On Mon, Feb 25, 2019 at 11:04:31AM -0500, Michael Richardson wrote: > > Phillip Hallam-Baker <phill@xxxxxxxxxxxxxxx> wrote: > > I think that the IETF already has the answer to the problem you are raising. > > But it is spread out so that while the existing standards essentially > > constrain the space, there is no RFC that puts them together and so I wrote > > one myself: > > > https://tools.ietf.org/html/draft-hallambaker-web-service-discovery-00 > > > This has expired but will be replaced in a few hours time. I am in fact > > updating the whole document set right now. > > okay, I see it now, and I'll read it. > > > So my response to Michael is that you don't want your version numbers in the . > > well-known path, you want them in the DNS records because then they can be > > used to select the host to connect to according to capabilities. > > Interesting. I think that I agree. If you're not careful though you might end up having to do a large number of DNS lookups for discovery. That seems OK when you have only one version, and you don't notice. Then you start having various alternatives (e.g., different protocol choices) encoded in DNS. Then you add a version and suddenly realize there's a cartesian product in the discovery protocol. Kerberos has this problem. It sucks. It limits protocol evolution. I would prefer a discovery mechanism where you use SRV, TXT, or URI RRs to discover a service set where you can use HTTP for the remainder of the discovery process. So, lookup _fooapp._discovery.$DOMAIN, use this to find N servers and a URI local-part fragment (or else use a /.well-known URI local-part?), then go GET /fooapp/discovery at any one of them, which should be a static JSON/XML/whatever description of everything else you need. > > Lets say we have 10 hosts and we are upgrading them to a new version of the > > spec over a two year period (licenses sometimes cost money, people always > > do). So we might upgrade 2 hosts to start with and advertise the fact with > > host specific TXT records. See above. I'd rather do a single DNS lookup[*], GET a single static resource from one of the services found via DNS, and find the "these {8 hosts} use version 1, while {these 2 hosts} use versions {1, 2}" information there. [*] Well, it's more than one lookup, but one for the discovery RRs, and one to resolve each service authority domainname. But what I really don't want is to have to do these lookups: _fooapp._http1.$DOMAIN _fooapp._http2.$DOMAIN _fooapp._http3.$DOMAIN and then realize we need a version negotiation and end up with NxM lookups for _$versionappname._$protocol.$DOMAIN Yeah, you can do these lookups concurrently, but you still need to wait for the most-preferred RRset back. It's a lot of work compared to any scheme with just one DNS discovery query. Nico --