Re: [DNSOP] SRV and HTTP

> > On 11 Jul 2018, at 11:30 am, Mark Andrews <marka@isc.org> wrote:
> >
> > > > On 11 Jul 2018, at 3:55 am, Joe Abley <jabley@hopcount.ca> wrote:
> > > >
> > > > *cups hand to ear*
> > > > 
> > > > Was that the sound of a distant desire to specify use of SRV for
> > > > HTTP?
> > 
> > I think there are three main objections.
> > 
> > 1) Wildcards don’t work with prefixes.
> > 2) Additional data isn’t always returned it may require multiple round trips.
> > 3) Additional data processing doesn’t support negative responses.
> > 
> > All of these issues are trivially easy to fix.  It just require willingness to implement.
> > 
> > 1) is addressed by defining a new type(s) rather than using prefixes.

While that is correct, and truly, it is trivial to implement, it is not
trivial to deploy: too many DNS hosting providers would have to update
UIs.

Let me add my voice in favor of new RR types by which to replace SRV
RRs.  URI is one of them, for the sorts of things we do in Kerberos for
KDC discovery, but no really appropriate for resolving HTTP authorities.

> > 2) is addressed by getting recursive servers to fill in missing additional data before returning.  Named has code in review for this for SRV as proof of concept.

That would be very nice indeed.  Unbound will need that too.

> > 3) is addressed by adding some signalling between the client and recursive server to indicate if the additional section is complete or not.

Well, OK, but as with (2) that requires recursive resolver critical
mass.  Not necessarily a big deal, though it will take enough time that
many apps will need to support falling back to doing multiple queries
one by one.

Nico
-- 

Received on Wednesday, 11 July 2018 21:24:57 UTC