I assume y'all have read RFC 6763...
Yes, and it leaves more questions than answers.
The question of whether SRV records work as a http redirect or a dns redirect is not considered. Nor is the interaction with TLS.
As a discovery technique _fred._http._tcp.example.com is an example of pointless hierarchy. _fred.example.com does the same job better. The decision to use HTTP protocol should be an outcome from the discovery process, not an input. Same for TCP but that is water under the bridge.
What it does nail down is that we should be using SRV and TXT.
On Tue, Nov 22, 2016 at 2:03 PM, Joe Touch <touch@xxxxxxx> wrote:
Hi, all,
I'm curious as well, esp. from the perspective of IANA ports.
IMO, HTTP is missing two key capabilities:
- a portmapper service, like RPC (yes, this could be mDNS, basically)
- a coordination service, to allow processes to register to handle subtrees of the URN namespace while sharing a port
The second is actually a platform feature on Windows, has been since Vista.
Processes can register for HTTP subtrees in the exact same manner as ports only with the advantage that unlike ports, they are controlled using ACLs.
The first is something I have actually built but that just adds another layer of indirection. Basically, all of my protocols use multilayer security. I don't chose between TLS and end-to-end, I use both. I also use data level encryption.