Hi Josh, Yes, the PvD file carries configuration metadata about a network access in general, and this extension allows it to carry proxy details. When asking a proxy server for its own PvD, that lets it tell you more about which proxy protocols it supports and their locations. When asking a network for its PvD, that can allow the network to indicate which proxies are associated with the network.
With regards to the domain lists, totally agreed that adding exclusion sets would be good. That could be easily added as a key! Best, Tommy > On Mar 5, 2024, at 10:23 AM, Josh Cohen <[email protected]> wrote: > > Hi Tommy, Dragana, > > As I'm getting my head wrapped around this proposal, is it fair to view it > as a metadata endpoint for a proxy server? Sort of like a richer OPTIONS > that doesn’t get forwarded by the proxy? > > WRT Split DNS: > > > When present in a PvD Additional Information dictionary that is retrieved > > for a proxy as described in Section 2 > > <https://www.ietf.org/archive/id/draft-pauly-intarea-proxy-config-pvd-02.html#proxy-pvd>, > > domains in > > the dnsZones array indicate specific zones that are accessible using the > > proxy. If a hostname is not included in the > > enumerated zones, then a client SHOULD assume that the hostname will not be > > accessible through the proxy. > > This is great. It is an "inclusion" set, but what about an "exclusion" set? > Eg "use me for everything on the web, except the following internal > domains" > > This will be essential for situations where PVD is used as a replacement for > the JavaScript PAC file, that is discovered through WPAD(NG) or elsewhere. > > With the increasing deployment of IoT devices, they will eventually find > themselves needing to use a proxy server, especially if they are inside an > enterprise. > > Microcontrollers such as Arduino class devices, ESP32 etc, are powerful > enough to act as web clients and servers. However, running a JS engine to > parse the PAC file may require space and computing power that dwarfs that for > the device functionality itself. Eg "I am just a temperature sensor! Why do > I need a JS engine?" > > On the other hand, there are a plethora of Arduino libraries to parse JSON. > > WPAD OG was designed 20 years ago in Web dinosaur times. We now have an > opportunity to have IoT and other devices start off with a more modern, > efficient and secure format, which hopefully will last us the next 20 years. > > Thoughts? > > On Fri, Mar 1, 2024 at 9:36 PM Tommy Pauly <[email protected] > <mailto:[email protected]>> wrote: >> Hello INTAREA, >> >> At IETF 118, we presented our draft on discovering proxies with PvD >> information files. We got good support for working on this, along with some >> feedback for how to improve the format to support more details for the >> proxies, and more explicit indications of proxy protocols. >> >> We’ve just published draft-pauly-intarea-proxy-config-pvd-02 to incorporate >> this feedback: >> >> https://datatracker.ietf.org/doc/draft-pauly-intarea-proxy-config-pvd/ >> https://www.ietf.org/archive/id/draft-pauly-intarea-proxy-config-pvd-02.html >> >> We’d like to continue discussing this at the upcoming IETF 119 meeting, and >> welcome any comments on list! >> >> Best, >> Tommy >> _______________________________________________ >> Int-area mailing list >> [email protected] <mailto:[email protected]> >> https://www.ietf.org/mailman/listinfo/int-area > > > -- > --- > Josh Cohen > > >
_______________________________________________ Int-area mailing list [email protected] https://www.ietf.org/mailman/listinfo/int-area
