Thorsten Glaser wrote this message on Thu, Feb 18, 2021 at 20:28 +0100: > On Thu, 18 Feb 2021, James Bottomley wrote: > > > > It???s still a level of indirection that isn???t traditionally used, and > ^^^^^^^^^^^^ > > > SRV is used as a requirement by several protocols today. Xmpp simply > ^^^^^ > > Do you see it? SRV records were defined in RFC2782, Feb 2000. SIP has been documented to use SRV records since June 2002: https://tools.ietf.org/html/rfc3263 XMPP has perfered using SRV since 2011 (RFC6120): https://tools.ietf.org/html/rfc6120#section-3.2.1 Just because **YOU** don't use it, doesn't mean that it isn't in wide deployment and use. I've been using SRV records for over 10 years now on my own domain: date: 2010/11/12 04:12:47; author: jmg; state: Exp; lines: +2 -2 fix SRV record.. required to point to an A record... and I've never had any issues with it either... It just works... as you can tell my initial setup didn't work, but this was a fix to a commit from 4 minutes earlier when I initially set it up.. > > > especially considering name resolution is not just DNS (think > > > /etc/hosts for example). > > > > /etc/host only resolves A and AAAA records, so it would have no impact > > on SRV records at all. > > That???s part of what makes me nervous. If foo.example.com has an SRV RR > and I add an entry for foo.example.com into /etc/hosts to temporarily > locally redirect it, does that mean the hosts entry will be ignored if > SRV RR usage is enabled? > > I can???t see where this will end up in anything other than sysadmin > tears. This is where ssh -v should be explicit and clear where it's getting the IP address and where it's connecting. If you're system is poorly configured, then yes, there will be issues w/ it, and option need to be available to detect it, and fix them as well. -- John-Mark Gurney Voice: +1 415 225 5579 "All that I will do, has been done, All that I have, has not." _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
