Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

MSC1708: .well-known support for server name resolution #1708

Merged
merged 12 commits into from
Jan 14, 2019
Merged

MSC1708: .well-known support for server name resolution #1708

merged 12 commits into from
Jan 14, 2019

Conversation

richvdh
Copy link
Member

@richvdh richvdh commented Nov 5, 2018
edited
Loading

@richvdh richvdh added proposal-wip proposal A matrix spec change proposal labels Nov 5, 2018
@richvdh
Copy link
Member Author

richvdh commented Nov 6, 2018

Thanks for the quick feedback @turt2live !

@richvdh richvdh moved this from To Do to In Progress: Planned Project Work in Superceded by https://github.com/orgs/matrix-org/projects/8 Nov 8, 2018
@richvdh richvdh self-assigned this Nov 8, 2018
jcgruenhage
jcgruenhage reviewed Nov 9, 2018
View reviewed changes
proposals/1708-well-known-for-federation.md Outdated Show resolved Hide resolved
proposals/1708-well-known-for-federation.md Show resolved Hide resolved
proposals/1708-well-known-for-federation.md Outdated Show resolved Hide resolved
proposals/1708-well-known-for-federation.md Outdated Show resolved Hide resolved
maxidorius
maxidorius reviewed Nov 12, 2018
View reviewed changes
proposals/1708-well-known-for-federation.md Outdated Show resolved Hide resolved
proposals/1708-well-known-for-federation.md Outdated Show resolved Hide resolved
proposals/1708-well-known-for-federation.md Outdated Show resolved Hide resolved
proposals/1708-well-known-for-federation.md Outdated Show resolved Hide resolved
proposals/1708-well-known-for-federation.md Show resolved Hide resolved
@erikjohnston

This comment has been minimized.

Sign in to view
@jevolk

This comment has been minimized.

Sign in to view
@jcgruenhage
Copy link
Contributor

A note on all the let's look what the rest of the world is doing: Apparently the IETF has decided that DNSSEC+DANE is not enough for SMTP, so they created MTA-MTS, which is basically the same as this proposal, getting trust from .well-known.

Source: https://datatracker.ietf.org/doc/rfc8461/

@jevolk

This comment has been minimized.

Sign in to view
@jcgruenhage

This comment has been minimized.

Sign in to view
@richvdh richvdh mentioned this pull request Dec 6, 2018
Merged
jcgruenhage
jcgruenhage reviewed Dec 6, 2018
View reviewed changes
Copy link
Contributor

@jcgruenhage jcgruenhage left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Since #1711 is very important and this spec change is considered a pre-requisite for it, I'll try to move forward here: I'd be in favour of matrix-sts (matrix-strict transport security), instead of this PR, based on RFC8461. The goal would not be to move the delegation out of DNS to .well-known, but to confirm it via .well-known. Does that sound like an okay option?

@jcgruenhage jcgruenhage mentioned this pull request Dec 10, 2018
Closed
@richvdh
Copy link
Member Author

richvdh commented Dec 11, 2018

@jcgruenhage it's certainly something worth considering. I'd need to be convinced it actually represents a material improvement over what's suggested here. I haven't been yet, and my questions would depend on how exactly you envision it working...

@mscbot
Copy link
Collaborator

mscbot commented Jan 14, 2019

The final comment period, with a disposition to merge, as per the review above, is now complete.

@mscbot mscbot removed the final-comment-period This MSC has entered a final comment period in interest to approval, postpone, or delete in 5 days. label Jan 14, 2019
@turt2live turt2live merged commit fe4928c into master Jan 14, 2019
Superceded by https://github.com/orgs/matrix-org/projects/8 automation moved this from Review to Done - Operations Jan 14, 2019
@turt2live turt2live mentioned this pull request Jan 15, 2019
Closed
@neilisfragile neilisfragile moved this from Done - Operations to Done - Planned Project in Superceded by https://github.com/orgs/matrix-org/projects/8 Jan 16, 2019
@turt2live turt2live mentioned this pull request Jan 16, 2019
Closed
@richvdh richvdh removed their assignment Jan 17, 2019
turt2live added a commit that referenced this pull request Jan 31, 2019
@turt2live
Specify .well-known s2s discovery and X.509 validation
0347e87 
Original proposals:
* #1708 (note: the JSON requirements were softened by #1824)
* #1711

Implementation proofs:
* matrix-org/synapse#4489
* No explicit PRs for MSC1711 could be found, however Synapse is known to implement it.

There are no intentional changes which differ from the proposals in this commit, however the author has relied upon various historical conversations outside of the proposals to gain the required context. Inaccuracies introduced by the author are purely accidental.
@turt2live turt2live mentioned this pull request Jan 31, 2019
Merged
@rektide
Copy link

rektide commented Mar 2, 2019
edited
Loading

This spec violates RFC5785 Defining Well-Known Uniform Resource Identifiers (URIs) by claiming direct use of the /.well-known uri.

According to rfc5785,

A well-known URI is a URI [RFC3986] whose path component begins with
the characters "/.well-known/", and whose scheme is "HTTP", "HTTPS",
or another scheme that has explicitly been specified to use well-
known URIs.

Applications that wish to mint new well-known URIs MUST register
them, following the procedures in Section 5.1.

For example, if an application registers the name 'example', the
corresponding well-known URI on 'http://www.example.com/' would be
'http://www.example.com/.well-known/example'.

This specification should be updated to conform to acceptable use of the .well-known resource space defined by RFC5785. Instead of trying to serve Matrix's json document on /.well-known, it could perhaps instead serve on /.well-known/matrix, for example.

RFC5785 goes as far as to directly contradict the behavior MSC1708 opted for, in directly using /.well-known:

Note that this specification does not define a format or media-type
for the resource located at "/.well-known/" and clients should not
expect a resource to exist at that location.

There should be no resource available on /.well-known.

Please update this specification to more respectfully cooperate & interoperate with other well-known resources a server might have. Claiming the /.well-known resource prevents this cleanly operation with others.

/cc @richvdh

@ara4n
Copy link
Member

ara4n commented Mar 2, 2019

@rektide i’m failing to follow. this MSC only specs behaviour for the https://<server_name>/.well-known/matrix/server path?

@jcgruenhage
Copy link
Contributor

afaict, the first point is valid, that document specifies that someone from the spec core team should write an email to those people over at IETF to get their approval. It is unfortunate that this concern has only been brought forward after this proposal has only landed in production though.

@rektide
Copy link

rektide commented Mar 5, 2019

My apologies all. @ara4n is right. I mis-read these changes. this line backs up what @ara4n is saying, that this is for a /.well-known/matrix/server resource. The references to the .well-known resource in the specification threw me off a bit; I mistakenly thought /.well-known was the resource: this is not the case. Thanks all for the help & correction.

It would be good to get this particular well-known resource registered with IANA. 🤞

@ara4n
Copy link
Member

ara4n commented Mar 5, 2019

np. have filed a bug at #1914 for that IANA dance.

@richvdh richvdh added merged A proposal whose PR has merged into the spec! and removed disposition-merge finished-final-comment-period proposal A matrix spec change proposal proposal-in-review labels Mar 6, 2019
@erikjohnston erikjohnston mentioned this pull request Mar 6, 2019
Merged
@jryans jryans added the proposal A matrix spec change proposal label Mar 7, 2019
@richvdh richvdh mentioned this pull request Jul 29, 2019
Closed
@turt2live turt2live added the kind:feature MSC for not-core and not-maintenance stuff label Apr 20, 2020
@KitsuneRal KitsuneRal mentioned this pull request Jun 22, 2021
Closed
@afranke afranke deleted the rav/proposal/well-known-for-federation branch September 22, 2021 10:35
@richvdh
Copy link
Member Author

richvdh commented Jan 7, 2022

For links: the order of SRV and .well-known lookups were changed by MSC1831.

@turt2live turt2live mentioned this pull request Apr 14, 2020
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@turt2live turt2live turt2live left review comments

@ara4n ara4n ara4n left review comments

@jevolk jevolk jevolk left review comments

@aaronraimist aaronraimist aaronraimist left review comments

@jcgruenhage jcgruenhage jcgruenhage left review comments

@erikjohnston erikjohnston erikjohnston left review comments

@maxidorius maxidorius maxidorius left review comments

@uhoreg uhoreg uhoreg approved these changes

@KitsuneRal KitsuneRal KitsuneRal approved these changes

Assignees
No one assigned
Labels
kind:feature MSC for not-core and not-maintenance stuff merged A proposal whose PR has merged into the spec! proposal A matrix spec change proposal
Projects
No open projects
Superceded by https://github.com/orgs...
  
Done - Planned Project
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet