Re: Last Call: <draft-faltstrom-uri-10.txt> (The Uniform Resource Identifier (URI) DNS Resource Record) to Proposed Standard

Patrik Fältström <paf@netnod.se> Thu, 29 January 2015 06:13 UTC

Return-Path: <paf@netnod.se>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 92CA21A6F2B for <ietf@ietfa.amsl.com>; Wed, 28 Jan 2015 22:13:11 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.26
X-Spam-Level:
X-Spam-Status: No, score=-1.26 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HELO_EQ_SE=0.35, MIME_8BIT_HEADER=0.3, RCVD_IN_DNSWL_NONE=-0.0001, T_RP_MATCHES_RCVD=-0.01] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id kmKllPwI6Rwx for <ietf@ietfa.amsl.com>; Wed, 28 Jan 2015 22:13:08 -0800 (PST)
Received: from mail.netnod.se (mail.netnod.se [192.71.80.100]) by ietfa.amsl.com (Postfix) with ESMTP id 83C691A000C for <ietf@ietf.org>; Wed, 28 Jan 2015 22:13:08 -0800 (PST)
Received: from [192.168.1.125] (frobbit.cust.teleservice.net [85.30.128.225]) (Authenticated sender: paf) by mail.netnod.se (Postfix) with ESMTPSA id B942A7C0D1; Thu, 29 Jan 2015 07:13:07 +0100 (CET)
Subject: Re: Last Call: <draft-faltstrom-uri-10.txt> (The Uniform Resource Identifier (URI) DNS Resource Record) to Proposed Standard
Mime-Version: 1.0 (Mac OS X Mail 8.2 \(2070.6\))
Content-Type: multipart/signed; boundary="Apple-Mail=_C7A60F6C-25DC-4934-A9A8-BB1904D923C1"; protocol="application/pgp-signature"; micalg=pgp-sha1
X-Pgp-Agent: GPGMail 2.5b4
From: =?utf-8?Q?Patrik_F=C3=A4ltstr=C3=B6m?= <paf@netnod.se>
In-Reply-To: <35ED5FAE-A2AA-4F32-9821-23D85D394E75@mnot.net>
Date: Thu, 29 Jan 2015 07:13:06 +0100
Message-Id: <2E350799-102D-4867-98FC-23EDE27C1EB5@netnod.se>
References: <20150127223859.28024.43756.idtracker@ietfa.amsl.com> <4257D8A3-0EFE-40E3-B0AD-8E23772B7693@mnot.net> <6F9BB11D-C224-4D7B-A06C-41EACBAAB4B2@netnod.se> <35ED5FAE-A2AA-4F32-9821-23D85D394E75@mnot.net>
To: Mark Nottingham <mnot@mnot.net>
X-Mailer: Apple Mail (2.2070.6)
Archived-At: <http://mailarchive.ietf.org/arch/msg/ietf/0ObUGBKc3jpwHMw8Z2TZxfAQsGc>
X-Mailman-Approved-At: Thu, 29 Jan 2015 08:33:01 -0800
Cc: ietf@ietf.org
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 29 Jan 2015 06:13:11 -0000

On 29 jan 2015, at 06:33, Mark Nottingham <mnot@mnot.net> wrote:
> 
>> The RRType is registered and can not be changed.
>> 
>> That said, what can be referred to is a "better" registry for services. IETF do not have a registry for services for SRV. If IETF did, then I would have referenced that registry. I think it is "stupid" to create a new registry. This draft refer to the ENUM Service Registry. For SRV no real registry exists, but the DNS-SD people have this: <http://www.dns-sd.org/servicetypes.html>
> 
> I think most of my concern centres around things appearing in the registry without coordination with the community surrounding that service -- such as the Web / HTTP case.

I completely understand.

> I.e., if the URI RR points to a registry, and that registry contains an entry for a service "foo", I expect that applications that implement "foo" should use the URI RR in their operation.
> 
> When this isn't the case, it's not good for interoperability, potential security issues are introduced, and the community of the service often isn't involved in the registration.

The draft and registries for prefixes in DNS (specifically SRV, as I explain above) has been discussed in the apps area of IETF for years, and no resolution of that question have been reached yet. :-(

> So, I'm going to ever-so-gently push back on your characterisation of a new registry here as "stupid."

Oh, sorry, it was not my intention to express things that strongly.

What I think I think (!) is that as we do not have any clear registry for service prefixes in DNS, and SRV has been surviving quite well without, and to some degree also many parts of "the web" community, is it important to have _any_ specific registry? Can this just evolve?

>> Is your suggestion to add more examples? I think that is a fair request that makes lot of sense.
> 
> It'd help, yes. It'd also be good to have the conversation with the Web folks, to see where that goes (perhaps they'll want to support it, but if they don't, it might be good to take that
> example out).

Ok.

>> And on top of that you have already pointed at the issue with lookups in DNS compared to the HTTP transport, where also lots of redirects are common, specifically in CDNs, virtual hosting (www.example.com / example.com is a trivial example of course) etc.
> 
> For now -- note that as we write, the IAB workshop on TCP evolution is considering how to move protocols like HTTP to UDP :)

...and some people want to move DNS to TCP and give up UDP :-)

>> But you also point at a for the IETF sensible issue. When the well known URI was discussed, I did present the URI RRType (and SRV, and NAPTR and...) but as too often happens "the web community" responded with "we can only look up A records". So the use of more efficient mixes of DNS and HTTP to reach the for the user best experience was never really discussed. Not there, not then, not before and not after. :-(
> 
> We've been trying to get discussion going between the HTTP and DNS communities, with limited success. Maybe it's time to try again (e.g., in Dallas as a Bar BoF)?

Yeah, see the discussions around what DNS features are expected in HTTP/2 and I am crying a bit.

Now when we are trying to get a GOOD protocol definition, why can not that include good things from BOTH http and DNS worlds(*)?

  paf

(*) I am thinking of including SRV/URI/whatever higher abstraction layer in DNS in the protocol spec, and "limit" "happy eyeballs" to repeated HTTP transactions over A/AAAA record types. I do not think that discussion have been held, as pushback from web to DNS community feels like "oh no, that is too hard", which is as I know you and I agree about, the wrong answer.