RE: Alt-Svc interaction with HTTPS/SVCB DNS records
Mike Bishop <mbishop@evequefou.be> Tue, 29 June 2021 15:29 UTC
Return-Path: <ietf-http-wg-request+bounce-httpbisa-archive-bis2juki=lists.ie@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8B07A3A37BA for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Tue, 29 Jun 2021 08:29:43 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.649
X-Spam-Level:
X-Spam-Status: No, score=-2.649 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.248, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=evequefou.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7l1VoZHiDRxc for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Tue, 29 Jun 2021 08:29:38 -0700 (PDT)
Received: from lyra.w3.org (lyra.w3.org [128.30.52.18]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 85EC13A37BE for <httpbisa-archive-bis2Juki@lists.ietf.org>; Tue, 29 Jun 2021 08:29:38 -0700 (PDT)
Received: from lists by lyra.w3.org with local (Exim 4.92) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1lyFfs-00050E-C9 for ietf-http-wg-dist@listhub.w3.org; Tue, 29 Jun 2021 15:29:20 +0000
Resent-Date: Tue, 29 Jun 2021 15:29:20 +0000
Resent-Message-Id: <E1lyFfs-00050E-C9@lyra.w3.org>
Received: from mimas.w3.org ([128.30.52.79]) by lyra.w3.org with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from <mbishop@evequefou.be>) id 1lyFfp-0004yY-IL for ietf-http-wg@listhub.w3.org; Tue, 29 Jun 2021 15:29:17 +0000
Received: from mail-bn7nam10on20720.outbound.protection.outlook.com ([2a01:111:f400:7e8a::720] helo=NAM10-BN7-obe.outbound.protection.outlook.com) by mimas.w3.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from <mbishop@evequefou.be>) id 1lyFfo-0008FO-1o for ietf-http-wg@w3.org; Tue, 29 Jun 2021 15:29:17 +0000
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=DR51+HX0N0wHUiB25ivr1F0xn79B7B2Uerh50eASlhsrtewMclAdnRTYBijHPHY2W+6llmWfz2XDJVPEc1MaffFyg6JYBEv7B2hMHksVSW0i28y7qiUD0TUezr/PpG9U2JDy87EEeGRvQK/KqIGkrNdEeFRXJc0h5dGU55wxECOxIRmNhWwkka+a7PiuULDKDUrhT4zDw2Zg5feqrDBGg2PMg4Ig83snGicvu4zkbbshbL02UMvjYysdiZF9LFUDS8hPNFnoG1h+gUCauiQ8fv5Omo5kEV/7i2A7nWReWveeQzmYmuEG3Np4NRtnxmBOhPNpIFScFWh61dcOXrVCUw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=l2DOR8hxBBQEedvccs8GE98nyBs0C1qS7/gf0hsNgfw=; b=li99UrRmOY3yMl/V75GFeUQth6AYVy1wK1b40IQB2xPL0Nztqqwwn4Y/lLNlgHKqB4eKmep9jQ7VtwFBHGDJFz2vzbvSTHK1Wde0BGCxqDZHJQ40ltcmKP54GDkHzBrLa362p383ixFEwpKeZz2xCuPYCGA8VBQll4lHG+ODzxtOj6KffprAFDZRlglN26xRgVAAAIUPuZSRoqZVHgzEdNi3sng5L0Lfk7xipgCtcerjFuIeyPboIO6rLwcypUyfqpRCBZCdVCeSJXb4frEUTuc7Zou98ukR40WLC5PEDL1xA6Kqv37Ycnzz1xMmQsiGv3TtgVBz6Ay0x6YzCzhgsA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=evequefou.be; dmarc=pass action=none header.from=evequefou.be; dkim=pass header.d=evequefou.be; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=evequefou.onmicrosoft.com; s=selector2-evequefou-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=l2DOR8hxBBQEedvccs8GE98nyBs0C1qS7/gf0hsNgfw=; b=jA8WZsckjJI+sGfTZCfRfAk3EWfq4ItoXQ7slE+hSVmjT4eFZFe6ZBleT0zFgslbHzqrNswpQy2i9yWU1sSFfBU+85sBg0PSzdA4LhYq6NlgyyVbFt+8bTP2pGFHLnEbwFIuXccOrvM+uxYrrXEkwmvp+ZFPciVsKFXGB91b40k=
Received: from BLAPR22MB2259.namprd22.prod.outlook.com (2603:10b6:208:27b::11) by MN2PR22MB1952.namprd22.prod.outlook.com (2603:10b6:208:202::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4264.19; Tue, 29 Jun 2021 15:29:04 +0000
Received: from BLAPR22MB2259.namprd22.prod.outlook.com ([fe80::8c12:4fe1:90cc:57f8]) by BLAPR22MB2259.namprd22.prod.outlook.com ([fe80::8c12:4fe1:90cc:57f8%8]) with mapi id 15.20.4264.026; Tue, 29 Jun 2021 15:29:04 +0000
From: Mike Bishop <mbishop@evequefou.be>
To: Martin Thomson <mt@lowentropy.net>, Erik Nygren <erik+ietf@nygren.org>, "ietf-http-wg@w3.org Group" <ietf-http-wg@w3.org>, Ben Schwartz <bemasc@google.com>
Thread-Topic: Alt-Svc interaction with HTTPS/SVCB DNS records
Thread-Index: AQHXY8yNTy6GcgcmL0aBHtS7SKPUk6sY1dUAgBJXYGA=
Date: Tue, 29 Jun 2021 15:29:03 +0000
Message-ID: <BLAPR22MB2259F027DD41DDFAD61D4448DA029@BLAPR22MB2259.namprd22.prod.outlook.com>
References: <CAKC-DJj9rU6a_P1f9FTYmTrkv5570fUdviCe6pniEYaQMDMZdA@mail.gmail.com> <2eedcfca-c083-40d8-8598-253928fde183@www.fastmail.com>
In-Reply-To: <2eedcfca-c083-40d8-8598-253928fde183@www.fastmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: lowentropy.net; dkim=none (message not signed) header.d=none;lowentropy.net; dmarc=none action=none header.from=evequefou.be;
x-originating-ip: [72.49.212.17]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: ac080ffc-4186-4b86-2d54-08d93b12a0ac
x-ms-traffictypediagnostic: MN2PR22MB1952:
x-microsoft-antispam-prvs: <MN2PR22MB195220B18DE491D050C7907FDA029@MN2PR22MB1952.namprd22.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:1824;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: jxBFhELlrp4cn9sOlfI4T0NaM29rKsjT37kgSR7j+0rk8IdUtlkjyAYpna6iW0ZWHggRVsyg1uXC4HsHK3FIPzKRkf3Ltc8aBomETxl8xMwwX0oiElm0UfqZL7nGwN2wkQxaTu4IWQjY1CzFNGxJRrO9Y2UZbXFMD3/OwuQlc7Yz4sCsYGDeUW4tWgN/ykY+0zMvJPae3r6emopteMaiXFw9Y1RfhfTTo2wJlSw2+5rDd9RpwsMM3kzb7p33np5TUCPliIHGGgNqh7/rzt5nOymgPQyranehKm0UmOjI1nRfrajErlTRpXURTgDYdpcFeKF55wWDhjz8F2ATsQpH/TsdOxG9PyXi3hsMO0lGJZCcs4yVsdISdPnbmRyHRZdK9wvw5vOkNrNL1Vc49/Pu1iAR9EUTtUJgsbzLyHydiWDZ0oe6XJEh/VoB9xbZ5OO89fQzuTqX6t7TRaYzuq4srfH+tDD84/F18YSuwfsuVpSlPxb839jEDRnUtiZPwd7eRldUtmlpuO1LUtPH/3K2/w8ydCHhPcJxCbmLqz/r15DUMfB8AKLeAVUm9lG8+s6Dhdf/se6C+yM4Rqp5WCSWvk5yDAcwYFu2anVySVKMPsLz6UxldLFKSkinaEt1Iw4/BcKFC+n9eytjLO5bv3YuPqQK/prER/txTh/Bt6rRGFN7ybmPdh5XmW/SzK0caJ8mgNIFRklUemznv6D/K7htJ80S3ja+BYbY4lZcmB6sZLTSv5Sjs9CpruDi3R7PYF0umsQHLsTwEpG5Dky2uliUmQ==
x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:BLAPR22MB2259.namprd22.prod.outlook.com;PTR:;CAT:NONE;SFS:(136003)(376002)(346002)(396003)(39830400003)(366004)(38100700002)(86362001)(8936002)(110136005)(7696005)(33656002)(5660300002)(8676002)(186003)(316002)(122000001)(52536014)(66556008)(66476007)(64756008)(71200400001)(53546011)(66446008)(6506007)(55016002)(83380400001)(966005)(478600001)(66946007)(26005)(2906002)(9686003)(76116006);DIR:OUT;SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: NepXKRULnW8qKHUFDNMO10sIwO4LR5v9wICBxyHm/7aeSjdCMGjbZLyJOIDLggyAnOBKagUeh6T9axMH6Lpwzc8ZKDeX4nY+LOo1m66ScEYb9WgMP7Dqkx5dAzivuWJCerQEiKaMog0eWkaDz/jdQ1GUCh0Otrs7hpwUjbJcnRM/xlVV+/UoNq9872e9GMsRE+Fq6uutB7pqbIclQPl3jJoPoUEWID87pC2qDUEQM7qneujkyvLhNeH1rQFjVZ5x1k71knY5q1hys5mWRb6ssWN5nwSZrfT0nt6wXnmnOYVxYcyYlXmuDfepE5n4dmzoP2WhtVWaUqRxgTbHwHMXJrqgAIZ5HcIlp0VtSwGups2YtJwM5muW1BbGAnhFEZLtaAWAs+Kic+rLw6gRHHNBAsLUlFVHQY2BFgPEnFi67LaBfsWiGpPntYGduRx1TUOJETAQh9m3p/OTAtcPHHP7EEQ6s2exV8cKEoaGR5+XI82gLTz259jXfjLlfNnluFmzsvg7NfH+MMa1Br3aFfU8fn6Z2ZgGs4P/BXgHBEV+R7Ob5HzOXWTVrBj/wjlyudxoXkqpPYcl2KN93RwM4Vt72OCabhltQykf5pH0m8HpQrj94XvgFEHWVnEbzVVNBpHA+inenDvuVonbmt4EsSSjvHEWsp9TNlOhrJ3mncVvXpAae2VPiNbESfaO1UYldZv81GqaRAyGe6ry5S6iX+dVbf8K6KyzUXFDVg3YTqV23qJ2WTZMjnNz21gHLW4zHgyYhyGcFtRXYtYM3Z1dZHNV9/9/WI37TDlIMLhEfTBI0owdX4aM3NHbPNKfJPnue2/gJKInaoOvn/Bz3W0jbyn8iiOaU21sXxPjEGyDzYMTlUplhA0oC5M5QhWppWCbr86bQ1BPUJzog5XLnHPWBJ93xT9LuJ/C7y5bJjxVfxmw/6QC3IWF2FMieC4enu46eoa/iAqsd2/ENnscKGK1WdSfcFyozxWAoV3aXfRrRtS87DUwPuld7CVqV3J0G1ansfCPKifCiumeZzycsUv7DOwHioJPoRBfNY35e+EAIWKfVngsibvAfGnuRzHf7+Ua3vGYM24kNCl64NEwBx8ZL3XkRs8sNLFdCl/PloNy+ZFa7YCtG3FjRrf7pbOSGrbBW71wmwF059A+VYHXP3+OvCcbsgMlDa5RSxBojyf2ElXNpSMv8o2jzAry7olEBtHRsdmRn5GlJhHtRs5oU7TGgoKOS4xDtnmcfd3TrOzCou/RUOZaWzsZel0nFlQtycN7eJeDlUm94lDvYe/pgyLa0KN6syKJXv0N6EvKJ2M/cLZ4xvM=
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: evequefou.be
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: BLAPR22MB2259.namprd22.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: ac080ffc-4186-4b86-2d54-08d93b12a0ac
X-MS-Exchange-CrossTenant-originalarrivaltime: 29 Jun 2021 15:29:03.9887 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 41eaf50b-882d-47eb-8c4c-0b5b76a9da8f
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: mM1jPN7zLxfrjzTvEpwB8gyMNnh70tbZhWePgN5Qr7E/xv3K6UR4utOlNjVJMhDsPdEyYEI0KOyFKuT7n9d0YQ==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: MN2PR22MB1952
Received-SPF: pass client-ip=2a01:111:f400:7e8a::720; envelope-from=mbishop@evequefou.be; helo=NAM10-BN7-obe.outbound.protection.outlook.com
X-W3C-Hub-DKIM-Status: validation passed: (address=mbishop@evequefou.be domain=evequefou.onmicrosoft.com), signature is good
X-W3C-Hub-Spam-Status: No, score=-3.9
X-W3C-Hub-Spam-Report: BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, W3C_AA=-1, W3C_WL=-1
X-W3C-Scan-Sig: mimas.w3.org 1lyFfo-0008FO-1o cfc4e41dc47cac0b52406a3597719f2c
X-Original-To: ietf-http-wg@w3.org
Subject: RE: Alt-Svc interaction with HTTPS/SVCB DNS records
Archived-At: <https://www.w3.org/mid/BLAPR22MB2259F027DD41DDFAD61D4448DA029@BLAPR22MB2259.namprd22.prod.outlook.com>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/38961
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <https://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>
There's a bit of discussion on the interaction between the two documents in https://github.com/MikeBishop/alt-svc-bis/pull/1/files. Hopefully, this helps frame the discussion for people. If there's something key you think isn't included here, please suggest additions to the PR. -----Original Message----- From: Martin Thomson <mt@lowentropy.net> Sent: Thursday, June 17, 2021 7:16 PM To: Erik Nygren <erik+ietf@nygren.org>; ietf-http-wg@w3.org Group <ietf-http-wg@w3.org>; Mike Bishop <mbishop@evequefou.be>; Ben Schwartz <bemasc@google.com> Subject: Re: Alt-Svc interaction with HTTPS/SVCB DNS records I think that it would be helpful to write a page or two about the motivation and rationale behind the decision. That text is quite dense and not at all clear. An explanation of how the pieces fit together at a high level and the consequences of that for the design of the protocol (and it's impact on how people configure servers or build clients) would be very helpful. On Fri, Jun 18, 2021, at 09:00, Erik Nygren wrote: > The HTTPS/SVCB DNS record draft past WGLC in DNSOP. > There has been a bunch of discussion in this pull-request recently on > improving the interaction between Alt-Svc and HTTPS RRs. > Much of the discussion is here: > > https://github.com/MikeBishop/dns-alt-svc/pull/329/files > > Most of the resulting text is now in -06 in Section 8.3: > > > https://datatracker.ietf.org/doc/html/draft-ietf-dnsop-svcb-https-06#s > ection-8.3 > > Given how this is at the borderline of HTTP Alt-Svc and DNS, we had a > discussion in the Interim today that this could use more visibility > from the HTTP WG. > > More broadly, while it hasn't changed recently, Section 6.1 (for > "alpn" SvcParam handling) takes into account some experience from > clients with challenges with ALPN handling with Alt-Svc and some of > the proposed text in it may want to be included in an Alt-Svc-bis: > > > https://datatracker.ietf.org/doc/html/draft-ietf-dnsop-svcb-https-06#s > ection-6.1 > > The chairs are discussing whether we may want to have a call on this, > but in the meantime feedback and comments are most welcome. > > Erik > > > >
- Alt-Svc interaction with HTTPS/SVCB DNS records Erik Nygren
- Re: Alt-Svc interaction with HTTPS/SVCB DNS recor… Martin Thomson
- RE: Alt-Svc interaction with HTTPS/SVCB DNS recor… Mike Bishop