Re: WG Review: DNS Over HTTPS (doh)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hi,

On 9/21/17 12:54 AM, Adam Roach wrote:
The issue with putting discovery in this charter is that it's the wrong community of interest and expertise for what you propose. I would imagine that this is the same reason that RFC3315bis is being done in DHC rather than V6OPS (although -- full disclosure -- that decision is a bit outside of what I tend to track).

The IETF has provenance over the DNS standards, and that ought not be so quickly relinquished.  That includes discovery, which we have covered in the past through mechanisms such as DHCP and RA.  We needn't be the only ones to speak on the subject nor need there be only a single method defined within IETF, but not speaking about it at all runs the risk of creating a massive mess for enterprise deployments, because if the wrong resolver is discovered, any number of functions commonly used in enterprises will break, not the least of which would be malware detection.  Perhaps enterprises could put up with that if they knew how to regain the capability, and that ties back to discovery (and scoping).

Within the IETF, because the group isn't formed, you can't say whether or not you have the correct community of interest engaged to do any of the work because you have bypassed the BoF process that asks important questions.  In fact, in this thread, apart from two people (myself and PHB), I'm not sure ANYONE outside the author or the IESG and IAB has actually stood up and said they're interested in this work.  But even putting that aside, because you haven't held a BoF, you don't really know whether or not you will have the right people in the room to handle discovery.  And people are having trouble answering THAT question because the goal is not clear (although mnot seems to have some notions which sound ok).

What bothers me about this discussion is that adding a DHCP option is not difficult, and the current operating model of the dhcp working group is that they don't do options, but leave that to other wgs.  And so you are creating a vacuum for this possibility through the exclusion clause in the charter.

I am not saying that the work has to be done all at once, by the way, or in one document.  The discussion on the IETF list demonstrates, if nothing else, that at least one clear theory of operation should also be documented.

Eliot


Attachment: signature.asc
Description: OpenPGP digital signature

[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Fedora Users]