IETF Logo Mail Archive

Re: [dnsext] SRV and wildcard CNAME

Mark Andrews <marka@isc.org> Mon, 21 February 2011 04:25 UTC

Return-Path: <dnsext-bounces@ietf.org>
X-Original-To: namedroppers-archive-gleetwall6@lists.ietf.org
Delivered-To: ietfarch-namedroppers-archive-gleetwall6@core3.amsl.com
Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 0D63F3A6F11; Sun, 20 Feb 2011 20:25:15 -0800 (PST)
X-Original-To: dnsext@core3.amsl.com
Delivered-To: dnsext@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id A11F33A6F11 for <dnsext@core3.amsl.com>; Sun, 20 Feb 2011 20:25:13 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.716
X-Spam-Level:
X-Spam-Status: No, score=-1.716 tagged_above=-999 required=5 tests=[AWL=0.883, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZCRt-W95JgN3 for <dnsext@core3.amsl.com>; Sun, 20 Feb 2011 20:25:12 -0800 (PST)
Received: from mx.pao1.isc.org (mx.pao1.isc.org [IPv6:2001:4f8:0:2::2b]) by core3.amsl.com (Postfix) with ESMTP id 89FD33A6EC0 for <dnsext@ietf.org>; Sun, 20 Feb 2011 20:25:12 -0800 (PST)
Received: from bikeshed.isc.org (bikeshed.isc.org [IPv6:2001:4f8:3:d::19]) (using TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 bits)) (Client CN "bikeshed.isc.org", Issuer "ISC CA" (verified OK)) by mx.pao1.isc.org (Postfix) with ESMTPS id A703FC941A; Mon, 21 Feb 2011 04:25:41 +0000 (UTC) (envelope-from marka@isc.org)
Received: from drugs.dv.isc.org (drugs.dv.isc.org [IPv6:2001:470:1f00:820:ea06:88ff:fef3:4f9c]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by bikeshed.isc.org (Postfix) with ESMTPSA id 3C745216C1E; Mon, 21 Feb 2011 04:25:41 +0000 (UTC) (envelope-from marka@isc.org)
Received: from drugs.dv.isc.org (localhost [127.0.0.1]) by drugs.dv.isc.org (Postfix) with ESMTP id 0AE4EA6CFFF; Mon, 21 Feb 2011 15:25:37 +1100 (EST)
To: Masataka Ohta <mohta@necom830.hpcl.titech.ac.jp>
From: Mark Andrews <marka@isc.org>
References: <20110216032120.43474.qmail@joyce.lan> <alpine.LSU.2.00.1102161143180.5244@hermes-1.csi.cam.ac.uk> <20110216212930.57D64A3F344@drugs.dv.isc.org> <4D5D24F3.70206@gis.net> <20110217231720.1FCF3A49096@drugs.dv.isc.org> <4D5E08E4.8060106@necom830.hpcl.titech.ac.jp> <AANLkTikjBvndD91q1jQeU9Q45qZyJbBs8t_wZkFezSfa@mail.gmail.com> <4D61B702.7060902@necom830.hpcl.titech.ac.jp> <20110221011731.F0FE0A6B00F@drugs.dv.isc.org> <4D61C45E.7000506@necom830.hpcl.titech.ac.jp> <20110221022950.BE88CA6B2DD@drugs.dv.isc.org> <4D61D194.9040804@necom830.hpcl.titech.ac.jp> <4D61D350.9040401@maxqe.com> <4D61E272.1050600@necom830.hpcl.titech.ac.jp>
In-reply-to: Your message of "Mon, 21 Feb 2011 12:56:34 +0900." <4D61E272.1050600@necom830.hpcl.titech.ac.jp>
Date: Mon, 21 Feb 2011 15:25:36 +1100
Message-Id: <20110221042537.0AE4EA6CFFF@drugs.dv.isc.org>
Cc: dnsext@ietf.org
Subject: Re: [dnsext] SRV and wildcard CNAME
X-BeenThere: dnsext@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: DNS Extensions working group discussion list <dnsext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/dnsext>, <mailto:dnsext-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dnsext>
List-Post: <mailto:dnsext@ietf.org>
List-Help: <mailto:dnsext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsext>, <mailto:dnsext-request@ietf.org?subject=subscribe>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: dnsext-bounces@ietf.org
Errors-To: dnsext-bounces@ietf.org

In message <4D61E272.1050600@necom830.hpcl.titech.ac.jp>, Masataka Ohta writes:
> Larry Brower wrote:
> 
> > I disagree, I say you are wasting it. Mark told you why it was a bad
> > idea and you just want to argue the point.
> 
> It was already argued before Mark's first response:
> 
> > Non existent protocols are not a problem, because they just do
> > not work, which is fine.
> > The problem is that protocols used share a port.
> > However, as the only protocol which may be used by *LAZY* users,
> > other than http, is https, it may share the same port as http,
> > if servers are implemented to distinguish them by the first
> > byte of the request.
> 
> and, again, just after Mark's first response:
> 
> > When the protocols used at the domain are http and https only,
> > nothing break.
> 
> Protocols not used at a domain can not break at the domain,
> because they are not used.
> 
> But Mark *REPEATED* his unfounded statement, which is
> the waste of bandwidth.

When the discovery phase of the protocol returns a answer when it
shouldn't have you have broken the protocol regardless of whether
it would ultimately succeed or not.  Additionally no one has the
ability to foresee future needs.

I re-iterate.  Wildcards SRV records are a bad idea.

Mark
-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: marka@isc.org
_______________________________________________
dnsext mailing list
dnsext@ietf.org
https://www.ietf.org/mailman/listinfo/dnsext

v2.23.0 | Report a Bug | By Email