IETF Logo Mail Archive

Re: [homenet] draft-ietf-homenet-front-end-naming-delegation vs. DynDNS

Juliusz Chroboczek <jch@irif.fr> Thu, 19 July 2018 09:42 UTC

Return-Path: <jch@irif.fr>
X-Original-To: homenet@ietfa.amsl.com
Delivered-To: homenet@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1C1AE130F14 for <homenet@ietfa.amsl.com>; Thu, 19 Jul 2018 02:42:36 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id psKwj2CMvVrh for <homenet@ietfa.amsl.com>; Thu, 19 Jul 2018 02:42:33 -0700 (PDT)
Received: from korolev.univ-paris7.fr (korolev.univ-paris7.fr [IPv6:2001:660:3301:8000::1:2]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1AF5A130DDD for <homenet@ietf.org>; Thu, 19 Jul 2018 02:42:32 -0700 (PDT)
Received: from potemkin.univ-paris7.fr (potemkin.univ-paris7.fr [IPv6:2001:660:3301:8000::1:1]) by korolev.univ-paris7.fr (8.14.4/8.14.4/relay1/75695) with ESMTP id w6J9fjSU007390 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Thu, 19 Jul 2018 11:41:45 +0200
Received: from mailhub.math.univ-paris-diderot.fr (mailhub.math.univ-paris-diderot.fr [81.194.30.253]) by potemkin.univ-paris7.fr (8.14.4/8.14.4/relay2/75695) with ESMTP id w6J9fsiX008720; Thu, 19 Jul 2018 11:41:54 +0200
Received: from mailhub.math.univ-paris-diderot.fr (localhost [127.0.0.1]) by mailhub.math.univ-paris-diderot.fr (Postfix) with ESMTP id 59EEFEB200; Thu, 19 Jul 2018 11:42:23 +0200 (CEST)
X-Virus-Scanned: amavisd-new at math.univ-paris-diderot.fr
Received: from mailhub.math.univ-paris-diderot.fr ([127.0.0.1]) by mailhub.math.univ-paris-diderot.fr (mailhub.math.univ-paris-diderot.fr [127.0.0.1]) (amavisd-new, port 10023) with ESMTP id kt4whWFH2wGL; Thu, 19 Jul 2018 11:42:21 +0200 (CEST)
Received: from trurl.irif.fr (unknown [78.194.40.74]) (Authenticated sender: jch) by mailhub.math.univ-paris-diderot.fr (Postfix) with ESMTPSA id CF28CEB22D; Thu, 19 Jul 2018 11:42:19 +0200 (CEST)
Date: Thu, 19 Jul 2018 11:42:18 +0200
Message-ID: <87tvovd0jp.wl-jch@irif.fr>
From: Juliusz Chroboczek <jch@irif.fr>
To: Ted Lemon <mellon@fugue.com>
Cc: Homenet <homenet@ietf.org>, Daniel Migault <daniel.migault@ericsson.com>
In-Reply-To: <CAPt1N1msXi1BG9RTDr2sWnn8J6F45CnESJCg4LTP-4jP9mVJxw@mail.gmail.com>
References: <87sh4g1bqe.wl-jch@irif.fr> <249918E0-8E8F-44A9-B1ED-0D4F91104B20@isc.org> <877elsovmq.wl-jch@irif.fr> <CAPt1N1msXi1BG9RTDr2sWnn8J6F45CnESJCg4LTP-4jP9mVJxw@mail.gmail.com>
User-Agent: Wanderlust/2.15.9
MIME-Version: 1.0 (generated by SEMI-EPG 1.14.7 - "Harue")
Content-Type: text/plain; charset="US-ASCII"
X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.2.7 (korolev.univ-paris7.fr [IPv6:2001:660:3301:8000::1:2]); Thu, 19 Jul 2018 11:41:45 +0200 (CEST)
X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.2.7 (potemkin.univ-paris7.fr [194.254.61.141]); Thu, 19 Jul 2018 11:41:58 +0200 (CEST)
X-Miltered: at korolev with ID 5B505CD9.000 by Joe's j-chkmail (http : // j-chkmail dot ensmp dot fr)!
X-Miltered: at potemkin with ID 5B505CE2.002 by Joe's j-chkmail (http : // j-chkmail dot ensmp dot fr)!
X-j-chkmail-Enveloppe: 5B505CD9.000 from potemkin.univ-paris7.fr/potemkin.univ-paris7.fr/null/potemkin.univ-paris7.fr/<jch@irif.fr>
X-j-chkmail-Enveloppe: 5B505CE2.002 from mailhub.math.univ-paris-diderot.fr/mailhub.math.univ-paris-diderot.fr/null/mailhub.math.univ-paris-diderot.fr/<jch@irif.fr>
X-j-chkmail-Score: MSGID : 5B505CD9.000 on korolev.univ-paris7.fr : j-chkmail score : . : R=. U=. O=. B=0.000 -> S=0.000
X-j-chkmail-Score: MSGID : 5B505CE2.002 on potemkin.univ-paris7.fr : j-chkmail score : . : R=. U=. O=. B=0.000 -> S=0.000
X-j-chkmail-Status: Ham
X-j-chkmail-Status: Ham
Archived-At: <https://mailarchive.ietf.org/arch/msg/homenet/UwePYG8itB6uchDNtC7LXd03Z9k>
Subject: Re: [homenet] draft-ietf-homenet-front-end-naming-delegation vs. DynDNS
X-BeenThere: homenet@ietf.org
X-Mailman-Version: 2.1.27
Precedence: list
List-Id: IETF Homenet WG mailing list <homenet.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/homenet>, <mailto:homenet-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/homenet/>
List-Post: <mailto:homenet@ietf.org>
List-Help: <mailto:homenet-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/homenet>, <mailto:homenet-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 19 Jul 2018 09:42:36 -0000

> In order for services to be discoverable on the homenet, they have to
> publish their contact info on the homenet. The protocol that everyone
> uses for this is DNSSD. This is how you find your printer when you want
> to print to it. Nobody uses the ad-hoc DynDNS protocol for this.

I am not speaking about discovery within the Homenet.  I am speaking about
exporting names into the global DNS, which is what Daniel's draft is about.

> It's certainly true that we could use an HTTPS-based protocol for setting up
> delegations for the forward mapping zone. This makes a great deal of sense,

Good.

> The reverse mapping zone has to be delegated by the ISP, so we might as
> well do it in a prefix delegation transaction.

I'm not following your reasoning here -- why does the zone being tied to
the ISP imply that we must use a more complex protocol?

> So if you are advocating this second thing, that makes sense, and we should
> definitely talk about whether it makes sense to do it this way.

Let's.

> Also, think of the privacy implications if all of the services on the
> homenet had to be discovered from a shared zone like dyndns.org.

Quite the opposite.  In the trivial update protocol, the update is
end-to-end, encrypted, and only the host and the DNS provider see the
data.  Every Homenet, every host, heck, even every application can use
a different DNS provider, and each DNS provider only sees the data that
was explicitly sent to it.

In Daniel's protocol, the data goes from host to hidden primary to DNS
provider.  The hidden primary is probably controlled by the ISP, which is
convenient if you happen to be a privacy-violating ISP.

-- Juliusz

v2.23.0 | Report a Bug | By Email