Re: [Uri-review] Proposed scheme registration: sdns (DNS stamps)

Ted Hardie <ted.ietf@gmail.com> Wed, 24 October 2018 16:32 UTC

Return-Path: <ted.ietf@gmail.com>
X-Original-To: uri-review@ietfa.amsl.com
Delivered-To: uri-review@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0A4BD130E47 for <uri-review@ietfa.amsl.com>; Wed, 24 Oct 2018 09:32:26 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4IGoSdmIqsZU for <uri-review@ietfa.amsl.com>; Wed, 24 Oct 2018 09:32:24 -0700 (PDT)
Received: from mail-ot1-x334.google.com (mail-ot1-x334.google.com [IPv6:2607:f8b0:4864:20::334]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DF26E126DBF for <uri-review@ietf.org>; Wed, 24 Oct 2018 09:32:23 -0700 (PDT)
Received: by mail-ot1-x334.google.com with SMTP id c23so5637205otl.9 for <uri-review@ietf.org>; Wed, 24 Oct 2018 09:32:23 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=1351Y4PjG0A8c11WDyoZFLgSZiPg/dPJTIcfVjfNX7A=; b=tk5JdJZkIambX+vMGaQpdvA+NzqiYHOHOYYHRCrsfdIkILUbgPof6bX8qnHKcqztm3 Qn5Fzc+WhzUyoeIL8fm5GWWM0i6gP4g1Sr6eWVGFf7BWnOvDwPlNV1x3rRITkXTyS8JO 85+6JezkyWxDu/+BNsPLkOJKRURmo4jXe/chHCfBAclbtXr/TdFMITgZYdz+pWWMMOQw BBBVRaCR/g+2gRu0GTo/mTQ4wZQC8n3ADF/WuJOx/9ZQLtJnDfq27xD7rAe+bypjfdBi tHOtmDwr+CBKJueuEcbBFFDZ00fw6uBuzCGxgWVkk8ffQr3AY4wsx6sk38xqB6GjpsfK Xszw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=1351Y4PjG0A8c11WDyoZFLgSZiPg/dPJTIcfVjfNX7A=; b=CBMq2kuxnQUZV6B1EViYIvBCjNyfagp/dZE4P+ZqcGIKAB7k9xzM3//XC9PumOMyVZ u5FlN2lOheWGvPOO0msROYfb2cJupu1UCe+c77pvvTRuThl/YcXDOAG9hmaRumI77qRu CCWSacW11kk2i0DL25F3VXIMQyleK2XfnnyQHj9yHSrcDs9DWr2fggquIKrzctlx+ut6 NfA2TPwVk97OlAQmzkLv6qI+1MVDKSLst3yXlCBzdKHyBq1ccp/F9yfCivb4yGMPkeHL SxexEAbWNiQ5cnkJYGJ/WHag+62Itbul5gUHwAXtbv1U9ItA4BzmAvjj33FWTe3Wm1/E dLqg==
X-Gm-Message-State: AGRZ1gJvE9TSh9hGmiMoK52+AcMAJs3Hp9FGBVzZiZByT1dOMU/2Q0WD P1sutVzR4xx8hDFQ9ATy31eXvlAtAIWsk3ujms5mvD5Q
X-Google-Smtp-Source: AJdET5d/HFuWG4cRpwJuL1RodfQpUDNM/pcrnQ6xWCOG09fhruR0PzaHqnXaKkYA+b5kUAm0EMHskaTlvXEKXU707cE=
X-Received: by 2002:a9d:7386:: with SMTP id j6mr2209380otk.188.1540398742983; Wed, 24 Oct 2018 09:32:22 -0700 (PDT)
MIME-Version: 1.0
References: <20181024155855.4v4s4lwov4luufrs@msync.c9x.org>
In-Reply-To: <20181024155855.4v4s4lwov4luufrs@msync.c9x.org>
From: Ted Hardie <ted.ietf@gmail.com>
Date: Wed, 24 Oct 2018 09:31:55 -0700
Message-ID: <CA+9kkMAwX1uDguV43MgNbHdz8MyEE-kDa2+k=JmVFas+6=7p8A@mail.gmail.com>
To: ietf=40dnscrypt.info@dmarc.ietf.org
Cc: uri-review@ietf.org
Content-Type: multipart/alternative; boundary="000000000000e3575c0578fc079e"
Archived-At: <https://mailarchive.ietf.org/arch/msg/uri-review/WApcXkVcreGXRO_nD_sFsLbSzSc>
Subject: Re: [Uri-review] Proposed scheme registration: sdns (DNS stamps)
X-BeenThere: uri-review@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Proposed URI Schemes <uri-review.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/uri-review>, <mailto:uri-review-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/uri-review/>
List-Post: <mailto:uri-review@ietf.org>
List-Help: <mailto:uri-review-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/uri-review>, <mailto:uri-review-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 24 Oct 2018 16:32:27 -0000

Hi Frank,

Thanks for sending the proposal to the list.  A couple of high level
comments.

First, the syntax you present uses //, which doesn't seem to be correct to
me.  If I'm reading the specification correctly, the URL doesn't have a
hierarchical part and does not rely on an authority section (which is what
the // delimits in RFC 3986 syntax).

2nd, it's not clear in the description of addresses how they would be fed
into the algorithm you provide in some of the corner cases.  For example:

"addr is the IP address of the server. It can be an empty string, or just a
port number."  Is the port number represented with a preceding colon?

For IPv6 hosts which use [ and ] as delimeters, is the input URL-encoded
before being base64 encoded?  Are scopes permitted?

For hostname, the document says  that hostname is the server host name
which will also be used as a SNI name.  If the hostname uses one of the
IDNA characters outside the URL-permitted range, is it encoded with URL
encoding or punycode?

As a stylistic note, I think sdns is likely to be confused with the
existing dns scheme name, and I would suggest using "dns-stamps" for
additional clarity.

Thanks again for the opportunity to comment,

Ted Hardie


On Wed, Oct 24, 2018 at 9:00 AM Frank Denis <ietf=
40dnscrypt.info@dmarc.ietf.org>; wrote:

> Scheme name: sdns
>
> Status: Provisional
>
> Applications/protocols that use this scheme name: stub DNS resolvers and
> DNS proxies
>
> Contact: Frank Denis <ietf@dnscrypt.info>;
>
> Change controller: Frank Denis <ietf@dnscrypt.info>;
>
> References: https://dnscrypt.info/stamps-specifications/
>
> Scheme syntax: sdns://<base64 encoded parameters>
>
> Scheme semantics:
> The scheme is used to encode parameters required for a DNS client to
> securely connect to an upstream server, in a protocol-independent way.
>
> Encoding consideration:
> URIs are guaranteed to only contain characters from the URL-safe variant
> of Base64.
>
> Interoperability considerations: None
>
> Security considerations:
> Clients must verify the authenticity and integrity of URIs before using
> them.
>
> _______________________________________________
> Uri-review mailing list
> Uri-review@ietf.org
> https://www.ietf.org/mailman/listinfo/uri-review
>