Re: Link-local connectivity in Web browsers from Michael Sweet on 2024-02-21 (ietf-http-wg@w3.org from January to March 2024)

From: Michael Sweet <msweet@msweet.org>
Date: Wed, 21 Feb 2024 08:24:20 -0500
To: David Schinazi <dschinazi.ietf@gmail.com>
Cc: HTTP Working Group <ietf-http-wg@w3.org>
Message-Id: <AA46BAE0-EEC9-4985-AEFC-DF2423C9E582@msweet.org>

David,

I am neutral about this draft, mainly because it assumes that mDNS will always work and side-steps the very real multiple interface + mDNS issues.

It also is missing the IETF URI WG's first efforts (never adopted but historically relevant):

    https://datatracker.ietf.org/doc/draft-fenner-literal-zone/

Finally, nothing prevents X.509 certificates from being used for mDNS hostnames. The issue is having a suitable trust anchor/CA, which is the focus of the following draft:

    https://datatracker.ietf.org/doc/draft-sweet-iot-acme/

WRT specific guidance about IPv6LL alternatives:

1. mDNS hostnames are generally a useful solution, with the caveat that the network needs to support multicast traffic and the hostnames should include unique identifiers such as MAC addresses to minimize the chances that you'd get duplicate hostnames on different interfaces. And aside from the multiple-interface scenario, there is also the roaming scenario to consider ("router.local" on different networks as you move from place to place).

2. Locally-Unique Addresses (ULAs) can be assigned automatically and are better supported by the various client OS's than the RFC 4007 default scope for link-local addresses.

> On Feb 20, 2024, at 11:53 PM, David Schinazi <dschinazi.ietf@gmail.com> wrote:
> 
> Hi HTTP enthusiasts,
> 
> [I'm creating a separate thread from [1] to avoid further cross-posting.]
> 
> Some of you might have seen various discussions around the use of IPv6 link-local addresses (such as fe80::1234%eth0) in Web browsers. In particular, RFC 6874 had added a way to represent these addresses in URIs. I wasn't involved back then but the published RFC ended up being something that was quite complex to implement safely in browsers, so it didn't get wide support. More recently, draft-ietf-6man-rfc6874bis attempted to create a new URI format for such addresses. Oddly, I didn't see it ever discussed on this list. That draft had other issues in terms of how it handled the Web security model, and ultimately there hasn't been consensus to publish it.
> 
> I think it would be great for us to obsolete RFC 6874 and instead recommend a solution that already works with every browser today: mDNS. So I wrote a draft that does that:
> 
> https://datatracker.ietf.org/doc/draft-schinazi-httpbis-link-local-uri-bcp/
> 
> I'd love to get your thoughts on it!
> 
> Thanks,
> David
> 
> 
> [1] https://lists.w3.org/Archives/Public/ietf-http-wg/2024JanMar/0111.html

________________________
Michael Sweet

Received on Wednesday, 21 February 2024 13:24:37 UTC