Re: Alt-Svc interaction with HTTPS/SVCB DNS records
Martin Thomson <mt@lowentropy.net> Thu, 17 June 2021 23:23 UTC
Return-Path: <ietf-http-wg-request+bounce-httpbisa-archive-bis2juki=lists.ie@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 995C03A0963 for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Thu, 17 Jun 2021 16:23:10 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.749
X-Spam-Level:
X-Spam-Status: No, score=-2.749 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.249, MAILING_LIST_MULTI=-1, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=lowentropy.net header.b=qT+jQGI9; dkim=pass (2048-bit key) header.d=messagingengine.com header.b=ifNNNSKN
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id s9PJlWjKAzTb for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Thu, 17 Jun 2021 16:23:04 -0700 (PDT)
Received: from lyra.w3.org (lyra.w3.org [128.30.52.18]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9C8C93A0945 for <httpbisa-archive-bis2Juki@lists.ietf.org>; Thu, 17 Jun 2021 16:23:04 -0700 (PDT)
Received: from lists by lyra.w3.org with local (Exim 4.92) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1lu1Gk-0000JS-H5 for ietf-http-wg-dist@listhub.w3.org; Thu, 17 Jun 2021 23:17:56 +0000
Resent-Date: Thu, 17 Jun 2021 23:17:54 +0000
Resent-Message-Id: <E1lu1Gk-0000JS-H5@lyra.w3.org>
Received: from mimas.w3.org ([128.30.52.79]) by lyra.w3.org with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from <mt@lowentropy.net>) id 1lu1G0-0000Fg-3v for ietf-http-wg@listhub.w3.org; Thu, 17 Jun 2021 23:17:13 +0000
Received: from out3-smtp.messagingengine.com ([66.111.4.27]) by mimas.w3.org with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from <mt@lowentropy.net>) id 1lu1FM-0002fd-EO for ietf-http-wg@w3.org; Thu, 17 Jun 2021 23:17:02 +0000
Received: from compute4.internal (compute4.nyi.internal [10.202.2.44]) by mailout.nyi.internal (Postfix) with ESMTP id 100F75C00A4; Thu, 17 Jun 2021 19:16:15 -0400 (EDT)
Received: from imap10 ([10.202.2.60]) by compute4.internal (MEProxy); Thu, 17 Jun 2021 19:16:15 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lowentropy.net; h=mime-version:message-id:in-reply-to:references:date:from:to :subject:content-type; s=fm2; bh=jKcXggkOlpr5zmFDjyLYgfBd5HVkvks AnIpKdE8y4P0=; b=qT+jQGI9nsANlTomDZou05G5EirTU4nb+2g/pb0WsRNWFc7 gqCAhEr+Z7l0zgOHmp+mjnoEibab03yA6GnuUl3XNZ15faOl4ataDI9QeQnd8Mfw eqZ5EEpTLOwjEiemz5fqF8LobsLVBlL+tw5w61jNCsEgbSVl/5rXDEDi9xSTH94h MVyG1XEZKDc/ST28apN1pEqX3uhnE2U5DZ9uNKnzPswAwhM4TAAUMgSM9ufccrNa 5YKHOuFYf/sQhJV0yNDEKEf89Hlr7Q1Thak9C+Qsdjs/xsSM63OW8zvXAWH+pNcR qAeO1av1exZnz6dOyR34G/dTOJghWTUpR4/i8vA==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=content-type:date:from:in-reply-to :message-id:mime-version:references:subject:to:x-me-proxy :x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=fm3; bh=jKcXgg kOlpr5zmFDjyLYgfBd5HVkvksAnIpKdE8y4P0=; b=ifNNNSKNFdaxbTh5Jtl2IC JrYEwLl6miV2y8LFFbHZ7eVaVY8HeCD3+8tRLobIeK82wK6LVLl8vYfGc8TOh7jy w3OuKcKXgpBjSSocuaV35w8OQkTNfGiBb0goNMckrL+vsctTCRu8/gdt+qn4p2oV jLIv1AVkZk3kdZ6F1wLkuko55rkbRYacheeFfRDripKUp0wyY6HyWFz8nVT/PMgc 2A64Evi4G6cGagvTg1E106P4Ti6hBhtbwdw76DtoHe76195mG/Yol3+1Oi7dBoKl F+f11Gy0ho4repHamZFdZOQH60hr29Vs1kBFLAqBHZVYxZzRaXRIOnX4GTtfP8NA ==
X-ME-Sender: <xms:vdfLYC8QhsjqgOfAo3eod0gyUy5y8qxBDyK3HCaHMQx90e-Q39Lw6g> <xme:vdfLYCs66cg4S-T_NP_nURBA1I5NuahWTcMAhC0GNdOqDfp3fxVHhAcN0OA9BeP_z JDJA0NAWpnHvq3ZzBc>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeduledrfeefvddgudeiucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucesvcftvggtihhpihgvnhhtshculddquddttddmne cujfgurhepofgfggfkjghffffhvffutgesthdtredtreertdenucfhrhhomhepfdforghr thhinhcuvfhhohhmshhonhdfuceomhhtsehlohifvghnthhrohhphidrnhgvtheqnecugg ftrfgrthhtvghrnhepffevkeegtedvueevtdevvedtueelgeevjefhhefgteffieeigfev feelffetueelnecuffhomhgrihhnpehgihhthhhusgdrtghomhdpihgvthhfrdhorhhgne cuvehluhhsthgvrhfuihiivgeptdenucfrrghrrghmpehmrghilhhfrhhomhepmhhtsehl ohifvghnthhrohhphidrnhgvth
X-ME-Proxy: <xmx:vdfLYIC-lPa355pm_CGJC4hSuzZIf2L_nMbimJK51qlHuKbpkXQreA> <xmx:vdfLYKeIX4N0KciG2hefJes7aJsoqP1q1C2IwrmcYOyXc008J0_TXA> <xmx:vdfLYHP9qsxNNfAMfOCszwvT_V1hglvLcvhmXBdg0hXbVFiOzuX2IQ> <xmx:v9fLYN1hqtmICReoRcCBmIUzmtSbkWHfI1kqsNb55t26Ww7YexiEAw>
Received: by mailuser.nyi.internal (Postfix, from userid 501) id 954304E00FB; Thu, 17 Jun 2021 19:16:13 -0400 (EDT)
X-Mailer: MessagingEngine.com Webmail Interface
User-Agent: Cyrus-JMAP/3.5.0-alpha0-526-gf020ecf851-fm-20210616.001-gf020ecf8
Mime-Version: 1.0
Message-Id: <2eedcfca-c083-40d8-8598-253928fde183@www.fastmail.com>
In-Reply-To: <CAKC-DJj9rU6a_P1f9FTYmTrkv5570fUdviCe6pniEYaQMDMZdA@mail.gmail.com>
References: <CAKC-DJj9rU6a_P1f9FTYmTrkv5570fUdviCe6pniEYaQMDMZdA@mail.gmail.com>
Date: Fri, 18 Jun 2021 09:15:52 +1000
From: Martin Thomson <mt@lowentropy.net>
To: Erik Nygren <erik+ietf@nygren.org>, "ietf-http-wg@w3.org Group" <ietf-http-wg@w3.org>, Mike Bishop <mbishop@evequefou.be>, Ben Schwartz <bemasc@google.com>
Content-Type: text/plain
Received-SPF: pass client-ip=66.111.4.27; envelope-from=mt@lowentropy.net; helo=out3-smtp.messagingengine.com
X-W3C-Hub-DKIM-Status: validation passed: (address=mt@lowentropy.net domain=lowentropy.net), signature is good
X-W3C-Hub-DKIM-Status: validation passed: (address=mt@lowentropy.net domain=messagingengine.com), signature is good
X-W3C-Hub-Spam-Status: No, score=-9.8
X-W3C-Hub-Spam-Report: BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, W3C_AA=-1, W3C_DB=-1, W3C_IRA=-1, W3C_IRR=-3, W3C_WL=-1
X-W3C-Scan-Sig: mimas.w3.org 1lu1FM-0002fd-EO 637026a606ac027a9b17341bb919276b
X-Original-To: ietf-http-wg@w3.org
Subject: Re: Alt-Svc interaction with HTTPS/SVCB DNS records
Archived-At: <https://www.w3.org/mid/2eedcfca-c083-40d8-8598-253928fde183@www.fastmail.com>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/38916
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <https://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>
I think that it would be helpful to write a page or two about the motivation and rationale behind the decision. That text is quite dense and not at all clear. An explanation of how the pieces fit together at a high level and the consequences of that for the design of the protocol (and it's impact on how people configure servers or build clients) would be very helpful. On Fri, Jun 18, 2021, at 09:00, Erik Nygren wrote: > The HTTPS/SVCB DNS record draft past WGLC in DNSOP. > There has been a bunch of discussion in this pull-request recently > on improving the interaction between Alt-Svc and HTTPS RRs. > Much of the discussion is here: > > https://github.com/MikeBishop/dns-alt-svc/pull/329/files > > Most of the resulting text is now in -06 in Section 8.3: > > > https://datatracker.ietf.org/doc/html/draft-ietf-dnsop-svcb-https-06#section-8.3 > > Given how this is at the borderline of HTTP Alt-Svc and DNS, > we had a discussion in the Interim today that this could use > more visibility from the HTTP WG. > > More broadly, while it hasn't changed recently, Section 6.1 > (for "alpn" SvcParam handling) takes into account some experience > from clients with challenges with ALPN handling with Alt-Svc > and some of the proposed text in it may want to be included > in an Alt-Svc-bis: > > > https://datatracker.ietf.org/doc/html/draft-ietf-dnsop-svcb-https-06#section-6.1 > > The chairs are discussing whether we may want to have a call on this, > but in the meantime feedback and comments are most welcome. > > Erik > > > >
- Alt-Svc interaction with HTTPS/SVCB DNS records Erik Nygren
- Re: Alt-Svc interaction with HTTPS/SVCB DNS recor… Martin Thomson
- RE: Alt-Svc interaction with HTTPS/SVCB DNS recor… Mike Bishop