[Docs] [txt|pdf|xml|html] [Tracker] [Email] [Diff1] [Diff2] [Nits]

Versions: 00 01 02 03 04 05

Network Working Group                                        C. Jennings
Internet-Draft                                             Cisco Systems
Intended status:  Informational                            March 7, 2009
Expires:  September 8, 2009


                        DNS SRV Records for HTTP
                       draft-jennings-http-srv-05

Status of this Memo

   This Internet-Draft is submitted to IETF in full conformance with the
   provisions of BCP 78 and BCP 79.  This document may contain material
   from IETF Documents or IETF Contributions published or made publicly
   available before November 10, 2008.  The person(s) controlling the
   copyright in some of this material may not have granted the IETF
   Trust the right to allow modifications of such material outside the
   IETF Standards Process.  Without obtaining an adequate license from
   the person(s) controlling the copyright in such materials, this
   document may not be modified outside the IETF Standards Process, and
   derivative works of it may not be created outside the IETF Standards
   Process, except to format it for publication as an RFC or to
   translate it into languages other than English.

   Internet-Drafts are working documents of the Internet Engineering
   Task Force (IETF), its areas, and its working groups.  Note that
   other groups may also distribute working documents as Internet-
   Drafts.

   Internet-Drafts are draft documents valid for a maximum of six months
   and may be updated, replaced, or obsoleted by other documents at any
   time.  It is inappropriate to use Internet-Drafts as reference
   material or to cite them other than as "work in progress."

   The list of current Internet-Drafts can be accessed at
   http://www.ietf.org/ietf/1id-abstracts.txt.

   The list of Internet-Draft Shadow Directories can be accessed at
   http://www.ietf.org/shadow.html.

   This Internet-Draft will expire on September 8, 2009.

Copyright Notice

   Copyright (c) 2009 IETF Trust and the persons identified as the
   document authors.  All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal



Jennings                Expires September 8, 2009               [Page 1]


Internet-Draft                  HTTP SRV                      March 2009


   Provisions Relating to IETF Documents in effect on the date of
   publication of this document (http://trustee.ietf.org/license-info).
   Please review these documents carefully, as they describe your rights
   and restrictions with respect to this document.

Abstract

   This document specifies a new URI scheme called http+srv which uses a
   DNS SRV lookup to locate a HTTP server.  The http+srv scheme operates
   in the same way as an http scheme but instead of the normal DNS
   lookup that a http scheme would use, it first tries an DNS SRV
   lookup.  This memo also defines a https+srv scheme that operates in
   the same was as an https URI but uses DNS SRV lookups.

   The draft is being discussed on the apps-discuss@ietf.org list.

Legal

   This documents and the information contained therein are provided on
   an "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE
   REPRESENTS OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY, THE
   IETF TRUST AND THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL
   WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY
   WARRANTY THAT THE USE OF THE INFORMATION THEREIN WILL NOT INFRINGE
   ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS
   FOR A PARTICULAR PURPOSE.


1.  Introduction

   Web services often define APIs where software running on machine in a
   data center acts as an HTTP client and performs some http
   transactions to another HTTP server.  For example, a portal such as
   Facebook can act as a http client and call specific HTTP-based APIs
   on other http servers.  The reality of current networks is a large
   portion of the hosts have NATed addresses and often can not run on
   port 80.  This is likely to become more common with the deployment of
   Carrier Grade NAT.  DNS SRV records allow a DNS lookup of a name like
   www.example.com to provide both a port and the IP addresses of the
   HTTP server.

   This specification defines two new URI schemes, http+srv, and https+
   srv which are like http and https respectively.  When a http client
   uses one of theses schemes to locate a web server, it starts by doing
   a DNS SRV record lookup and if one is found, uses that result.  If no
   SRV record is found, it falls back to a DNS address (A or AAAA)
   record.  The specification does not update or modify HTTP in any way.




Jennings                Expires September 8, 2009               [Page 2]


Internet-Draft                  HTTP SRV                      March 2009


   It is not expected that most web browsers would support these schemes
   for generic web use.  It would instead be used for particular
   applications using HTTP such as specific web APIs.  These APIs would
   be defined to require the use of this specification.  In this
   situation, the end user's web browser might not do the SRV lookup
   when it browsed to the portal web pages, but the HTTP calls that the
   portal made out to other sites to generate the content would use this
   mechanism.  As such architectures become more common, DNS SRV would
   allow many servers that are just providing an API to run on ports
   other than 80 even though main portal sites may still be running on
   the well known ports.  Eventually, web browsers may end up supporting
   these SRV lookups, as the implementation is trivial and has very
   little downside.

   This technique is useful where users wish to run a web server behind
   a NAT but cannot control which port the NAT will allocate for the
   service.  It is also useful where several users want to run different
   web servers on the same machine.  A third use case for HTTP SRV is a
   situation in which all requests should be sent to a primary server,
   but if that server is down, then requests should fall back to an
   alternative server.


2.  Open Issues

   The big open issue seems to be if one should just update the HTTP
   scheme to do this SRV lookup and not create a new scheme.  The 00
   version of this draft did that.  A new scheme makes this somewhat
   unusable for general web surfing while using the old scheme results
   in a very long transition times where different clients resolve URLs
   in different ways.


3.  Terminology

   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
   "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
   document are to be interpreted as described in RFC 2119 [RFC2119].


4.  Mechanisms

   Applications compliant with this specification MUST perform an SRV
   lookup as specified in [RFC2782] when resolving the host portion of a
   http+srv or https+srv URI.  As defined in the IANA port numbers
   registry, the service names used are _http and _https respectively.
   As described in RFC 2782, if no SRV record is present, the resolution
   will fall back on using other DNS records that would be used by a



Jennings                Expires September 8, 2009               [Page 3]


Internet-Draft                  HTTP SRV                      March 2009


   http scheme as defined in HTTP[RFC2616].  The rest of the http+srv
   URI is processed in the same way as an http URI in RFC 2616 while the
   rest of a https+srv scheme URI is processed the same way as a https
   URI as defined in [RFC2818].


5.  Example

   In the following example, the client will do a lookup on the URI,
   which finds the SRV record that then points at the A record that
   points at the IP address.

   URI: https+srv://example.com
   DNS SRV RR: _https._tcp.example.com. SRV 1 0 8080 host1.example.com.
   DNS A RR:   host1.example.com.       A   192.0.2.88

                                 Figure 1

   In this case the client would form a TCP connection to 192.0.2.88:
   8080 then start TLS over that connection.  Note that the certificate
   in the TLS handshake would be matched to example.com as that was the
   names used in the URI and it would not be matched to
   host1.example.com.


6.  IANA Considerations

   This specification registers two provisional URI schemes.

6.1.  http+srv URI scheme

   URI scheme name:

      http+srv

   Status:

      provisional

   URI scheme syntax:

      Identical to http URI as defined in RFC 2616 but using the 'http+
      srv' protocol identifier in place of the 'http' protocol
      identifier







Jennings                Expires September 8, 2009               [Page 4]


Internet-Draft                  HTTP SRV                      March 2009


   URI scheme semantics:

      See draft-jennings-http-srv

   Encoding considerations:

      No special considerations

   Applications/protocols that use this URI scheme name:

      Applications which need to lookup http servers using DNS SRV

   Interoperability considerations.:

      None known

   Security considerations.:

      Same as http URI.  See RFC 2616

   Contact.:

      Cullen Jennings <fluffy@cisco.com>

   Author/Change controller.:

      Cullen Jennings <fluffy@cisco.com>

    References.:

      draft-jennings-http-srv

      RFC 3986

      RFC 2616

6.2.  https+srv URI scheme

   URI scheme name:

      https+srv

   Status:

      provisional






Jennings                Expires September 8, 2009               [Page 5]


Internet-Draft                  HTTP SRV                      March 2009


   URI scheme syntax:

      Identical to http URI as defined in RFC 2818 but using the 'https+
      srv' protocol identifier in place of the 'https' protocol
      identifier

   URI scheme semantics:

      See draft-jennings-http-srv

   Encoding considerations:

      No special considerations

   Applications/protocols that use this URI scheme name:

      Applications which need to lookup http servers using DNS SRV

   Interoperability considerations.:

      None known

   Security considerations.:

      Same as https URI.  See RFC 2818

   Contact.:

      Cullen Jennings <fluffy@cisco.com>

   Author/Change controller.:

      Cullen Jennings <fluffy@cisco.com>

    References.:

      draft-jennings-http-srv

      RFC 3986

      RFC 2818


7.  Security Considerations

   This introduces no new security considerations beyond the common
   usage of HTTP.  It is analogous to DNS CNAME records that redirect
   address records.



Jennings                Expires September 8, 2009               [Page 6]


Internet-Draft                  HTTP SRV                      March 2009


8.  Acknowledgements

   Variants of this idea has been proposed by many people, including
   Mark Andrews and Thor Kottelin in an internet draft in 2000.  A
   related draft[wood-tae-specifying-uri-transports] discusses selecting
   SCTP for HTTP.

   Some text came from various documents by Ted Hardie.  Thanks to good
   feedback from many people including Ted Hardie, S. Moonesamy, Cyrus
   Daboo, Stefanos Harhalakis, Ray Bellis, John Klensin, and Eran
   Hammer-Lahav.


9.  References

9.1.  Normative References

   [RFC2119]  Bradner, S., "Key words for use in RFCs to Indicate
              Requirement Levels", BCP 14, RFC 2119, March 1997.

   [RFC2616]  Fielding, R., Gettys, J., Mogul, J., Frystyk, H.,
              Masinter, L., Leach, P., and T. Berners-Lee, "Hypertext
              Transfer Protocol -- HTTP/1.1", RFC 2616, June 1999.

   [RFC2782]  Gulbrandsen, A., Vixie, P., and L. Esibov, "A DNS RR for
              specifying the location of services (DNS SRV)", RFC 2782,
              February 2000.

   [RFC2818]  Rescorla, E., "HTTP Over TLS", RFC 2818, May 2000.

9.2.  Informative References

   [wood-tae-specifying-uri-transports]
              Wood, L., "Specifying transport mechanisms for retrieval
              or delivery of URIs",
              draft-wood-tae-specifying-uri-transports-01 (work in
              progress), December 2008.














Jennings                Expires September 8, 2009               [Page 7]


Internet-Draft                  HTTP SRV                      March 2009


Author's Address

   Cullen Jennings
   Cisco Systems
   170 West Tasman Drive
   Mailstop SJC-30
   San Jose, CA  95134
   USA

   Phone:  +1 408 902-3341
   Email:  fluffy@cisco.com








































Jennings                Expires September 8, 2009               [Page 8]


Html markup produced by rfcmarkup 1.129c, available from https://tools.ietf.org/tools/rfcmarkup/