.ca> <4a845808-5348-d6e4-dda2-59aaf0e85c14@nostrum.com> <3DF5A66C-CCBF-4116-A1FC-35CF8E05808B@hopcount.ca> <e1675184-f0bc-670d-3db1-b99a9daf1657@nostrum.com> <CAJhMdTOZtOpF_aK-ZzP0DfkDMcAtTKFLdSpKkrSPvP1cOgnOjQ@mail.gmail.com> <e658445a-242b-5f94-f1fc-0bc4c850319d@nostrum.com>
From: Patrick McManus <pmcmanus@mozilla.com>
Date: Tue, 10 Jul 2018 11:10:36 -0600
X-Gmail-Original-Message-ID: <CAOdDvNoFD3m5C4jtKW-H6hMmVO+F5qa-+XS4gF=BkgRA1MFx1A@mail.gmail.com>
Message-ID: <CAOdDvNoFD3m5C4jtKW-H6hMmVO+F5qa-+XS4gF=BkgRA1MFx1A@mail.gmail.com>
To: Adam Roach <adam@nostrum.com>
Cc: Joe Abley <jabley@hopcount.ca>, DoH WG <doh@ietf.org>, driu@ietf.org, Philip Homburg <pch-dnsop-3@u-1.phicoh.com>, dnsop <dnsop@ietf.org>, Patrick McManus <pmcmanus@mozilla.com>, Paul Wouters <paul@nohats.ca>, HTTP Working Group <ietf-http-wg@w3.org>
Content-Type: multipart/alternative; boundary="0000000000007199da0570a835c8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/driu/oTpY8IGbx-5fjYUuwfwMUaGpqc8>
Subject: Re: [Driu] [DNSOP] [Doh] Resolverless DNS Side Meeting in Montreal
X-BeenThere: driu@ietf.org
X-Mailman-Version: 2.1.27
Precedence: list
List-Id: "DNS Resolver Identification and Use \(DRIU\)." <driu.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/driu>, <mailto:driu-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/driu/>
List-Post: <mailto:driu@ietf.org>
List-Help: <mailto:driu-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/driu>, <mailto:driu-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 10 Jul 2018 17:10:52 -0000

yes; and.. dns has always provided a point of indirection that is useful.
dynamically rewriting markup might be infeasible.. and many fetch() like
things are driven from script where the markup changes are not obvious or
perhaps ill fitting.. and of course there are questions of cached content
that might like to late bind. so lots to think about; but the markup
example is very illustrative of a very conservative way of scoping things.
perhaps too conservative. worth exploring.

On Tue, Jul 10, 2018 at 11:02 AM, Adam Roach <adam@nostrum.com>; wrote:

> On 7/10/18 11:34 AM, Joe Abley wrote:
>
>> On Jul 10, 2018, at 17:22, Adam Roach <adam@nostrum.com>; wrote:
>>
>> Basically, you're describing a solution space that could be realized as
>>> something like:
>>>
>>> <img src="https://example.com/img/f.jpg" ip="192.0.2.1">
>>>
>> Ok, interesting. I would suggest considering a richer scheme that
>> accommodates address families and multiple addresses with priorities,
>> but I see how that kind of thing would allow a client to do so
>> certificate matching and resource retrieval without using the DNS.
>>
>> But this is really equivalent in just about every important way to
>>> sending the normal <img src="https://example.com/img/f.jpg"> along with
>>> a pushed DNS record that indicates that "example.com" resolves to
>>> "192.0.2.1" -- and this latter thing is (to my understanding, at least) in
>>> scope of the conversation that Patrick is proposing to have.
>>>
>> My question is why you would involve the DNS at all if all the
>> performance-based resolution decisions can be made without it. You're
>> just adding cost and complexity without benefit.
>>
>
> In large part because DNS provides "a richer scheme that accommodates
> address families and multiple addresses with priorities".
>
>
> /a
>