NNPS / TCP port 433

Grant Taylor gtaylor at tnetconsulting.net
Sun Dec 12 17:57:14 UTC 2021 

On 12/11/21 12:57 PM, Julien ÉLIE wrote:
> Making use of SRV records in DNS may be a useful use case for that 
> scenario.

Pursuant to this (sub)thread I spent some time reading a bout Service 
Bindings (SVCB) records [1] to compare and contrast against Service 
(SRV) records.

N.B.  The following is based on my loose understanding of SVCB records. 
It could be wrong or things could change before ratification.

In short, I think that SVCB records /might/ have a little bit of an 
advantage over SRV records.  Mostly in that SVCB directly intends to 
support different protocols across the same service name.

First, the high level overview of SVCB records.

    [[_<port>.]_<scheme>.]<service>.<domain>.<tld>   <TTL>   IN   SVCB 
<SvcPriority>   <TargetName>   <SvcParameters>

Note:
1)  _<scheme> is optional.
2)  _<port> is optional, but requires _<scheme>.

As such, I think that the following would be the SVCB counterpart for 
the _mail._tcp example I shared a little bit ago.

    mail   SVCB   1   imaps.example.net.   alpn=imaps
    mail   SVCB   2   pop3s.example.net.   alpn=pop3s
    mail   SVCB   3   imap.example.net.    alpn=imap
    mail   SVCB   4   pop3.example.net.    alpn=pop3

Additional records to add priority within each given target.

    imaps   SVCB   1   imaps-pri.example.net.   alpn=imaps port=993
    imaps   SVCB   2   imaps-alt.example.net.   alpn=imaps port=10993
    pop3s   SVCB   1   pop3s-pri.example.net.   alpn=pop3s port=995
    pop3s   SVCB   2   pop3s-alt.example.net.   alpn=pop3s port=10995
    imap    SVCB   1   imap-pri.example.net.    alpn=imap port=143
    imap    SVCB   2   imap-alt.example.net.    alpn=imap port=10143
    pop3    SVCB   1   pop3-pri.example.net.    alpn=pop3 port=110
    pop3    SVCB   2   pop3-alt.example.net.    alpn=pop3 port=10110

Note:  The <SvcParameters> options can (but don't have to) specify 
various options, including the port and / or the protocol; IMAPS / POP3S 
/ IMAP / POP3.

The thing that I /think/ that I prefer of SVCB is the inherent use of a 
/single/ service name / QNAME that spans multiple protocols (via the 
`alpn` SvcParameter).

[1] Service binding and parameter specification via the DNS (DNS SVCB 
and HTTPS RRs) - 
https://www.ietf.org/archive/id/draft-ietf-dnsop-svcb-https-03.html



-- 
Grant. . . .
unix || die

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4017 bytes
Desc: S/MIME Cryptographic Signature
URL: <https://lists.isc.org/pipermail/inn-workers/attachments/20211212/40dd27b6/attachment-0001.bin>

More information about the inn-workers mailing list