Re: What is the right way to do Web Services discovery?

Phillip Hallam-Baker <> Wed, 23 November 2016 01:38 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 4D375120727 for <>; Tue, 22 Nov 2016 17:38:10 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.699
X-Spam-Status: No, score=-1.699 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FREEMAIL_FORGED_FROMDOMAIN=0.199, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=no autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (2048-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id juJoGTZ0ZDuo for <>; Tue, 22 Nov 2016 17:38:09 -0800 (PST)
Received: from ( [IPv6:2a00:1450:400c:c01::22e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id E0E521296A5 for <>; Tue, 22 Nov 2016 17:37:42 -0800 (PST)
Received: by with SMTP id v7so52542429wjy.2 for <>; Tue, 22 Nov 2016 17:37:42 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20120113; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to:cc; bh=0eny9tCUgFNSqEgwGUBbmR+wrpxy4+wNAmjEdgc8Yuw=; b=hEZ/SqKxai9MySQhUbj5FRdYLl9ZzDVl3WZ9wDeseXBsgUaMO2HPdVZcH7+7TqjdA6 KqN78cSFF1o91gKWFNpJKUXMfuKmvCdf/Bnbzfp4tTXh+n9AIPlu7hznMDGnAQKfQYhJ tXzYbl5FSAdA/VwCRl+iFNd8onLQ/GLnrIFlgbSlIoRoq1JLD/eEw5X31OTApzPNEUAg OTiztuM9iLHELfugHxr4BVWWrzIjjaPuaU2ZaAWthZAkU5VzOzhhKkB/n4Zd4gf+KylI EDwsN1gyYXqKgsTanNc6ypgbF1Iye6lw26RkVR7wZk039E3JNCQUVotxR1lnRLwRdGNS oeUg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20130820; h=x-gm-message-state:mime-version:sender:in-reply-to:references:from :date:message-id:subject:to:cc; bh=0eny9tCUgFNSqEgwGUBbmR+wrpxy4+wNAmjEdgc8Yuw=; b=Sw65JDC93trpfMX+/2KU7WYvLr8p5lw59NPK7m3Q6b8g6ijy956XeWz38u8E/O6jOv ltV6oYK7hnJFdRj84umHTZEhFbUksmFm6YE71r5qxD3mUI4E5VUUYeWaKB2Mrh5MZV6V 65QctSbzQXiNdTI6UKZl9ekzuxxpT7XfmuRr858XVxSNOMDaBvhH7zuS/jKmJNiQre58 UE7d09vToXtwu9sZgDPqUmAQHqvwwdROi7XMxrmkyFlx0fkBslFxvR2zLHNUEkCXESmA WLT7XTn56/pMm9/I+/CoMBy3l3oqRhePsTfTueLwH65j6GbxzJj+QBjDwriizsYto5PW 16Eg==
X-Gm-Message-State: AKaTC02940ko/XtYoY+idni2HiZ/PL8sSTs4QGYvOccR/iTKRoPnpU3bSKEJ1njnM3ecGQLA10f69qyaYAMYHQ==
X-Received: by with SMTP id cs5mr1027317wjc.6.1479865061439; Tue, 22 Nov 2016 17:37:41 -0800 (PST)
MIME-Version: 1.0
Received: by with HTTP; Tue, 22 Nov 2016 17:37:40 -0800 (PST)
In-Reply-To: <>
References: <> <> <>
From: Phillip Hallam-Baker <>
Date: Tue, 22 Nov 2016 20:37:40 -0500
X-Google-Sender-Auth: w_HKkehA3xyeAe1ZpNuEzLcKyqY
Message-ID: <>
Subject: Re: What is the right way to do Web Services discovery?
To: Ted Lemon <>
Content-Type: multipart/alternative; boundary="089e0141a5244d882d0541edefd6"
Archived-At: <>
Cc: IETF Discussion Mailing List <>, Jared Mauch <>
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: IETF-Discussion <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Wed, 23 Nov 2016 01:38:10 -0000

On Tue, Nov 22, 2016 at 2:52 PM, Ted Lemon <> wrote:

> I assume y'all have read RFC 6763...

​Yes, and it leaves more questions than answers.​

​The question of whether SRV records work as a http redirect or a dns
redirect is not considered. Nor is the interaction with TLS.

As a discovery technique is an example of
pointless hierarchy. does the same job better. The
decision to use HTTP protocol should be an outcome from the discovery
process, not an input. Same for TCP but that is water under the bridge.

​What it does nail down is that we should be using SRV and TXT.

On Tue, Nov 22, 2016 at 2:03 PM, Joe Touch <> wrote:

> Hi, all,
> I'm curious as well, esp. from the perspective of IANA ports.
> IMO, HTTP is missing two key capabilities:
>     - a portmapper service, like RPC (yes, this could be mDNS, basically)
>     - a coordination service, to allow processes to register to handle
> subtrees of the URN namespace while sharing a port
​The second is actually a platform feature on Windows, has been since

​Processes can register for HTTP subtrees in the exact same manner as ports
only with the advantage that unlike ports, they are controlled using ACLs.

The first is something I have actually built but that just adds another
layer of indirection. Basically, all of my protocols use multilayer
security. I don't chose between TLS and end-to-end, I use both. I also use
data level encryption.