Re: [tae] New draft: announcing the supported transports via DNS
"Dan Wing" <dwing@cisco.com> Mon, 05 October 2009 17:44 UTC
Return-Path: <dwing@cisco.com>
X-Original-To: tae@core3.amsl.com
Delivered-To: tae@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id EB5963A6A14 for <tae@core3.amsl.com>; Mon, 5 Oct 2009 10:44:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.498
X-Spam-Level:
X-Spam-Status: No, score=-6.498 tagged_above=-999 required=5 tests=[AWL=0.101, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id X9o0vgAGX0g1 for <tae@core3.amsl.com>; Mon, 5 Oct 2009 10:44:16 -0700 (PDT)
Received: from sj-iport-2.cisco.com (sj-iport-2.cisco.com [171.71.176.71]) by core3.amsl.com (Postfix) with ESMTP id 398043A69A4 for <tae@ietf.org>; Mon, 5 Oct 2009 10:44:15 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=dwing@cisco.com; l=5388; q=dns/txt; s=sjiport02001; t=1254764751; x=1255974351; h=from:sender:reply-to:subject:date:message-id:to:cc: mime-version:content-transfer-encoding:content-id: content-description:resent-date:resent-from:resent-sender: resent-to:resent-cc:resent-message-id:in-reply-to: references:list-id:list-help:list-unsubscribe: list-subscribe:list-post:list-owner:list-archive; z=From:=20"Dan=20Wing"=20<dwing@cisco.com>|Subject:=20RE: =20[tae]=20New=20draft:=20announcing=20the=20supported=20 transports=20via=20DNS|Date:=20Mon,=205=20Oct=202009=2010 :45:44=20-0700|Message-ID:=20<038301ca45e3$aa7ad5b0$c2f02 00a@cisco.com>|To:=20"'Joe=20Touch'"=20<touch@ISI.EDU>, =20<ayourtch@cisco.com>|Cc:=20<tae@ietf.org> |MIME-Version:=201.0|Content-Transfer-Encoding:=207bit |In-Reply-To:=20<4AC9F478.6080308@isi.edu>|References:=20 <Pine.LNX.4.64.0909180057060.5479@zippy.stdio.be>=09<77F0 974F-62CD-411C-96D3-C29E6D872DEA@asomi.com>=09<Pine.LNX.4 .64.0910010305520.3645@zippy.stdio.be>=09<4AC60448.205050 7@isi.edu><Pine.LNX.4.64.0910050457450.6309@zippy.stdio.b e>=20<4AC9F478.6080308@isi.edu>; bh=++dGQ+okPTwLXPXuBNF9pc/4dX9jW3IOqHiPatRWf7o=; b=BzC/1n0tNLpuTazap9wjzR4Uld935AgCPpgU/aJpDnrdewNjGfENJDan z2WAwRaVQlFvnXA7MKqPkG8JJM4ee+3J3Pj/qvogd4AprcbbxWhURqSrd VRsKQ55WSzXiI31n6FsduwEyQRMaBQqjy5EMZn8DtJiiLgmJ25vygt/NB o=;
Authentication-Results: sj-iport-2.cisco.com; dkim=pass (signature verified [TEST]) header.i=dwing@cisco.com
X-IronPort-AV: E=Sophos;i="4.44,507,1249257600"; d="scan'208";a="211179954"
Received: from sj-dkim-4.cisco.com ([171.71.179.196]) by sj-iport-2.cisco.com with ESMTP; 05 Oct 2009 17:45:50 +0000
Received: from sj-core-1.cisco.com (sj-core-1.cisco.com [171.71.177.237]) by sj-dkim-4.cisco.com (8.12.11/8.12.11) with ESMTP id n95HjoIC009697; Mon, 5 Oct 2009 10:45:50 -0700
Received: from xbh-rtp-211.amer.cisco.com (xbh-rtp-211.cisco.com [64.102.31.102]) by sj-core-1.cisco.com (8.13.8/8.14.3) with ESMTP id n95Hhx6m023123; Mon, 5 Oct 2009 17:45:50 GMT
Received: from xfe-rtp-202.amer.cisco.com ([64.102.31.21]) by xbh-rtp-211.amer.cisco.com with Microsoft SMTPSVC(6.0.3790.3959); Mon, 5 Oct 2009 13:45:45 -0400
Received: from dwingwxp01 ([10.32.240.194]) by xfe-rtp-202.amer.cisco.com with Microsoft SMTPSVC(6.0.3790.3959); Mon, 5 Oct 2009 13:45:45 -0400
From: Dan Wing <dwing@cisco.com>
To: 'Joe Touch' <touch@ISI.EDU>, ayourtch@cisco.com
References: <Pine.LNX.4.64.0909180057060.5479@zippy.stdio.be> <77F0974F-62CD-411C-96D3-C29E6D872DEA@asomi.com> <Pine.LNX.4.64.0910010305520.3645@zippy.stdio.be> <4AC60448.2050507@isi.edu><Pine.LNX.4.64.0910050457450.6309@zippy.stdio.be> <4AC9F478.6080308@isi.edu>
Date: Mon, 05 Oct 2009 10:45:44 -0700
Message-ID: <038301ca45e3$aa7ad5b0$c2f0200a@cisco.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Office Outlook 11
Thread-Index: AcpFv8dngAlogiJ3QUm0nGu0FWDWlgAIqokA
In-Reply-To: <4AC9F478.6080308@isi.edu>
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.3350
X-OriginalArrivalTime: 05 Oct 2009 17:45:45.0267 (UTC) FILETIME=[AA6D6830:01CA45E3]
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; l=5388; t=1254764750; x=1255628750; c=relaxed/simple; s=sjdkim4002; h=Content-Type:From:Subject:Content-Transfer-Encoding:MIME-Version; d=cisco.com; i=dwing@cisco.com; z=From:=20=22Dan=20Wing=22=20<dwing@cisco.com> |Subject:=20RE=3A=20[tae]=20New=20draft=3A=20announcing=20t he=20supported=20transports=20via=20DNS |Sender:=20; bh=++dGQ+okPTwLXPXuBNF9pc/4dX9jW3IOqHiPatRWf7o=; b=gZ13ALapPXFrcFvWnHIOyDjLXOYjYDACgL327kDa++ol/4U+Z/aED6Rnj5 hPYp7KyvLvMOwbADsWie/Yi0Da+Lcb9vSyUy9o6Fb4DttFA34HPzoEl3JXWD 19QIAYYcdG;
Cc: tae@ietf.org
Subject: Re: [tae] New draft: announcing the supported transports via DNS
X-BeenThere: tae@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Transport Architecture Evolution <tae.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/tae>, <mailto:tae-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tae>
List-Post: <mailto:tae@ietf.org>
List-Help: <mailto:tae-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tae>, <mailto:tae-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 05 Oct 2009 17:44:18 -0000
> -----Original Message----- > From: tae-bounces@ietf.org [mailto:tae-bounces@ietf.org] On > Behalf Of Joe Touch > Sent: Monday, October 05, 2009 6:28 AM > To: ayourtch@cisco.com > Cc: tae@ietf.org > Subject: Re: [tae] New draft: announcing the supported > transports via DNS > > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > > > Andrew Yourtchenko wrote: > > > > > > On Fri, 2 Oct 2009, Joe Touch wrote: > > > >> -----BEGIN PGP SIGNED MESSAGE----- > >> Hash: SHA1 > >> > >> Some comments below... > >> > >> Andrew Yourtchenko wrote: > >> ... > >>> Also, if we assume "evil middlebox" in the middle, that > decides to drop > >>> this new option, we will have a TCP connection that would > not succeed, > >>> so then still there needs to be a fallback to "plain TCP". > >>> > >>> That's one of the rationales of bringing up the use of > DNS in lieu of a > >>> in-band selection in general - we would still need to be able to > >>> fallback to probing in the worst case (how frequent is > the worst case > >>> would of course need some more investigation). > >> > >> Use of the DNS is problematic on many levels: > >> > >> - - many users have IP addresses they don't control, e.g., > assigned by an > >> ISP, and those ISPs don't offer the ability to register > services with > >> their DNS > > > > Use one of the dynamic DNS services. They exist and work > well for the > > dynamic addresses. The ISP who assigns the IP has not much > to do with > > the forward DNS resolution. > > There are numerous applications that use reverse DNS for verification, > e.g., HTTP name-based access, SSL, etc. Users don't have control over > reverse DNS. Agreed. But how is reverse DNS authentication relevant to selection of a transport protocol? > >> - - you're involving a third party in a two-party problem > > > > It's not a two-party problem - at a minimum because the > policy/protocol > > support on the nodes inbetween will influence the odds of > being able to > > run a new transport. > > Endpoints determine the meaning of a protocol. I can format messages > that look like UDP, and have the endpoints parse them as TCP if I want > - -- e.g., by having the endpoints interpret the transport protocol > numbers accordingly. Intermediate points can think they know what's > going on, and either try to help, block, or whatever, but they can be > fooled. > > I'm also considering other issues - first-contact delay, fault > tolerance, etc. Involving a DNS node on the other side of the > planet in > a shakey ISP might not be in the best interest of the two > endpoints of a connection. draft-wood-tae-specifying-uri-transports meets those requirements, at least as I understand what you have described in this email. > >> - - you still have a bootstrapping problem -- by what > transport do you > >> talk to the DNS? > > > > I already know the addresses of the DNS servers. I know the default > > transport will work. > > Why? Why should DNS have a default transport? > > I know my hosts's domain. Hence I can resolve the > > hostnames of my DNS servers. Hence I can lookup the > transport record, > > and see if they offer something more, that I could try - > keeping in mind > > that it is a suggestion and not an imperative. If it does not work I > > fall back onto using the default transport. > > Hmm. So you can try a default to the DNS, and ask *it* for other > suggestions if it supports them. > > Why isn't this good enough for the two endpoints as well? > > >> - if you solve that for DNS, why not use that solution at the > >> endpoint? > >> > > > > See above. It works, because the lowest common denominator is always > > available. So the DNS can work both for the "upgrade" of > the DNS and on > > the endpoints for the suggestions about the new transports. > > First, the DNS is not always available or desirable. > > Second, if you solve this for the DNS, you can use a similar solution > directly between the endpoints without involving the DNS. > > Third, if you force all endpoints to support a default > transport to talk > to the DNS, you have a default transport to talk to all other > endpoints anyway. I sure would like to see your straw man proposal, because I cannot fathom how you would accomplish this feat. -d > ... > >> It sounds like you've talked yourself out of using the > DNS, or mostly > >> so. Is that the case? > > > > No. What I am saying is that there is a place for both approaches. > > > > In any case, would be interesting to know what constructive > suggestions > > would you have on this topic ? > > > > TCP option "let's kickstart a negotiation for a different > protocol" ? > > How about a SYN for a new protocol that has room for negotiating other > transports? (I see no need - or, as importantly, room, for doing this > inside TCP SYN option space). > > Joe > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.9 (MingW32) > > iEYEARECAAYFAkrJ9HgACgkQE5f5cImnZrvZkgCfcpAWc0DT/uRyvZ/Db51Cn77b > aLcAoO6kLdO8LAPrwynC47OJGIa9siCY > =cKDO > -----END PGP SIGNATURE----- > _______________________________________________ > tae mailing list > tae@ietf.org > https://www.ietf.org/mailman/listinfo/tae >
- Re: [tae] New draft: announcing the supported tra… Caitlin Bestler
- [tae] New draft: announcing the supported transpo… Andrew Yourtchenko
- Re: [tae] New draft: announcing the supported tra… Melinda Shore
- Re: [tae] New draft: announcing the supported tra… Michael Welzl
- Re: [tae] New draft: announcing the supported tra… Joe Touch
- Re: [tae] New draft: announcing the supported tra… Caitlin Bestler
- Re: [tae] New draft: announcing the supported tra… Dan Wing
- Re: [tae] New draft: announcing the supported tra… Joe Touch
- Re: [tae] New draft: announcing the supported tra… Dan Wing
- Re: [tae] New draft: announcing the supported tra… Joe Touch
- Re: [tae] New draft: announcing the supported tra… Dan Wing
- Re: [tae] New draft: announcing the supported tra… Joe Touch
- Re: [tae] New draft: announcing the supported tra… Dan Wing
- Re: [tae] New draft: announcing the supported tra… Caitlin Bestler
- Re: [tae] New draft: announcing the supported tra… Caitlin Bestler
- Re: [tae] New draft: announcing the supported tra… Caitlin Bestler
- Re: [tae] New draft: announcing the supported tra… Dan Wing
- Re: [tae] New draft: announcing the supported tra… Dan Wing
- Re: [tae] New draft: announcing the supported tra… Caitlin Bestler
- Re: [tae] New draft: announcing the supported tra… Caitlin Bestler
- Re: [tae] New draft: announcing the supported tra… Michael Welzl
- Re: [tae] New draft: announcing the supported tra… Joe Touch
- Re: [tae] New draft: announcing the supported tra… Joe Touch
- Re: [tae] New draft: announcing the supported tra… Andrew Yourtchenko
- Re: [tae] New draft: announcing the supported tra… Andrew Yourtchenko
- Re: [tae] New draft: announcing the supported tra… Andrew Yourtchenko
- Re: [tae] New draft: announcing the supported tra… Joe Touch
- Re: [tae] New draft: announcing the supported tra… Andrew Yourtchenko
- Re: [tae] New draft: announcing the supported tra… Joe Touch
- Re: [tae] New draft: announcing the supported tra… Dan Wing
- Re: [tae] New draft: announcing the supported tra… Andrew Yourtchenko
- Re: [tae] New draft: announcing the supported tra… Joe Touch
- Re: [tae] New draft: announcing the supported tra… Joe Touch
- Re: [tae] New draft: announcing the supported tra… Dan Wing