IETF Logo Mail Archive

Re: [pcp] DNS Indirection

"Dan Wing" <dwing@cisco.com> Fri, 18 February 2011 18:57 UTC

Return-Path: <dwing@cisco.com>
X-Original-To: pcp@core3.amsl.com
Delivered-To: pcp@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 8150B3A6E66 for <pcp@core3.amsl.com>; Fri, 18 Feb 2011 10:57:03 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -110.599
X-Spam-Level:
X-Spam-Status: No, score=-110.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id x-rvyX-5ZVIY for <pcp@core3.amsl.com>; Fri, 18 Feb 2011 10:57:02 -0800 (PST)
Received: from sj-iport-4.cisco.com (sj-iport-4.cisco.com [171.68.10.86]) by core3.amsl.com (Postfix) with ESMTP id AFAE53A6E1F for <pcp@ietf.org>; Fri, 18 Feb 2011 10:57:02 -0800 (PST)
Authentication-Results: sj-iport-4.cisco.com; dkim=neutral (message not signed) header.i=none
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: AgYBAJ5PXk2rR7Ht/2dsb2JhbACXXIFljGRzn2ObN4VeBIUL
X-IronPort-AV: E=Sophos;i="4.62,188,1297036800"; d="scan'208";a="262050684"
Received: from sj-core-1.cisco.com ([171.71.177.237]) by sj-iport-4.cisco.com with ESMTP; 18 Feb 2011 18:57:32 +0000
Received: from dwingWS ([10.32.240.194]) by sj-core-1.cisco.com (8.13.8/8.14.3) with ESMTP id p1IIvUjX017924; Fri, 18 Feb 2011 18:57:31 GMT
From: Dan Wing <dwing@cisco.com>
To: mohamed.boucadair@orange-ftgroup.com, pcp@ietf.org
References: <3155_1298014995_4D5E2313_3155_348950_1_94C682931C08B048B7A8645303FDC9F33C444C8C5F@PUEXCB1B.nanterre.francetelecom.fr>
In-Reply-To: <3155_1298014995_4D5E2313_3155_348950_1_94C682931C08B048B7A8645303FDC9F33C444C8C5F@PUEXCB1B.nanterre.francetelecom.fr>
Date: Fri, 18 Feb 2011 10:57:29 -0800
Message-ID: <0ab201cbcf9d$b2414c30$16c3e490$@com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Office Outlook 12.0
Thread-Index: AcvPP3/kiIaFko4xRQSDjrN8nhXyAAAXXPhg
Content-Language: en-us
Subject: Re: [pcp] DNS Indirection
X-BeenThere: pcp@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: PCP wg discussion list <pcp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/pcp>, <mailto:pcp-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/pcp>
List-Post: <mailto:pcp@ietf.org>
List-Help: <mailto:pcp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/pcp>, <mailto:pcp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 18 Feb 2011 18:57:03 -0000

> -----Original Message-----
> From: pcp-bounces@ietf.org [mailto:pcp-bounces@ietf.org] On Behalf Of
> mohamed.boucadair@orange-ftgroup.com
> Sent: Thursday, February 17, 2011 11:43 PM
> To: pcp@ietf.org
> Subject: [pcp] DNS Indirection
> 
> Dear all,
> 
> We would like to have a feedback about an open question we have in
> http://tools.ietf.org/html/draft-bpw-pcp-dhcp-02 (Section 5.2):
> 
>       [Ed.  Is there a value to consider a level of indirection (e.g.,
>       SRV)? (1) to use an arbitrary port number for PCP Server instead
>       of the default port, (2) detect whether a security channel is in
>       use (using the transport protocol)]
> 
> The current text assumes there is no indirection.

There is value in SRV.  But there is additional complexity and additional
failure modes.  To my knowledge the only (relatively) widely deployed
application that uses SRV in real life is XMPP.  Just last year, Cisco 
bumped into a bug where our devices borked SRV responses that were 
longer than expected.  (1) would be neat to have, but I am not convinced
we necessarily need it.  (2) can be done without SRV; lots of protocols
without SRV already negotiate or force upgrading to a secure channel.

I vote for K.I.S.S.  That is, don't do SRV.

-d

v2.23.0 | Report a Bug | By Email